kennethreitz/httpbin
1
0
Fork 0
mirror of https://github.com/kennethreitz/httpbin.git synced 2026-06-05 06:46:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

send digest-auth challenge if wrong authorization type sent

Browse Source
This commit is contained in:
Nate Prewitt
2018-01-27 17:56:09 -08:00
parent 96c5e71c8e
commit 82d7408267
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
test_httpbin.py
+14
View File
@@ -306,6 +306,20 @@ class HttpbinTestCase(unittest.TestCase):
for stale_after in (None, 1, 4) if algorithm else (None,) :
self._test_digest_auth(username, password, qop, algorithm, body, stale_after)
def test_digest_auth_with_wrong_authorization_type(self):
"""Sending an non-digest Authorization header to /digest-auth should return a 401"""
auth_headers = (
('Authorization', 'Basic 1234abcd'),
('Authorization', ''),
('', '')
)
for header in auth_headers:
response = self.app.get(
'/digest-auth/auth/myname/mysecret',
headers={header[0]: header[1]}
)
self.assertEqual(response.status_code, 401)
def _test_digest_auth(self, username, password, qop, algorithm=None, body=None, stale_after=None):
uri = self._digest_auth_create_uri(username, password, qop, algorithm, stale_after)