Revised the code that handles the "qop" and "stale" parameters of the "WWW-Authenticate" response HTTP header for the upcoming Werkzeug 2.4.

src/flask_digest_auth/test.py

@@ -23,6 +23,7 @@ from typing import Optional, Literal, Tuple, Dict
 
 from flask import g
 from werkzeug.datastructures import Authorization, WWWAuthenticate
+from werkzeug.http import parse_set_header
 from werkzeug.test import TestResponse, Client as WerkzeugClient
 
 from flask_digest_auth.algo import calc_response, make_password_hash
@@ -118,7 +119,7 @@ class Client(WerkzeugClient):
         :return: The request authorization.
         """
         qop: Optional[Literal["auth", "auth-int"]] = None
-        if www_authenticate.qop is not None and "auth" in www_authenticate.qop:
+        if "auth" in parse_set_header(www_authenticate.get("qop")):
             qop = "auth"
 
         cnonce: Optional[str] = None

tests/test_auth.py

@@ -158,7 +158,7 @@ class AuthenticationTestCase(TestCase):
         self.assertEqual(response.status_code, 401)
         www_authenticate = response.www_authenticate
         self.assertEqual(www_authenticate.type, "digest")
-        self.assertEqual(www_authenticate.stale, None)
+        self.assertIsNone(www_authenticate.get("stale"))
         opaque: str = www_authenticate.opaque
 
         www_authenticate.nonce = "bad"
@@ -167,7 +167,7 @@ class AuthenticationTestCase(TestCase):
         response = super(Client, self.client).get(admin_uri, auth=auth_data)
         self.assertEqual(response.status_code, 401)
         www_authenticate = response.www_authenticate
-        self.assertEqual(www_authenticate.stale, True)
+        self.assertEqual(www_authenticate.get("stale"), "TRUE")
         self.assertEqual(www_authenticate.opaque, opaque)
 
         auth_data = Client.make_authorization(
@@ -175,7 +175,7 @@ class AuthenticationTestCase(TestCase):
         response = super(Client, self.client).get(admin_uri, auth=auth_data)
         self.assertEqual(response.status_code, 401)
         www_authenticate = response.www_authenticate
-        self.assertEqual(www_authenticate.stale, False)
+        self.assertEqual(www_authenticate.get("stale"), "FALSE")
         self.assertEqual(www_authenticate.opaque, opaque)
 
         auth_data = Client.make_authorization(

tests/test_flask_login.py

@@ -195,7 +195,7 @@ class FlaskLoginTestCase(TestCase):
         self.assertEqual(response.status_code, 401)
         www_authenticate = response.www_authenticate
         self.assertEqual(www_authenticate.type, "digest")
-        self.assertEqual(www_authenticate.stale, None)
+        self.assertIsNone(www_authenticate.get("stale"))
         opaque: str = www_authenticate.opaque
 
         if hasattr(g, "_login_user"):
@@ -206,7 +206,7 @@ class FlaskLoginTestCase(TestCase):
         response = super(Client, self.client).get(admin_uri, auth=auth_data)
         self.assertEqual(response.status_code, 401)
         www_authenticate = response.www_authenticate
-        self.assertEqual(www_authenticate.stale, True)
+        self.assertEqual(www_authenticate.get("stale"), "TRUE")
         self.assertEqual(www_authenticate.opaque, opaque)
 
         if hasattr(g, "_login_user"):
@@ -216,7 +216,7 @@ class FlaskLoginTestCase(TestCase):
         response = super(Client, self.client).get(admin_uri, auth=auth_data)
         self.assertEqual(response.status_code, 401)
         www_authenticate = response.www_authenticate
-        self.assertEqual(www_authenticate.stale, False)
+        self.assertEqual(www_authenticate.get("stale"), "FALSE")
         self.assertEqual(www_authenticate.opaque, opaque)
 
         if hasattr(g, "_login_user"):