diff --git a/src/flask_digest_auth/test.py b/src/flask_digest_auth/test.py index aa2b8ee..744239f 100644 --- a/src/flask_digest_auth/test.py +++ b/src/flask_digest_auth/test.py @@ -23,6 +23,7 @@ from typing import Optional, Literal, Tuple, Dict from flask import g from werkzeug.datastructures import Authorization, WWWAuthenticate +from werkzeug.http import parse_set_header from werkzeug.test import TestResponse, Client as WerkzeugClient from flask_digest_auth.algo import calc_response, make_password_hash @@ -118,7 +119,7 @@ class Client(WerkzeugClient): :return: The request authorization. """ qop: Optional[Literal["auth", "auth-int"]] = None - if www_authenticate.qop is not None and "auth" in www_authenticate.qop: + if "auth" in parse_set_header(www_authenticate.get("qop")): qop = "auth" cnonce: Optional[str] = None diff --git a/tests/test_auth.py b/tests/test_auth.py index 2c5efec..b404c0b 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -158,7 +158,7 @@ class AuthenticationTestCase(TestCase): self.assertEqual(response.status_code, 401) www_authenticate = response.www_authenticate self.assertEqual(www_authenticate.type, "digest") - self.assertEqual(www_authenticate.stale, None) + self.assertIsNone(www_authenticate.get("stale")) opaque: str = www_authenticate.opaque www_authenticate.nonce = "bad" @@ -167,7 +167,7 @@ class AuthenticationTestCase(TestCase): response = super(Client, self.client).get(admin_uri, auth=auth_data) self.assertEqual(response.status_code, 401) www_authenticate = response.www_authenticate - self.assertEqual(www_authenticate.stale, True) + self.assertEqual(www_authenticate.get("stale"), "TRUE") self.assertEqual(www_authenticate.opaque, opaque) auth_data = Client.make_authorization( @@ -175,7 +175,7 @@ class AuthenticationTestCase(TestCase): response = super(Client, self.client).get(admin_uri, auth=auth_data) self.assertEqual(response.status_code, 401) www_authenticate = response.www_authenticate - self.assertEqual(www_authenticate.stale, False) + self.assertEqual(www_authenticate.get("stale"), "FALSE") self.assertEqual(www_authenticate.opaque, opaque) auth_data = Client.make_authorization( diff --git a/tests/test_flask_login.py b/tests/test_flask_login.py index b636a10..a2f7e39 100644 --- a/tests/test_flask_login.py +++ b/tests/test_flask_login.py @@ -195,7 +195,7 @@ class FlaskLoginTestCase(TestCase): self.assertEqual(response.status_code, 401) www_authenticate = response.www_authenticate self.assertEqual(www_authenticate.type, "digest") - self.assertEqual(www_authenticate.stale, None) + self.assertIsNone(www_authenticate.get("stale")) opaque: str = www_authenticate.opaque if hasattr(g, "_login_user"): @@ -206,7 +206,7 @@ class FlaskLoginTestCase(TestCase): response = super(Client, self.client).get(admin_uri, auth=auth_data) self.assertEqual(response.status_code, 401) www_authenticate = response.www_authenticate - self.assertEqual(www_authenticate.stale, True) + self.assertEqual(www_authenticate.get("stale"), "TRUE") self.assertEqual(www_authenticate.opaque, opaque) if hasattr(g, "_login_user"): @@ -216,7 +216,7 @@ class FlaskLoginTestCase(TestCase): response = super(Client, self.client).get(admin_uri, auth=auth_data) self.assertEqual(response.status_code, 401) www_authenticate = response.www_authenticate - self.assertEqual(www_authenticate.stale, False) + self.assertEqual(www_authenticate.get("stale"), "FALSE") self.assertEqual(www_authenticate.opaque, opaque) if hasattr(g, "_login_user"):