Replaced random.random() with secrets.randbits() in the make_response_header method of the DigestAuth class.

.gitignore

@@ -28,5 +28,6 @@ instance
 
 .DS_Store
 .idea
+.scannerwork
 
 excludes

src/flask_digest_auth/auth.py

@@ -24,8 +24,7 @@ from __future__ import annotations
 import sys
 import typing as t
 from functools import wraps
-from random import random
+from secrets import token_urlsafe, randbits
-from secrets import token_urlsafe
 
 from flask import g, request, Response, session, abort, Flask, Request
 from itsdangerous import URLSafeTimedSerializer, BadData
@@ -206,9 +205,10 @@ class DigestAuth:
         """
         opaque: t.Optional[str] = None if not self.use_opaque else \
             (state.opaque if state.opaque is not None
-             else self.serializer.dumps(random(), salt="opaque"))
+             else self.serializer.dumps(randbits(32), salt="opaque"))
         nonce: str = self.serializer.dumps(
-            random(), salt="nonce" if opaque is None else f"nonce-{opaque}")
+            randbits(32),
+            salt="nonce" if opaque is None else f"nonce-{opaque}")
 
         header: str = f"Digest realm=\"{self.realm}\""
         if len(self.domain) > 0: