Skip to content

Commit

Permalink
Quote qop values in digest auth.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Lukasa
Lukasa committed Nov 29, 2013
1 parent 8477355 commit fecb35a
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
4 changes: 2 additions & 2 deletions requests/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ def sha_utf8(x):

A1 = '%s:%s:%s' % (self.username, realm, self.password)
A2 = '%s:%s' % (method, path)

HA1 = hash_utf8(A1)
HA2 = hash_utf8(A2)

Expand Down Expand Up @@ -144,7 +144,7 @@ def sha_utf8(x):
if entdig:
base += ', digest="%s"' % entdig
if qop:
base += ', qop=auth, nc=%s, cnonce="%s"' % (ncvalue, cnonce)
base += ', qop="auth", nc=%s, cnonce="%s"' % (ncvalue, cnonce)

return 'Digest %s' % (base)

Expand Down
8 changes: 8 additions & 0 deletions test_requests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -320,6 +320,14 @@ def test_DIGESTAUTH_WRONG_HTTP_401_GET(self):
r = s.get(url)
assert r.status_code == 401

def test_DIGESTAUTH_QUOTES_QOP_VALUE(self):

auth = HTTPDigestAuth('user', 'pass')
url = httpbin('digest-auth', 'auth', 'user', 'pass')

r = requests.get(url, auth=auth)
assert '"auth"' in r.request.headers['Authorization']

def test_POSTBIN_GET_POST_FILES(self):

url = httpbin('post')
Expand Down

0 comments on commit fecb35a

Please sign in to comment.