Merge pull request #1064 from r0fls/1061

double quotes in unauthorized exception per rfc7230
This commit is contained in:
Raphael Deem 2017-12-21 18:59:41 -08:00 committed by GitHub
commit 04b04f094c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 6 deletions

View File

@ -263,7 +263,7 @@ class Unauthorized(SanicException):
# if auth-scheme is specified, set "WWW-Authenticate" header # if auth-scheme is specified, set "WWW-Authenticate" header
if scheme is not None: if scheme is not None:
values = ["{!s}={!r}".format(k, v) for k, v in kwargs.items()] values = ['{!s}="{!s}"'.format(k, v) for k, v in kwargs.items()]
challenge = ', '.join(values) challenge = ', '.join(values)
self.headers = { self.headers = {

View File

@ -138,7 +138,7 @@ def test_unauthorized_exception(exception_app):
request, response = exception_app.test_client.get('/401/basic') request, response = exception_app.test_client.get('/401/basic')
assert response.status == 401 assert response.status == 401
assert response.headers.get('WWW-Authenticate') is not None assert response.headers.get('WWW-Authenticate') is not None
assert response.headers.get('WWW-Authenticate') == "Basic realm='Sanic'" assert response.headers.get('WWW-Authenticate') == 'Basic realm="Sanic"'
request, response = exception_app.test_client.get('/401/digest') request, response = exception_app.test_client.get('/401/digest')
assert response.status == 401 assert response.status == 401
@ -146,10 +146,10 @@ def test_unauthorized_exception(exception_app):
auth_header = response.headers.get('WWW-Authenticate') auth_header = response.headers.get('WWW-Authenticate')
assert auth_header is not None assert auth_header is not None
assert auth_header.startswith('Digest') assert auth_header.startswith('Digest')
assert "qop='auth, auth-int'" in auth_header assert 'qop="auth, auth-int"' in auth_header
assert "algorithm='MD5'" in auth_header assert 'algorithm="MD5"' in auth_header
assert "nonce='abcdef'" in auth_header assert 'nonce="abcdef"' in auth_header
assert "opaque='zyxwvu'" in auth_header assert 'opaque="zyxwvu"' in auth_header
request, response = exception_app.test_client.get('/401/bearer') request, response = exception_app.test_client.get('/401/bearer')
assert response.status == 401 assert response.status == 401