MCPcopy
hub / github.com/encode/httpx / test_digest_auth_rfc_7616_md5

Function test_digest_auth_rfc_7616_md5

tests/test_auth.py:191–248  ·  view source on GitHub ↗
(monkeypatch)

Source from the content-addressed store, hash-verified

189
190
191def test_digest_auth_rfc_7616_md5(monkeypatch):
192 # Example from https://datatracker.ietf.org/doc/html/rfc7616#section-3.9.1
193
194 def mock_get_client_nonce(nonce_count: int, nonce: bytes) -> bytes:
195 return "f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ".encode()
196
197 auth = httpx.DigestAuth(username="Mufasa", password="Circle of Life")
198 monkeypatch.setattr(auth, "_get_client_nonce", mock_get_client_nonce)
199
200 request = httpx.Request("GET", "https://www.example.com/dir/index.html")
201
202 # The initial request should not include an auth header.
203 flow = auth.sync_auth_flow(request)
204 request = next(flow)
205 assert "Authorization" not in request.headers
206
207 # If a 401 response is returned, then a digest auth request is made.
208 headers = {
209 "WWW-Authenticate": (
210 'Digest realm="http-auth@example.org", '
211 'qop="auth, auth-int", '
212 "algorithm=MD5, "
213 'nonce="7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v", '
214 'opaque="FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS"'
215 )
216 }
217 response = httpx.Response(
218 content=b"Auth required", status_code=401, headers=headers, request=request
219 )
220 request = flow.send(response)
221 assert request.headers["Authorization"].startswith("Digest")
222 assert 'username="Mufasa"' in request.headers["Authorization"]
223 assert 'realm="http-auth@example.org"' in request.headers["Authorization"]
224 assert 'uri="/dir/index.html"' in request.headers["Authorization"]
225 assert "algorithm=MD5" in request.headers["Authorization"]
226 assert (
227 'nonce="7ypf/xlj9XXwfDPEoM4URrv/xwf94BcCAzFZH4GiTo0v"'
228 in request.headers["Authorization"]
229 )
230 assert "nc=00000001" in request.headers["Authorization"]
231 assert (
232 'cnonce="f2/wE4q74E6zIJEtWaHKaf5wv/H5QzzpXusqGemxURZJ"'
233 in request.headers["Authorization"]
234 )
235 assert "qop=auth" in request.headers["Authorization"]
236 assert (
237 'opaque="FQhe/qaU925kfnzjCev0ciny7QMkPqMAFRtzCUYo5tdS"'
238 in request.headers["Authorization"]
239 )
240 assert (
241 'response="8ca523f5e9506fed4657c9700eebdbec"'
242 in request.headers["Authorization"]
243 )
244
245 # No other requests are made.
246 response = httpx.Response(content=b"Hello, world!", status_code=200)
247 with pytest.raises(StopIteration):
248 flow.send(response)

Callers

nothing calls this directly

Calls 2

sync_auth_flowMethod · 0.45
sendMethod · 0.45

Tested by

no test coverage detected