/// <summary>
        /// Initializes a new instance of the <see cref="DigestAuthenticationBehavior"/> class.
        /// </summary>
        /// <param name="authorizationManager">The authorization manager.</param>
        public DigestAuthenticationBehavior(IAuthorizationManager authorizationManager)
        {
            if (authorizationManager == null)
            {
                throw new HttpResponseException(HttpStatusCode.InternalServerError, Resources.Global.MissingAuthorizationManager);
            }

            NonceLifetime = TimeSpan.FromSeconds(DefaultNonceLifeTimeInSeconds);
            Qop = QualityOfProtection.Auth;

            m_authorizationManager = authorizationManager;
            m_encoder = new MD5Encoder();
            m_encryptor = new RijndaelEncryptor();
        }
        public void RequestUsingDigestWithAuthShouldNotThrow()
        {
            ISecureServiceBehavior behavior = new DigestAuthenticationBehavior(new TestAuthorizationManager());

            string authorizationHeaderString;

            try
            {
                // creating initial unauthorized context
                IServiceContext initialContext = GenerateInitialContext();

                try
                {
                    behavior.OnMethodAuthorizing(initialContext, null);
                    Assert.Fail();
                }
                catch (HttpResponseException ex)
                {
                    Assert.That(ex.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
                }

                // generating authorization header
                string authenticateHeaderString = initialContext.Response.GetHeader("WWW-Authenticate");
                Assert.That(authenticateHeaderString, Is.Not.Null);
                Assert.That(authenticateHeaderString, Is.StringStarting("Digest"));

                authorizationHeaderString = String.Format("Digest {0} username=\"{1}\", cnonce=\"{2}\", nc=\"{3}\", uri=\"{4}\"",
                                                                 authenticateHeaderString.Replace("Digest ", String.Empty),
                                                                 UserName,
                                                                 ClientNonce,
                                                                 NonceCount,
                                                                 ServiceUri);
            }
            finally
            {
                MockContextManager.DestroyContext();
            }

            AuthorizationHeader authorizationHeader;
            Assert.That(AuthorizationHeaderParser.TryParse(authorizationHeaderString, out authorizationHeader));

            // generating digest response
            string response;

            using (var encoder = new MD5Encoder())
            {
                string ha1 = encoder.Encode(String.Format("{0}:{1}:{2}", UserName, authorizationHeader.Parameters.Get("realm"), Password));
                string ha2 = encoder.Encode(String.Format("{0}:{1}", "POST", ServiceUri));

                response = encoder.Encode(String.Format("{0}:{1}:{2}:{3}:{4}:{5}", ha1, authorizationHeader.Parameters.Get("nonce"), NonceCount, ClientNonce, "auth", ha2));
            }

            try
            {
                // creating authorized context
                IServiceContext authorizedContext = GenerateAuthorizedContext(authorizationHeaderString, response);
                behavior.OnMethodAuthorizing(authorizedContext, null);
            }
            finally
            {
                MockContextManager.DestroyContext();
            }
        }