public void OmitsWwwAuthenticateHeaderOn401FromXmlHttpRequest()
{
//Arrange
var response = new HttpResponseMessage(HttpStatusCode.Unauthorized) { RequestMessage = new HttpRequestMessage() };
response.RequestMessage.Headers.Add("X-REQUESTED-WITH", "XmlHttpRequest");
//Act
var handler = new DigestAuthMessageHandler();
handler.OnOutboundResponse(response, new CancellationToken());
//Assert
CollectionAssert.IsEmpty(response.Headers.WwwAuthenticate);
}
public void SetsWwwAuthenticateHeaderOn401()
{
//Arrange
var response = new HttpResponseMessage(HttpStatusCode.Unauthorized) { RequestMessage = new HttpRequestMessage() };
//Act
var handler = new DigestAuthMessageHandler();
handler.OnOutboundResponse(response, new CancellationToken());
//Assert
Assert.AreEqual("Digest", response.Headers.WwwAuthenticate.First().Scheme);
Assert.IsTrue(response.Headers.WwwAuthenticate.First().Parameter.Contains("realm=\"DNNAPI\""));
}
