Skip to content

Commit c05bc04

Browse files
committed
test(auth): cover escaped WWW-Authenticate values
1 parent 2e2e819 commit c05bc04

1 file changed

Lines changed: 16 additions & 0 deletions

File tree

tests/client/test_auth.py

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2150,6 +2150,22 @@ def test_extract_field_from_www_auth_ignores_quoted_value_when_only_decoy_exists
21502150
result = extract_field_from_www_auth(init_response, "scope")
21512151
assert result is None
21522152

2153+
def test_extract_field_from_www_auth_handles_escaped_quote_inside_quoted_value(
2154+
self,
2155+
client_metadata: OAuthClientMetadata,
2156+
mock_storage: MockTokenStorage,
2157+
):
2158+
"""Test escaped characters inside a quoted value do not break splitting."""
2159+
2160+
init_response = httpx.Response(
2161+
status_code=401,
2162+
headers={"WWW-Authenticate": 'Bearer realm="api \\"scope\\", still realm", scope="read write"'},
2163+
request=httpx.Request("GET", "https://api.example.com/test"),
2164+
)
2165+
2166+
result = extract_field_from_www_auth(init_response, "scope")
2167+
assert result == "read write"
2168+
21532169
def test_extract_resource_metadata_from_www_auth_ignores_quoted_value_decoy(
21542170
self,
21552171
client_metadata: OAuthClientMetadata,

0 commit comments

Comments
 (0)