diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2016-06-24 11:29:13 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-06-24 11:29:13 +0800 |
commit | ce77dd4bc48d55d666afe69cef0c03444392bdef (patch) | |
tree | 7a4e991375b4be343b03c7af655bc985ebf2b68f | |
parent | 8ebe20c80ffabc7cbf797999e74baeb3315673fa (diff) | |
parent | 390d87a1b48643fcd34cdf7bd045cc60e1f4c1dd (diff) | |
download | rack-ce77dd4bc48d55d666afe69cef0c03444392bdef.tar.gz |
Merge pull request #1030 from gjtorikian/dont-break-on-nil-header
Dont break on `nil` Authorization header
-rw-r--r-- | lib/rack/auth/abstract/request.rb | 6 | ||||
-rw-r--r-- | test/spec_auth_basic.rb | 7 |
2 files changed, 12 insertions, 1 deletions
diff --git a/lib/rack/auth/abstract/request.rb b/lib/rack/auth/abstract/request.rb index 80d1c272..b738cc98 100644 --- a/lib/rack/auth/abstract/request.rb +++ b/lib/rack/auth/abstract/request.rb @@ -13,7 +13,11 @@ module Rack end def provided? - !authorization_key.nil? + !authorization_key.nil? && valid? + end + + def valid? + !@env[authorization_key].nil? end def parts diff --git a/test/spec_auth_basic.rb b/test/spec_auth_basic.rb index 1e19bf66..45d28576 100644 --- a/test/spec_auth_basic.rb +++ b/test/spec_auth_basic.rb @@ -75,6 +75,13 @@ describe Rack::Auth::Basic do end end + it 'return 401 Bad Request for a nil authorization header' do + request 'HTTP_AUTHORIZATION' => nil do |response| + response.must_be :client_error? + response.status.must_equal 401 + end + end + it 'takes realm as optional constructor arg' do app = Rack::Auth::Basic.new(unprotected_app, realm) { true } realm.must_equal app.realm |