From 35534d46bef472b1d1cb19ee4c5949823053da2a Mon Sep 17 00:00:00 2001
From: Tomasz Kramkowski <tomasz@kramkow.ski>
Date: Mon, 27 Mar 2023 18:46:16 +0100
Subject: Respond to auth failures with WWW-Authenticate

---
 tests/middleware/test_authenticate.py | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'tests/middleware')

diff --git a/tests/middleware/test_authenticate.py b/tests/middleware/test_authenticate.py
index 28ccef2..2395316 100644
--- a/tests/middleware/test_authenticate.py
+++ b/tests/middleware/test_authenticate.py
@@ -53,6 +53,7 @@ def test_authenticate_no_header(app, method, monkeypatch):
     assert response.data == b"401 Unauthorized\n"
     assert response.status == "401 Unauthorized"
     assert ("Content-Type", "text/plain") in response.headers
+    assert ("WWW-Authenticate", "APIKey") in response.headers
 
 
 @pytest.mark.parametrize("method", ["POST", "PUT", "DELETE"])
@@ -64,6 +65,7 @@ def test_authenticate_malformed_key(app, method, key, monkeypatch):
     assert response.data == b"401 Unauthorized\n"
     assert response.status == "401 Unauthorized"
     assert ("Content-Type", "text/plain") in response.headers
+    assert ("WWW-Authenticate", "APIKey") in response.headers
 
 
 @pytest.mark.parametrize("method", ["POST", "PUT", "DELETE"])
@@ -89,6 +91,7 @@ def test_authenticate_check_token_fail(app, method, monkeypatch):
     assert response.data == b"401 Unauthorized\n"
     assert response.status == "401 Unauthorized"
     assert ("Content-Type", "text/plain") in response.headers
+    assert ("WWW-Authenticate", "APIKey") in response.headers
 
 
 @pytest.mark.parametrize("method", ["POST", "PUT", "DELETE"])
-- 
cgit v1.2.3-54-g00ecf