Move noncebit to the only place it is used

Since we only allow for "auth" qop-value, hardcode it Fixes #2408
author: Ian Cordasco <graffatcolmingov@gmail.com> 2015-01-19 18:50:50 -0600
committer: Ian Cordasco <graffatcolmingov@gmail.com> 2015-01-19 18:50:50 -0600
commit: 677bbe30d7b26b006d8b38107e1db9cbd429ac2f (patch)
tree: 0b27b99e0dcd82f005a4b19cc55faf256a8bc813
parent: d2d576b6b1101e2871c82f63adf2c2b534c2dabc (diff)
download: python-requests-677bbe30d7b26b006d8b38107e1db9cbd429ac2f.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/requests/auth.py b/requests/auth.py
index b950181d..d1c48251 100644
--- a/requests/auth.py
+++ b/requests/auth.py
@@ -124,13 +124,15 @@ class HTTPDigestAuth(AuthBase):
         s += os.urandom(8)
 
         cnonce = (hashlib.sha1(s).hexdigest()[:16])
-        noncebit = "%s:%s:%s:%s:%s" % (nonce, ncvalue, cnonce, qop, HA2)
         if _algorithm == 'MD5-SESS':
             HA1 = hash_utf8('%s:%s:%s' % (HA1, nonce, cnonce))
 
         if qop is None:
             respdig = KD(HA1, "%s:%s" % (nonce, HA2))
         elif qop == 'auth' or 'auth' in qop.split(','):
+            noncebit = "%s:%s:%s:%s:%s" % (
+                nonce, ncvalue, cnonce, 'auth', HA2
+                )
             respdig = KD(HA1, noncebit)
         else:
             # XXX handle auth-int.
author	Ian Cordasco <graffatcolmingov@gmail.com>	2015-01-19 18:50:50 -0600
committer	Ian Cordasco <graffatcolmingov@gmail.com>	2015-01-19 18:50:50 -0600
commit	677bbe30d7b26b006d8b38107e1db9cbd429ac2f (patch)
tree	0b27b99e0dcd82f005a4b19cc55faf256a8bc813
parent	d2d576b6b1101e2871c82f63adf2c2b534c2dabc (diff)
download	python-requests-677bbe30d7b26b006d8b38107e1db9cbd429ac2f.tar.gz