Handle empty scopes and always send the WWW-Authenticate header, as per spec

Fixes #1045
2015-12-09 15:07:37 -05:00 · 2015-12-09 15:07:37 -05:00 · ca7d36bf14
commit ca7d36bf14
parent c8f43ed08e
10 changed files with 47 additions and 41 deletions
--- a/test/registry_tests.py
+++ b/test/registry_tests.py
@ -1193,6 +1193,9 @@ class V1LoginTests(V1RegistryLoginMixin, LoginTests, RegistryTestCaseMixin, Base
 class V2LoginTests(V2RegistryLoginMixin, LoginTests, RegistryTestCaseMixin, BaseRegistryMixin, LiveServerTestCase):
  """ Tests for V2 login. """

+  def test_nouser_noscope(self):
+    self.do_login('', '', expected_code=401, scope='')
+
  def test_validuser_unknownrepo(self):
    self.do_login('devtable', 'password', expect_success=False,
                  scope='repository:invalidnamespace/simple:pull')