1 files changed, 16 insertions, 9 deletions

diff --git a/wsgitools/digest.py b/wsgitools/digest.py
index cbb902e..53b7dea 100644
--- a/wsgitools/digest.py
+++ b/wsgitools/digest.py
@@ -720,11 +720,8 @@ class AuthDigestMiddleware:
             if response is None or response != credresponse:
                 raise AuthenticationRequired("wrong response")
 
-        except StaleNonce:
-            return self.authorization_required(environ, start_response,
-                                               stale=True)
-        except AuthenticationRequired:
-            return self.authorization_required(environ, start_response)
+        except AuthenticationRequired, exc:
+            return self.authorization_required(environ, start_response, exc)
         else:
             environ["REMOTE_USER"] = credentials["username"]
             def modified_start_response(status, headers, exc_info=None):
@@ -773,18 +770,28 @@ class AuthDigestMiddleware:
         dig.insert(0, a1h)
         return self.algorithms[algo](":".join(dig))
 
-    def authorization_required(self, environ, start_response, stale=False):
-        """internal method implementing wsgi interface, serving 401 page"""
+    def www_authenticate(self, exception):
+        """Generates a WWW-Authenticate header.
+
+        @type exception: AuthenticationRequired
+        @param exception: reason for generating the header
+        @rtype: (str, str)
+        @returns: the header as (part_before_colon, part_after_colon)
+        """
         digest = dict(nonce=self.noncestore.newnonce(),
                       realm=self.gentoken.realm,
                       algorithm="md5",
                       qop="auth")
-        if stale:
+        if isinstance(exception, StaleNonce):
             digest["stale"] = "TRUE"
         challenge = ", ".join(map('%s="%s"'.__mod__, digest.items()))
+        return ("WWW-Authenticate", "Digest %s" % challenge)
+
+    def authorization_required(self, environ, start_response, exception):
+        """internal method implementing wsgi interface, serving 401 page"""
         status = "401 Not authorized"
         headers = [("Content-type", "text/html"),
-                   ("WWW-Authenticate", "Digest %s" % challenge)]
+                   self.www_authenticate(exception)]
         data = "<html><head><title>401 Not authorized</title></head><body><h1>"
         data += "401 Not authorized</h1></body></html>"
         headers.append(("Content-length", str(len(data))))