class werkzeug.Authorization(auth_type, data=None)[source]

Represents an Authorization header sent by the client. You should not create this kind of object yourself but use it when it’s returned by the parse_authorization_header function.

This object is a dict subclass and can be altered by setting dict items but it should be considered immutable as it’s returned by the client and not meant for modifications.

Changed in version 0.5: This object became immutable.


__init__(auth_type[, data])
copy(() -> a shallow copy of D)
fromkeys(keys[, value])
get((k[,d]) -> D[k] if k in D, ...)
has_key((k) -> True if D has a key k, else False)
items(() -> list of D’s (key, value) pairs, ...)
iteritems(() -> an iterator over the (key, ...)
iterkeys(() -> an iterator over the keys of D)
keys(() -> list of D’s keys)
pop(key[, default])
setdefault(key[, default])
update(*args, **kwargs)
values(() -> list of D’s values)


cnonce If the server sent a qop-header in the WWW-Authenticate header, the client has to provide this value for HTTP digest auth.
nc The nonce count value transmitted by clients if a qop-header is also transmitted.
nonce The nonce the server sent for digest auth, sent back by the client.
opaque The opaque header from the server returned unchanged by the client.
password When the authentication type is basic this is the password transmitted by the client, else None.
qop Indicates what “quality of protection” the client has applied to the message for HTTP digest auth.
realm This is the server realm sent back for HTTP digest auth.
response A string of 32 hex digits computed as defined in RFC 2617, which proves that the user knows a password.
uri The URI from Request-URI of the Request-Line; duplicated because proxies are allowed to change the Request-Line in transit.
username The username transmitted.