apache · arturobernalg · Sep 14, 2025 · Aug 28, 2025
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/DigestScheme.java b/httpclient5/src/main/java/org/apache/hc/client5/http/impl/auth/DigestScheme.java
@@ -471,7 +471,6 @@ private String createDigestResponse(final HttpRequest request) throws Authentica
             params.add(new BasicNameValuePair("qop", qop == QualityOfProtection.AUTH_INT ? "auth-int" : "auth"));
             params.add(new BasicNameValuePair("nc", nc));
             params.add(new BasicNameValuePair("cnonce", cnonce));
-            params.add(new BasicNameValuePair("rspauth", hasha2));
         }
         if (algorithm != null) {
             params.add(new BasicNameValuePair("algorithm", algorithm));

diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestDigestScheme.java b/httpclient5/src/test/java/org/apache/hc/client5/http/impl/auth/TestDigestScheme.java
@@ -903,7 +903,7 @@ void testDigestAuthenticationWithNonAsciiUsername() throws Exception {
     }
 
     @Test
-    void testRspAuthFieldAndQuoting() throws Exception {
+    void testRspAuthFieldNotPresentClient() throws Exception {
         final ClassicHttpRequest request = new BasicClassicHttpRequest("POST", "/");
         final HttpHost host = new HttpHost("somehost", 80);
         final CredentialsProvider credentialsProvider = CredentialsProviderBuilder.create()
@@ -921,7 +921,8 @@ void testRspAuthFieldAndQuoting() throws Exception {
 
         final Map<String, String> table = parseAuthResponse(authResponse);
 
-        Assertions.assertNotNull(table.get("rspauth"));
+        Assertions.assertNotNull(table);
+        Assertions.assertNull(table.get("rspauth"));
     }
 
     @Test