1 files changed, 13 insertions, 4 deletions

diff --git a/actionpack/test/controller/http_digest_authentication_test.rb b/actionpack/test/controller/http_digest_authentication_test.rb
index b11ad633bd..9f1c168209 100644
--- a/actionpack/test/controller/http_digest_authentication_test.rb
+++ b/actionpack/test/controller/http_digest_authentication_test.rb
@@ -1,9 +1,10 @@
 require 'abstract_unit'
+require 'active_support/key_generator'
 
 class HttpDigestAuthenticationTest < ActionController::TestCase
   class DummyDigestController < ActionController::Base
-    before_filter :authenticate, :only => :index
-    before_filter :authenticate_with_request, :only => :display
+    before_action :authenticate, only: :index
+    before_action :authenticate_with_request, only: :display
 
     USERS = { 'lifo' => 'world', 'pretty' => 'please',
               'dhh' => ::Digest::MD5::hexdigest(["dhh","SuperSecret","secret"].join(":"))}
@@ -40,8 +41,8 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
 
   setup do
     # Used as secret in generating nonce to prevent tampering of timestamp
-    @secret = "session_options_secret"
-    @request.env["action_dispatch.secret_token"] = @secret
+    @secret = "4fb45da9e4ab4ddeb7580d6a35503d99"
+    @request.env["action_dispatch.key_generator"] = ActiveSupport::LegacyKeyGenerator.new(@secret)
   end
 
   teardown do
@@ -247,6 +248,14 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
     assert_equal 'Definitely Maybe', @response.body
   end
 
+  test "when sent a basic auth header, returns Unauthorized" do
+    @request.env['HTTP_AUTHORIZATION'] = 'Basic Gwf2aXq8ZLF3Hxq='
+
+    get :display
+
+    assert_response :unauthorized
+  end
+
   private
 
   def encode_credentials(options)