Http2: fix 401 authentication required w/o challenge

The code did not handle the path where we didn't have a challenge.
We cannot recover from that so we just have to fail the request.

Amends fe1b668861e8a3ef99e126821fcd3eeaa6044b54

Pick-to: 6.7 6.6 6.6.2 6.5 6.2
Fixes: QTBUG-121515
Change-Id: Ie39a92e7439785a09cad28e8f81599a51de5e27f
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>

1 files changed, 8 insertions, 0 deletions

diff --git a/tests/auto/network/access/http2/http2srv.cpp b/tests/auto/network/access/http2/http2srv.cpp
index f98fed0322..dd2c3d613c 100644
--- a/tests/auto/network/access/http2/http2srv.cpp
+++ b/tests/auto/network/access/http2/http2srv.cpp
@@ -105,6 +105,12 @@ void Http2Server::setAuthenticationHeader(const QByteArray &authentication)
     authenticationHeader = authentication;
 }
 
+void Http2Server::setAuthenticationRequired(bool enable)
+{
+    Q_ASSERT(!enable || authenticationHeader.isEmpty());
+    authenticationRequired = enable;
+}
+
 void Http2Server::setRedirect(const QByteArray &url, int count)
 {
     redirectUrl = url;
@@ -860,6 +866,8 @@ void Http2Server::sendResponse(quint32 streamID, bool emptyBody)
     } else if (!authenticationHeader.isEmpty() && !hasAuth) {
         header.push_back({ ":status", "401" });
         header.push_back(HPack::HeaderField("www-authenticate", authenticationHeader));
+    } else if (authenticationRequired) {
+        header.push_back({ ":status", "401" });
     } else {
         header.push_back({":status", "200"});
     }