From 67803d2f419c067cc9043ad26173bceea2467d89 Mon Sep 17 00:00:00 2001
From: Hao Kung <haok@microsoft.com>
Date: Wed, 5 Aug 2015 12:15:45 -0700
Subject: [PATCH] Challenge now always checks for accept

---
 .../Authentication/DefaultAuthenticationManager.cs    |  5 ++---
 .../DefaultAuthenticationManagerTests.cs              | 11 ++++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/Microsoft.AspNet.Http/Authentication/DefaultAuthenticationManager.cs b/src/Microsoft.AspNet.Http/Authentication/DefaultAuthenticationManager.cs
index d0cec090c0..821a67395a 100644
--- a/src/Microsoft.AspNet.Http/Authentication/DefaultAuthenticationManager.cs
+++ b/src/Microsoft.AspNet.Http/Authentication/DefaultAuthenticationManager.cs
@@ -72,8 +72,7 @@ namespace Microsoft.AspNet.Http.Authentication.Internal
                 await handler.ChallengeAsync(challengeContext);
             }
 
-            // The default Challenge with no scheme is always accepted
-            if (!challengeContext.Accepted && !string.IsNullOrEmpty(authenticationScheme))
+            if (!challengeContext.Accepted)
             {
                 throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");
             }
@@ -105,7 +104,7 @@ namespace Microsoft.AspNet.Http.Authentication.Internal
                 await handler.SignOutAsync(signOutContext);
             }
 
-            if (!string.IsNullOrWhiteSpace(authenticationScheme) && !signOutContext.Accepted)
+            if (!signOutContext.Accepted)
             {
                 throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");
             }
diff --git a/test/Microsoft.AspNet.Http.Tests/Authentication/DefaultAuthenticationManagerTests.cs b/test/Microsoft.AspNet.Http.Tests/Authentication/DefaultAuthenticationManagerTests.cs
index 2871c27ec3..3430382e8a 100644
--- a/test/Microsoft.AspNet.Http.Tests/Authentication/DefaultAuthenticationManagerTests.cs
+++ b/test/Microsoft.AspNet.Http.Tests/Authentication/DefaultAuthenticationManagerTests.cs
@@ -21,13 +21,14 @@ namespace Microsoft.AspNet.Http.Authentication.Internal
             await Assert.ThrowsAsync<InvalidOperationException>(async () => await context.Authentication.AuthenticateAsync("Foo"));
         }
 
-        [Fact]
-        public async Task ChallengeWithNoAuthMiddlewareMayThrow()
+        [Theory]
+        [InlineData("")]
+        [InlineData(null)]
+        [InlineData("Foo")]
+        public async Task ChallengeWithNoAuthMiddlewareMayThrow(string scheme)
         {
             var context = CreateContext();
-            await context.Authentication.ChallengeAsync();
-            Assert.Equal(200, context.Response.StatusCode);
-            await Assert.ThrowsAsync<InvalidOperationException>(() => context.Authentication.ChallengeAsync("Foo"));
+            await Assert.ThrowsAsync<InvalidOperationException>(() => context.Authentication.ChallengeAsync(scheme));
         }
 
         [Fact]