Changed Authorization.qop type from HeaderSet to string

tests/test_http.py

@@ -128,7 +128,7 @@ def test_authorization_header(self):
         assert a.realm == '[email protected]'
         assert a.nonce == 'dcd98b7102dd2f0e8b11d0f600bfb0c093'
         assert a.uri == '/dir/index.html'
-        assert 'auth' in a.qop
+        assert a.qop == 'auth'
         assert a.nc == '00000001'
         assert a.cnonce == '0a4f113b'
         assert a.response == '6629fae49393a05397450978507c4ef1'

werkzeug/datastructures.py

@@ -2430,17 +2430,10 @@ def __init__(self, auth_type, data=None):
         The opaque header from the server returned unchanged by the client.
         It is recommended that this string be base64 or hexadecimal data.
         Digest auth only.''')
-
-    @property
-    def qop(self):
-        """Indicates what "quality of protection" the client has applied to
-        the message for HTTP digest auth."""
-        def on_update(header_set):
-            if not header_set and 'qop' in self:
-                del self['qop']
-            elif header_set:
-                self['qop'] = header_set.to_header()
-        return parse_set_header(self.get('qop'), on_update)
+    qop = property(lambda x: x.get('qop'), doc='''
+        Indicates what "quality of protection" the client has applied to
+        the message for HTTP digest auth. Note that this is a single token,
+        not a quoted list of alternatives as in WWW-Authenticate.''')
 
 
 class WWWAuthenticate(UpdateDictMixin, dict):