Proper handling of redirects with auth flows

[da1910]

I'm having issues with defining an auth flow for NTLM/Kerberos authentication when I encounter a redirect using IIS. I set up a test server to serve at http://localhost/test/. When sending a GET request to this exact URL I can receive a 200 request as I would expect.

When I instead send a GET request to http://localhost/test I receive a 301 response with Location: http://localhost/test/, if I leave allow_redirect=True then the client will follow the redirect dutifully. This is fine, but I need the auth flow to be reset. I can make it work if I set allow_redirect=False then manually catch 301 responses and send a new GET request to the new URL.

Is there a way to force reauthentication on a 301 redirect, or a way to reset the auth flow in this case?

[da1910]

As a workaround I ended up checking that the URL of the final authorized response was the same as the final request.

If they're the same then we authenticated correctly and game on, otherwise we received a redirect, at which point we rerun the flow.