/**
  * According to RFC 2617 (http://www.ietf.org/rfc/rfc2617.txt), the 401 response message MUST
  * contain a WWW-Authenticate header
  *
  * {@inheritDoc}
  */
 public function prepareResponse(HttpResponse $response)
 {
     parent::prepareResponse($response);
     $headers = $response->getHeaders();
     $challenge = $this->getChallenge();
     $authenticateHeader = Header\WWWAuthenticate::fromString("WWW-Authenticate: {$challenge}");
     $headers->addHeader($authenticateHeader);
 }
 /**
  * Add the available methods (if any) to the Allow header
  *
  * {@inheritDoc}
  */
 public function prepareResponse(HttpResponse $response)
 {
     parent::prepareResponse($response);
     if (empty($this->allowedMethods)) {
         return;
     }
     $headers = $response->getHeaders();
     $headers->addHeaderLine('Allow', implode(', ', $this->allowedMethods));
 }