diff options
| author | Mateo Radman <48420316+mateoradman@users.noreply.github.com> | 2021-09-05 17:24:09 +0200 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2021-09-06 07:47:53 +0200 |
| commit | a7f27fca5239ff3840735dc6dc731b71a99a1d57 (patch) | |
| tree | 64e1b9800f4f717c6f70ef9efaccba19bf58bd3a /tests/auth_tests/test_hashers.py | |
| parent | e75a3a770e5da8af3405be1e216a6c20cc9bde5a (diff) | |
Refs #32508 -- Raised TypeError/ValueError instead of using "assert" in encode() methods of remaining password hashers.
Diffstat (limited to 'tests/auth_tests/test_hashers.py')
| -rw-r--r-- | tests/auth_tests/test_hashers.py | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/tests/auth_tests/test_hashers.py b/tests/auth_tests/test_hashers.py index 81234a44f0..dda64971ba 100644 --- a/tests/auth_tests/test_hashers.py +++ b/tests/auth_tests/test_hashers.py @@ -143,6 +143,13 @@ class TestUtilsHashPass(SimpleTestCase): self.assertTrue(check_password('', blank_encoded)) self.assertFalse(check_password(' ', blank_encoded)) + @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.UnsaltedMD5PasswordHasher']) + def test_unsalted_md5_encode_invalid_salt(self): + hasher = get_hasher('unsalted_md5') + msg = 'salt must be empty.' + with self.assertRaisesMessage(ValueError, msg): + hasher.encode('password', salt='salt') + @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.UnsaltedSHA1PasswordHasher']) def test_unsalted_sha1(self): encoded = make_password('lètmein', '', 'unsalted_sha1') @@ -161,6 +168,13 @@ class TestUtilsHashPass(SimpleTestCase): self.assertTrue(check_password('', blank_encoded)) self.assertFalse(check_password(' ', blank_encoded)) + @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.UnsaltedSHA1PasswordHasher']) + def test_unsalted_sha1_encode_invalid_salt(self): + hasher = get_hasher('unsalted_sha1') + msg = 'salt must be empty.' + with self.assertRaisesMessage(ValueError, msg): + hasher.encode('password', salt='salt') + @skipUnless(crypt, "no crypt module to generate password.") @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.CryptPasswordHasher']) def test_crypt(self): @@ -177,6 +191,23 @@ class TestUtilsHashPass(SimpleTestCase): self.assertTrue(check_password('', blank_encoded)) self.assertFalse(check_password(' ', blank_encoded)) + @skipUnless(crypt, 'no crypt module to generate password.') + @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.CryptPasswordHasher']) + def test_crypt_encode_invalid_salt(self): + hasher = get_hasher('crypt') + msg = 'salt must be of length 2.' + with self.assertRaisesMessage(ValueError, msg): + hasher.encode('password', salt='a') + + @skipUnless(crypt, 'no crypt module to generate password.') + @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.CryptPasswordHasher']) + def test_crypt_encode_invalid_hash(self): + hasher = get_hasher('crypt') + msg = 'hash must be provided.' + with mock.patch('crypt.crypt', return_value=None): + with self.assertRaisesMessage(TypeError, msg): + hasher.encode('password', salt='ab') + @skipUnless(bcrypt, "bcrypt not installed") def test_bcrypt_sha256(self): encoded = make_password('lètmein', hasher='bcrypt_sha256') |