diff options
| author | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2021-07-22 09:42:07 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-22 09:42:07 +0200 |
| commit | 83022d279c585be2c4173b36a92d4399e738150e (patch) | |
| tree | 40a66e3bbb09f8f6d9cc895978deafcb7f43864a /tests/auth_tests | |
| parent | c35b81b864ffa84751bac7d73046840f576491f9 (diff) | |
Refs #32508 -- Raised TypeError/ValueError instead of using "assert" in encode() methods of some password hashers.
Diffstat (limited to 'tests/auth_tests')
| -rw-r--r-- | tests/auth_tests/test_hashers.py | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/tests/auth_tests/test_hashers.py b/tests/auth_tests/test_hashers.py index 411bcea8e9..46ac4062f3 100644 --- a/tests/auth_tests/test_hashers.py +++ b/tests/auth_tests/test_hashers.py @@ -4,8 +4,9 @@ from django.conf.global_settings import PASSWORD_HASHERS from django.contrib.auth.hashers import ( UNUSABLE_PASSWORD_PREFIX, UNUSABLE_PASSWORD_SUFFIX_LENGTH, BasePasswordHasher, BCryptPasswordHasher, BCryptSHA256PasswordHasher, - PBKDF2PasswordHasher, PBKDF2SHA1PasswordHasher, check_password, get_hasher, - identify_hasher, is_password_usable, make_password, + MD5PasswordHasher, PBKDF2PasswordHasher, PBKDF2SHA1PasswordHasher, + SHA1PasswordHasher, check_password, get_hasher, identify_hasher, + is_password_usable, make_password, ) from django.test import SimpleTestCase from django.test.utils import override_settings @@ -474,6 +475,35 @@ class TestUtilsHashPass(SimpleTestCase): check_password('wrong_password', encoded) self.assertEqual(hasher.harden_runtime.call_count, 1) + def test_encode_invalid_salt(self): + hasher_classes = [ + MD5PasswordHasher, + PBKDF2PasswordHasher, + PBKDF2SHA1PasswordHasher, + SHA1PasswordHasher, + ] + msg = 'salt must be provided and cannot contain $.' + for hasher_class in hasher_classes: + hasher = hasher_class() + for salt in [None, '', 'sea$salt']: + with self.subTest(hasher_class.__name__, salt=salt): + with self.assertRaisesMessage(ValueError, msg): + hasher.encode('password', salt) + + def test_encode_password_required(self): + hasher_classes = [ + MD5PasswordHasher, + PBKDF2PasswordHasher, + PBKDF2SHA1PasswordHasher, + SHA1PasswordHasher, + ] + msg = 'password must be provided.' + for hasher_class in hasher_classes: + hasher = hasher_class() + with self.subTest(hasher_class.__name__): + with self.assertRaisesMessage(TypeError, msg): + hasher.encode(None, 'seasalt') + class BasePasswordHasherTests(SimpleTestCase): not_implemented_msg = 'subclasses of BasePasswordHasher must provide %s() method' |