diff options
Diffstat (limited to 'tests/signing/tests.py')
| -rw-r--r-- | tests/signing/tests.py | 161 |
1 files changed, 83 insertions, 78 deletions
diff --git a/tests/signing/tests.py b/tests/signing/tests.py index c375f2dbf2..15d66f29d8 100644 --- a/tests/signing/tests.py +++ b/tests/signing/tests.py @@ -7,66 +7,66 @@ from django.utils.crypto import InvalidAlgorithm class TestSigner(SimpleTestCase): - def test_signature(self): "signature() method should generate a signature" - signer = signing.Signer('predictable-secret') - signer2 = signing.Signer('predictable-secret2') + signer = signing.Signer("predictable-secret") + signer2 = signing.Signer("predictable-secret2") for s in ( - b'hello', - b'3098247:529:087:', - '\u2019'.encode(), + b"hello", + b"3098247:529:087:", + "\u2019".encode(), ): self.assertEqual( signer.signature(s), signing.base64_hmac( - signer.salt + 'signer', + signer.salt + "signer", s, - 'predictable-secret', + "predictable-secret", algorithm=signer.algorithm, - ) + ), ) self.assertNotEqual(signer.signature(s), signer2.signature(s)) def test_signature_with_salt(self): "signature(value, salt=...) should work" - signer = signing.Signer('predictable-secret', salt='extra-salt') + signer = signing.Signer("predictable-secret", salt="extra-salt") self.assertEqual( - signer.signature('hello'), + signer.signature("hello"), signing.base64_hmac( - 'extra-salt' + 'signer', - 'hello', - 'predictable-secret', + "extra-salt" + "signer", + "hello", + "predictable-secret", algorithm=signer.algorithm, - ) + ), ) self.assertNotEqual( - signing.Signer('predictable-secret', salt='one').signature('hello'), - signing.Signer('predictable-secret', salt='two').signature('hello')) + signing.Signer("predictable-secret", salt="one").signature("hello"), + signing.Signer("predictable-secret", salt="two").signature("hello"), + ) def test_custom_algorithm(self): - signer = signing.Signer('predictable-secret', algorithm='sha512') + signer = signing.Signer("predictable-secret", algorithm="sha512") self.assertEqual( - signer.signature('hello'), - 'Usf3uVQOZ9m6uPfVonKR-EBXjPe7bjMbp3_Fq8MfsptgkkM1ojidN0BxYaT5HAEN1' - 'VzO9_jVu7R-VkqknHYNvw', + signer.signature("hello"), + "Usf3uVQOZ9m6uPfVonKR-EBXjPe7bjMbp3_Fq8MfsptgkkM1ojidN0BxYaT5HAEN1" + "VzO9_jVu7R-VkqknHYNvw", ) def test_invalid_algorithm(self): - signer = signing.Signer('predictable-secret', algorithm='whatever') + signer = signing.Signer("predictable-secret", algorithm="whatever") msg = "'whatever' is not an algorithm accepted by the hashlib module." with self.assertRaisesMessage(InvalidAlgorithm, msg): - signer.sign('hello') + signer.sign("hello") def test_sign_unsign(self): "sign/unsign should be reversible" - signer = signing.Signer('predictable-secret') + signer = signing.Signer("predictable-secret") examples = [ - 'q;wjmbk;wkmb', - '3098247529087', - '3098247:529:087:', - 'jkw osanteuh ,rcuh nthu aou oauh ,ud du', - '\u2019', + "q;wjmbk;wkmb", + "3098247529087", + "3098247:529:087:", + "jkw osanteuh ,rcuh nthu aou oauh ,ud du", + "\u2019", ] for example in examples: signed = signer.sign(example) @@ -75,7 +75,7 @@ class TestSigner(SimpleTestCase): self.assertEqual(example, signer.unsign(signed)) def test_sign_unsign_non_string(self): - signer = signing.Signer('predictable-secret') + signer = signing.Signer("predictable-secret") values = [ 123, 1.23, @@ -91,14 +91,14 @@ class TestSigner(SimpleTestCase): def test_unsign_detects_tampering(self): "unsign should raise an exception if the value has been tampered with" - signer = signing.Signer('predictable-secret') - value = 'Another string' + signer = signing.Signer("predictable-secret") + value = "Another string" signed_value = signer.sign(value) transforms = ( lambda s: s.upper(), - lambda s: s + 'a', - lambda s: 'a' + s[1:], - lambda s: s.replace(':', ''), + lambda s: s + "a", + lambda s: "a" + s[1:], + lambda s: s.replace(":", ""), ) self.assertEqual(value, signer.unsign(signed_value)) for transform in transforms: @@ -106,11 +106,11 @@ class TestSigner(SimpleTestCase): signer.unsign(transform(signed_value)) def test_sign_unsign_object(self): - signer = signing.Signer('predictable-secret') + signer = signing.Signer("predictable-secret") tests = [ - ['a', 'list'], - 'a string \u2019', - {'a': 'dictionary'}, + ["a", "list"], + "a string \u2019", + {"a": "dictionary"}, ] for obj in tests: with self.subTest(obj=obj): @@ -124,9 +124,9 @@ class TestSigner(SimpleTestCase): def test_dumps_loads(self): "dumps and loads be reversible for any JSON serializable object" objects = [ - ['a', 'list'], - 'a string \u2019', - {'a': 'dictionary'}, + ["a", "list"], + "a string \u2019", + {"a": "dictionary"}, ] for o in objects: self.assertNotEqual(o, signing.dumps(o)) @@ -138,13 +138,13 @@ class TestSigner(SimpleTestCase): "loads should raise exception for tampered objects" transforms = ( lambda s: s.upper(), - lambda s: s + 'a', - lambda s: 'a' + s[1:], - lambda s: s.replace(':', ''), + lambda s: s + "a", + lambda s: "a" + s[1:], + lambda s: s.replace(":", ""), ) value = { - 'foo': 'bar', - 'baz': 1, + "foo": "bar", + "baz": 1, } encoded = signing.dumps(value) self.assertEqual(value, signing.loads(encoded)) @@ -153,85 +153,90 @@ class TestSigner(SimpleTestCase): signing.loads(transform(encoded)) def test_works_with_non_ascii_keys(self): - binary_key = b'\xe7' # Set some binary (non-ASCII key) + binary_key = b"\xe7" # Set some binary (non-ASCII key) s = signing.Signer(binary_key) self.assertEqual( - 'foo:EE4qGC5MEKyQG5msxYA0sBohAxLC0BJf8uRhemh0BGU', - s.sign('foo'), + "foo:EE4qGC5MEKyQG5msxYA0sBohAxLC0BJf8uRhemh0BGU", + s.sign("foo"), ) def test_valid_sep(self): - separators = ['/', '*sep*', ','] + separators = ["/", "*sep*", ","] for sep in separators: - signer = signing.Signer('predictable-secret', sep=sep) + signer = signing.Signer("predictable-secret", sep=sep) self.assertEqual( - 'foo%sjZQoX_FtSO70jX9HLRGg2A_2s4kdDBxz1QoO_OpEQb0' % sep, - signer.sign('foo'), + "foo%sjZQoX_FtSO70jX9HLRGg2A_2s4kdDBxz1QoO_OpEQb0" % sep, + signer.sign("foo"), ) def test_invalid_sep(self): """should warn on invalid separator""" - msg = 'Unsafe Signer separator: %r (cannot be empty or consist of only A-z0-9-_=)' - separators = ['', '-', 'abc'] + msg = ( + "Unsafe Signer separator: %r (cannot be empty or consist of only A-z0-9-_=)" + ) + separators = ["", "-", "abc"] for sep in separators: with self.assertRaisesMessage(ValueError, msg % sep): signing.Signer(sep=sep) def test_verify_with_non_default_key(self): - old_signer = signing.Signer('secret') - new_signer = signing.Signer('newsecret', fallback_keys=['othersecret', 'secret']) - signed = old_signer.sign('abc') - self.assertEqual(new_signer.unsign(signed), 'abc') + old_signer = signing.Signer("secret") + new_signer = signing.Signer( + "newsecret", fallback_keys=["othersecret", "secret"] + ) + signed = old_signer.sign("abc") + self.assertEqual(new_signer.unsign(signed), "abc") def test_sign_unsign_multiple_keys(self): """The default key is a valid verification key.""" - signer = signing.Signer('secret', fallback_keys=['oldsecret']) - signed = signer.sign('abc') - self.assertEqual(signer.unsign(signed), 'abc') + signer = signing.Signer("secret", fallback_keys=["oldsecret"]) + signed = signer.sign("abc") + self.assertEqual(signer.unsign(signed), "abc") @override_settings( - SECRET_KEY='secret', - SECRET_KEY_FALLBACKS=['oldsecret'], + SECRET_KEY="secret", + SECRET_KEY_FALLBACKS=["oldsecret"], ) def test_sign_unsign_ignore_secret_key_fallbacks(self): - old_signer = signing.Signer('oldsecret') - signed = old_signer.sign('abc') + old_signer = signing.Signer("oldsecret") + signed = old_signer.sign("abc") signer = signing.Signer(fallback_keys=[]) with self.assertRaises(signing.BadSignature): signer.unsign(signed) @override_settings( - SECRET_KEY='secret', - SECRET_KEY_FALLBACKS=['oldsecret'], + SECRET_KEY="secret", + SECRET_KEY_FALLBACKS=["oldsecret"], ) def test_default_keys_verification(self): - old_signer = signing.Signer('oldsecret') - signed = old_signer.sign('abc') + old_signer = signing.Signer("oldsecret") + signed = old_signer.sign("abc") signer = signing.Signer() - self.assertEqual(signer.unsign(signed), 'abc') + self.assertEqual(signer.unsign(signed), "abc") class TestTimestampSigner(SimpleTestCase): - def test_timestamp_signer(self): - value = 'hello' + value = "hello" with freeze_time(123456789): - signer = signing.TimestampSigner('predictable-key') + signer = signing.TimestampSigner("predictable-key") ts = signer.sign(value) - self.assertNotEqual(ts, signing.Signer('predictable-key').sign(value)) + self.assertNotEqual(ts, signing.Signer("predictable-key").sign(value)) self.assertEqual(signer.unsign(ts), value) with freeze_time(123456800): self.assertEqual(signer.unsign(ts, max_age=12), value) # max_age parameter can also accept a datetime.timedelta object - self.assertEqual(signer.unsign(ts, max_age=datetime.timedelta(seconds=11)), value) + self.assertEqual( + signer.unsign(ts, max_age=datetime.timedelta(seconds=11)), value + ) with self.assertRaises(signing.SignatureExpired): signer.unsign(ts, max_age=10) class TestBase62(SimpleTestCase): def test_base62(self): - tests = [-10 ** 10, 10 ** 10, 1620378259, *range(-100, 100)] + tests = [-(10**10), 10**10, 1620378259, *range(-100, 100)] for i in tests: self.assertEqual(i, signing.b62_decode(signing.b62_encode(i))) |