Refs #32800 -- Avoided use of _does_token_match() in some CSRF tests.

tests/csrf_tests/test_context_processor.py

@@ -1,14 +1,15 @@
 from django.http import HttpRequest
-from django.middleware.csrf import _does_token_match as equivalent_tokens
 from django.template.context_processors import csrf
 from django.test import SimpleTestCase
 
+from .tests import CsrfFunctionTestMixin
 
-class TestContextProcessor(SimpleTestCase):
+
+class TestContextProcessor(CsrfFunctionTestMixin, SimpleTestCase):
 
     def test_force_token_to_string(self):
         request = HttpRequest()
         test_token = '1bcdefghij2bcdefghij3bcdefghij4bcdefghij5bcdefghij6bcdefghijABCD'
         request.META['CSRF_COOKIE'] = test_token
         token = csrf(request).get('csrf_token')
-        self.assertTrue(equivalent_tokens(str(token), test_token))
+        self.assertMaskedSecretCorrect(token, 'lcccccccX2kcccccccY2jcccccccssIC')

tests/csrf_tests/tests.py

@@ -1396,13 +1396,14 @@ class CsrfViewMiddlewareUseSessionsTests(CsrfViewMiddlewareTestMixin, SimpleTest
 
 
 @override_settings(ROOT_URLCONF='csrf_tests.csrf_token_error_handler_urls', DEBUG=False)
-class CsrfInErrorHandlingViewsTests(SimpleTestCase):
+class CsrfInErrorHandlingViewsTests(CsrfFunctionTestMixin, SimpleTestCase):
     def test_csrf_token_on_404_stays_constant(self):
         response = self.client.get('/does not exist/')
         # The error handler returns status code 599.
         self.assertEqual(response.status_code, 599)
-        token1 = response.content
+        token1 = response.content.decode('ascii')
         response = self.client.get('/does not exist/')
         self.assertEqual(response.status_code, 599)
-        token2 = response.content
+        token2 = response.content.decode('ascii')
-        self.assertTrue(_does_token_match(token1.decode('ascii'), token2.decode('ascii')))
+        secret2 = _unmask_cipher_token(token2)
+        self.assertMaskedSecretCorrect(token1, secret2)

tests/template_backends/test_dummy.py

@@ -3,7 +3,7 @@ import re
 from django.forms import CharField, Form, Media
 from django.http import HttpRequest, HttpResponse
 from django.middleware.csrf import (
-    CsrfViewMiddleware, _does_token_match as equivalent_tokens, get_token,
+    CSRF_TOKEN_LENGTH, CsrfViewMiddleware, _unmask_cipher_token, get_token,
 )
 from django.template import TemplateDoesNotExist, TemplateSyntaxError
 from django.template.backends.dummy import TemplateStrings
@@ -74,6 +74,12 @@ class TemplateStringsTests(SimpleTestCase):
 
         self.assertHTMLEqual(content, expected)
 
+    def check_tokens_equivalent(self, token1, token2):
+        self.assertEqual(len(token1), CSRF_TOKEN_LENGTH)
+        self.assertEqual(len(token2), CSRF_TOKEN_LENGTH)
+        token1, token2 = map(_unmask_cipher_token, (token1, token2))
+        self.assertEqual(token1, token2)
+
     def test_csrf_token(self):
         request = HttpRequest()
         CsrfViewMiddleware(lambda req: HttpResponse()).process_view(request, lambda r: None, (), {})
@@ -84,7 +90,7 @@ class TemplateStringsTests(SimpleTestCase):
         expected = '<input type="hidden" name="csrfmiddlewaretoken" value="([^"]+)">'
         match = re.match(expected, content) or re.match(expected.replace('"', "'"), content)
         self.assertTrue(match, "hidden csrftoken field not found in output")
-        self.assertTrue(equivalent_tokens(match[1], get_token(request)))
+        self.check_tokens_equivalent(match[1], get_token(request))
 
     def test_no_directory_traversal(self):
         with self.assertRaises(TemplateDoesNotExist):