django/tests/signing/tests.py

from __future__ import unicode_literals

import time

from django.core import signing
from django.test import TestCase
from django.utils.encoding import force_str
from django.utils import six


class TestSigner(TestCase):

    def test_signature(self):
        "signature() method should generate a signature"
        signer = signing.Signer('predictable-secret')
        signer2 = signing.Signer('predictable-secret2')
        for s in (
            b'hello',
            b'3098247:529:087:',
            '\u2019'.encode('utf-8'),
        ):
            self.assertEqual(
                signer.signature(s),
                signing.base64_hmac(signer.salt + 'signer', s,
                    'predictable-secret').decode()
            )
            self.assertNotEqual(signer.signature(s), signer2.signature(s))

    def test_signature_with_salt(self):
        "signature(value, salt=...) should work"
        signer = signing.Signer('predictable-secret', salt='extra-salt')
        self.assertEqual(
            signer.signature('hello'),
            signing.base64_hmac('extra-salt' + 'signer',
                                'hello', 'predictable-secret').decode()
        )
        self.assertNotEqual(
            signing.Signer('predictable-secret', salt='one').signature('hello'),
            signing.Signer('predictable-secret', salt='two').signature('hello'))

    def test_sign_unsign(self):
        "sign/unsign should be reversible"
        signer = signing.Signer('predictable-secret')
        examples = [
            'q;wjmbk;wkmb',
            '3098247529087',
            '3098247:529:087:',
            'jkw osanteuh ,rcuh nthu aou oauh ,ud du',
            '\u2019',
        ]
        if six.PY2:
            examples.append(b'a byte string')
        for example in examples:
            signed = signer.sign(example)
            self.assertIsInstance(signed, str)
            self.assertNotEqual(force_str(example), signed)
            self.assertEqual(example, signer.unsign(signed))

    def unsign_detects_tampering(self):
        "unsign should raise an exception if the value has been tampered with"
        signer = signing.Signer('predictable-secret')
        value = 'Another string'
        signed_value = signer.sign(value)
        transforms = (
            lambda s: s.upper(),
            lambda s: s + 'a',
            lambda s: 'a' + s[1:],
            lambda s: s.replace(':', ''),
        )
        self.assertEqual(value, signer.unsign(signed_value))
        for transform in transforms:
            self.assertRaises(
                signing.BadSignature, signer.unsign, transform(signed_value))

    def test_dumps_loads(self):
        "dumps and loads be reversible for any JSON serializable object"
        objects = [
            ['a', 'list'],
            'a unicode string \u2019',
            {'a': 'dictionary'},
        ]
        if six.PY2:
            objects.append(b'a byte string')
        for o in objects:
            self.assertNotEqual(o, signing.dumps(o))
            self.assertEqual(o, signing.loads(signing.dumps(o)))
            self.assertNotEqual(o, signing.dumps(o, compress=True))
            self.assertEqual(o, signing.loads(signing.dumps(o, compress=True)))

    def test_decode_detects_tampering(self):
        "loads should raise exception for tampered objects"
        transforms = (
            lambda s: s.upper(),
            lambda s: s + 'a',
            lambda s: 'a' + s[1:],
            lambda s: s.replace(':', ''),
        )
        value = {
            'foo': 'bar',
            'baz': 1,
        }
        encoded = signing.dumps(value)
        self.assertEqual(value, signing.loads(encoded))
        for transform in transforms:
            self.assertRaises(
                signing.BadSignature, signing.loads, transform(encoded))


class TestTimestampSigner(TestCase):

    def test_timestamp_signer(self):
        value = 'hello'
        _time = time.time
        time.time = lambda: 123456789
        try:
            signer = signing.TimestampSigner('predictable-key')
            ts = signer.sign(value)
            self.assertNotEqual(ts,
                signing.Signer('predictable-key').sign(value))

            self.assertEqual(signer.unsign(ts), value)
            time.time = lambda: 123456800
            self.assertEqual(signer.unsign(ts, max_age=12), value)
            self.assertEqual(signer.unsign(ts, max_age=11), value)
            self.assertRaises(
                signing.SignatureExpired, signer.unsign, ts, max_age=10)
        finally:
            time.time = _time
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`from __future__ import unicode_literals`

Backed out [16356] due to later rejection of #16182. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16426 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-17 17:47:08 +08:00			`import time`

Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`from django.core import signing`
			`from django.test import TestCase`
Fixed #18852 -- Restored backwards compatibility in django.core.signing. Specifically, kept the same return types (str/unicode) under Python 2. Related to [92b2dec918]. 2012-08-25 19:02:52 +08:00			`from django.utils.encoding import force_str`
[py3] Made signing infrastructure pass tests with Python 3 2012-08-10 02:08:47 +08:00			`from django.utils import six`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
Convert the remainder of the relative imports in the tests to be absolute imports. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16981 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-10-14 05:34:56 +08:00
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`class TestSigner(TestCase):`

			`def test_signature(self):`
			`"signature() method should generate a signature"`
			`signer = signing.Signer('predictable-secret')`
			`signer2 = signing.Signer('predictable-secret2')`
			`for s in (`
Marked bytestrings with b prefix. Refs #18269 This is a preparation for unicode literals general usage in Django (Python 3 compatibility). 2012-05-19 23:43:34 +08:00			`b'hello',`
			`b'3098247:529:087:',`
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`'\u2019'.encode('utf-8'),`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`):`
			`self.assertEqual(`
			`signer.signature(s),`
			`signing.base64_hmac(signer.salt + 'signer', s,`
Fixed #18852 -- Restored backwards compatibility in django.core.signing. Specifically, kept the same return types (str/unicode) under Python 2. Related to [92b2dec918]. 2012-08-25 19:02:52 +08:00			`'predictable-secret').decode()`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`)`
			`self.assertNotEqual(signer.signature(s), signer2.signature(s))`

			`def test_signature_with_salt(self):`
			`"signature(value, salt=...) should work"`
			`signer = signing.Signer('predictable-secret', salt='extra-salt')`
			`self.assertEqual(`
			`signer.signature('hello'),`
Fixed #21288 -- Fixed E126 pep8 warnings 2013-10-20 07:33:10 +08:00			`signing.base64_hmac('extra-salt' + 'signer',`
			`'hello', 'predictable-secret').decode()`
Fixed #21287 -- Fixed E123 pep8 warnings 2013-10-18 17:02:43 +08:00			`)`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`self.assertNotEqual(`
			`signing.Signer('predictable-secret', salt='one').signature('hello'),`
			`signing.Signer('predictable-secret', salt='two').signature('hello'))`

			`def test_sign_unsign(self):`
			`"sign/unsign should be reversible"`
			`signer = signing.Signer('predictable-secret')`
Fixed #18852 -- Restored backwards compatibility in django.core.signing. Specifically, kept the same return types (str/unicode) under Python 2. Related to [92b2dec918]. 2012-08-25 19:02:52 +08:00			`examples = [`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`'q;wjmbk;wkmb',`
			`'3098247529087',`
			`'3098247:529:087:',`
			`'jkw osanteuh ,rcuh nthu aou oauh ,ud du',`
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`'\u2019',`
Fixed #18852 -- Restored backwards compatibility in django.core.signing. Specifically, kept the same return types (str/unicode) under Python 2. Related to [92b2dec918]. 2012-08-25 19:02:52 +08:00			`]`
Replaced "not PY3" by "PY2", new in six 1.4.0. 2013-09-02 18:06:32 +08:00			`if six.PY2:`
Fixed #18852 -- Restored backwards compatibility in django.core.signing. Specifically, kept the same return types (str/unicode) under Python 2. Related to [92b2dec918]. 2012-08-25 19:02:52 +08:00			`examples.append(b'a byte string')`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`for example in examples:`
Fixed #18852 -- Restored backwards compatibility in django.core.signing. Specifically, kept the same return types (str/unicode) under Python 2. Related to [92b2dec918]. 2012-08-25 19:02:52 +08:00			`signed = signer.sign(example)`
			`self.assertIsInstance(signed, str)`
			`self.assertNotEqual(force_str(example), signed)`
			`self.assertEqual(example, signer.unsign(signed))`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
			`def unsign_detects_tampering(self):`
			`"unsign should raise an exception if the value has been tampered with"`
			`signer = signing.Signer('predictable-secret')`
			`value = 'Another string'`
			`signed_value = signer.sign(value)`
			`transforms = (`
			`lambda s: s.upper(),`
			`lambda s: s + 'a',`
			`lambda s: 'a' + s[1:],`
			`lambda s: s.replace(':', ''),`
			`)`
			`self.assertEqual(value, signer.unsign(signed_value))`
			`for transform in transforms:`
			`self.assertRaises(`
			`signing.BadSignature, signer.unsign, transform(signed_value))`

			`def test_dumps_loads(self):`
			`"dumps and loads be reversible for any JSON serializable object"`
[py3] Made signing infrastructure pass tests with Python 3 2012-08-10 02:08:47 +08:00			`objects = [`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`['a', 'list'],`
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`'a unicode string \u2019',`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`{'a': 'dictionary'},`
[py3] Made signing infrastructure pass tests with Python 3 2012-08-10 02:08:47 +08:00			`]`
Replaced "not PY3" by "PY2", new in six 1.4.0. 2013-09-02 18:06:32 +08:00			`if six.PY2:`
[py3] Made signing infrastructure pass tests with Python 3 2012-08-10 02:08:47 +08:00			`objects.append(b'a byte string')`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`for o in objects:`
			`self.assertNotEqual(o, signing.dumps(o))`
			`self.assertEqual(o, signing.loads(signing.dumps(o)))`
[py3] Made signing infrastructure pass tests with Python 3 2012-08-10 02:08:47 +08:00			`self.assertNotEqual(o, signing.dumps(o, compress=True))`
			`self.assertEqual(o, signing.loads(signing.dumps(o, compress=True)))`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
			`def test_decode_detects_tampering(self):`
			`"loads should raise exception for tampered objects"`
			`transforms = (`
			`lambda s: s.upper(),`
			`lambda s: s + 'a',`
			`lambda s: 'a' + s[1:],`
			`lambda s: s.replace(':', ''),`
			`)`
			`value = {`
			`'foo': 'bar',`
			`'baz': 1,`
			`}`
			`encoded = signing.dumps(value)`
			`self.assertEqual(value, signing.loads(encoded))`
			`for transform in transforms:`
			`self.assertRaises(`
			`signing.BadSignature, signing.loads, transform(encoded))`

Fixing E302 Errors Signed-off-by: Jason Myers <jason@jasonamyers.com> 2013-11-03 05:34:05 +08:00
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`class TestTimestampSigner(TestCase):`

			`def test_timestamp_signer(self):`
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`value = 'hello'`
Backed out [16356] due to later rejection of #16182. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16426 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-17 17:47:08 +08:00			`_time = time.time`
			`time.time = lambda: 123456789`
			`try:`
			`signer = signing.TimestampSigner('predictable-key')`
			`ts = signer.sign(value)`
			`self.assertNotEqual(ts,`
			`signing.Signer('predictable-key').sign(value))`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
Backed out [16356] due to later rejection of #16182. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16426 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-06-17 17:47:08 +08:00			`self.assertEqual(signer.unsign(ts), value)`
			`time.time = lambda: 123456800`
			`self.assertEqual(signer.unsign(ts, max_age=12), value)`
			`self.assertEqual(signer.unsign(ts, max_age=11), value)`
			`self.assertRaises(`
			`signing.SignatureExpired, signer.unsign, ts, max_age=10)`
			`finally:`
			`time.time = _time`