django/tests/signed_cookies_tests/tests.py

from datetime import timedelta

from django.core import signing
from django.http import HttpRequest, HttpResponse
from django.test import SimpleTestCase, override_settings
from django.test.utils import freeze_time


class SignedCookieTest(SimpleTestCase):
    def test_can_set_and_read_signed_cookies(self):
        response = HttpResponse()
        response.set_signed_cookie("c", "hello")
        self.assertIn("c", response.cookies)
        self.assertTrue(response.cookies["c"].value.startswith("hello:"))
        request = HttpRequest()
        request.COOKIES["c"] = response.cookies["c"].value
        value = request.get_signed_cookie("c")
        self.assertEqual(value, "hello")

    def test_can_use_salt(self):
        response = HttpResponse()
        response.set_signed_cookie("a", "hello", salt="one")
        request = HttpRequest()
        request.COOKIES["a"] = response.cookies["a"].value
        value = request.get_signed_cookie("a", salt="one")
        self.assertEqual(value, "hello")
        with self.assertRaises(signing.BadSignature):
            request.get_signed_cookie("a", salt="two")

    def test_detects_tampering(self):
        response = HttpResponse()
        response.set_signed_cookie("c", "hello")
        request = HttpRequest()
        request.COOKIES["c"] = response.cookies["c"].value[:-2] + "$$"
        with self.assertRaises(signing.BadSignature):
            request.get_signed_cookie("c")

    def test_default_argument_suppresses_exceptions(self):
        response = HttpResponse()
        response.set_signed_cookie("c", "hello")
        request = HttpRequest()
        request.COOKIES["c"] = response.cookies["c"].value[:-2] + "$$"
        self.assertIsNone(request.get_signed_cookie("c", default=None))

    def test_max_age_argument(self):
        value = "hello"
        with freeze_time(123456789):
            response = HttpResponse()
            response.set_signed_cookie("c", value)
            request = HttpRequest()
            request.COOKIES["c"] = response.cookies["c"].value
            self.assertEqual(request.get_signed_cookie("c"), value)

        with freeze_time(123456800):
            self.assertEqual(request.get_signed_cookie("c", max_age=12), value)
            self.assertEqual(request.get_signed_cookie("c", max_age=11), value)
            self.assertEqual(
                request.get_signed_cookie("c", max_age=timedelta(seconds=11)), value
            )
            with self.assertRaises(signing.SignatureExpired):
                request.get_signed_cookie("c", max_age=10)
            with self.assertRaises(signing.SignatureExpired):
                request.get_signed_cookie("c", max_age=timedelta(seconds=10))

    def test_set_signed_cookie_max_age_argument(self):
        response = HttpResponse()
        response.set_signed_cookie("c", "value", max_age=100)
        self.assertEqual(response.cookies["c"]["max-age"], 100)
        response.set_signed_cookie("d", "value", max_age=timedelta(hours=2))
        self.assertEqual(response.cookies["d"]["max-age"], 7200)

    @override_settings(SECRET_KEY=b"\xe7")
    def test_signed_cookies_with_binary_key(self):
        response = HttpResponse()
        response.set_signed_cookie("c", "hello")

        request = HttpRequest()
        request.COOKIES["c"] = response.cookies["c"].value
        self.assertEqual(request.get_signed_cookie("c"), "hello")
Refs #33562 -- Added tests HttpRequest.get_signed_cookie() with timedeltas. 2022-03-07 14:24:59 +08:00			`from datetime import timedelta`

Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`from django.core import signing`
			`from django.http import HttpRequest, HttpResponse`
Refs #24652 -- Used SimpleTestCase where appropriate. 2015-04-18 05:38:20 +08:00			`from django.test import SimpleTestCase, override_settings`
Fixed #23792 -- Added test.utils.freeze_time() context manager. 2014-11-11 02:33:49 +08:00			`from django.test.utils import freeze_time`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
Convert the remainder of the relative imports in the tests to be absolute imports. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16981 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-10-14 05:34:56 +08:00
Refs #24652 -- Used SimpleTestCase where appropriate. 2015-04-18 05:38:20 +08:00			`class SignedCookieTest(SimpleTestCase):`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`def test_can_set_and_read_signed_cookies(self):`
			`response = HttpResponse()`
			`response.set_signed_cookie("c", "hello")`
			`self.assertIn("c", response.cookies)`
			`self.assertTrue(response.cookies["c"].value.startswith("hello:"))`
			`request = HttpRequest()`
			`request.COOKIES["c"] = response.cookies["c"].value`
			`value = request.get_signed_cookie("c")`
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`self.assertEqual(value, "hello")`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
			`def test_can_use_salt(self):`
			`response = HttpResponse()`
			`response.set_signed_cookie("a", "hello", salt="one")`
			`request = HttpRequest()`
			`request.COOKIES["a"] = response.cookies["a"].value`
			`value = request.get_signed_cookie("a", salt="one")`
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`self.assertEqual(value, "hello")`
Refs #26022 -- Used context manager version of assertRaises in tests. 2016-01-17 19:26:39 +08:00			`with self.assertRaises(signing.BadSignature):`
			`request.get_signed_cookie("a", salt="two")`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
			`def test_detects_tampering(self):`
			`response = HttpResponse()`
			`response.set_signed_cookie("c", "hello")`
			`request = HttpRequest()`
			`request.COOKIES["c"] = response.cookies["c"].value[:-2] + "$$"`
Refs #26022 -- Used context manager version of assertRaises in tests. 2016-01-17 19:26:39 +08:00			`with self.assertRaises(signing.BadSignature):`
			`request.get_signed_cookie("c")`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
Fixed typos using https://github.com/vlajos/misspell_fixer 2014-11-04 06:48:03 +08:00			`def test_default_argument_suppresses_exceptions(self):`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`response = HttpResponse()`
			`response.set_signed_cookie("c", "hello")`
			`request = HttpRequest()`
			`request.COOKIES["c"] = response.cookies["c"].value[:-2] + "$$"`
Fixed #26747 -- Used more specific assertions in the Django test suite. 2016-06-17 02:19:18 +08:00			`self.assertIsNone(request.get_signed_cookie("c", default=None))`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00
			`def test_max_age_argument(self):`
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review. 2012-06-08 00:08:47 +08:00			`value = "hello"`
Fixed #23792 -- Added test.utils.freeze_time() context manager. 2014-11-11 02:33:49 +08:00			`with freeze_time(123456789):`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`response = HttpResponse()`
			`response.set_signed_cookie("c", value)`
			`request = HttpRequest()`
			`request.COOKIES["c"] = response.cookies["c"].value`
			`self.assertEqual(request.get_signed_cookie("c"), value)`

Fixed #23792 -- Added test.utils.freeze_time() context manager. 2014-11-11 02:33:49 +08:00			`with freeze_time(123456800):`
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-05-21 22:41:14 +08:00			`self.assertEqual(request.get_signed_cookie("c", max_age=12), value)`
			`self.assertEqual(request.get_signed_cookie("c", max_age=11), value)`
Refs #33562 -- Added tests HttpRequest.get_signed_cookie() with timedeltas. 2022-03-07 14:24:59 +08:00			`self.assertEqual(`
			`request.get_signed_cookie("c", max_age=timedelta(seconds=11)), value`
			`)`
Refs #26022 -- Used context manager version of assertRaises in tests. 2016-01-17 19:26:39 +08:00			`with self.assertRaises(signing.SignatureExpired):`
			`request.get_signed_cookie("c", max_age=10)`
Refs #33562 -- Added tests HttpRequest.get_signed_cookie() with timedeltas. 2022-03-07 14:24:59 +08:00			`with self.assertRaises(signing.SignatureExpired):`
			`request.get_signed_cookie("c", max_age=timedelta(seconds=10))`
Fixed #19980: Signer broken for binary keys (with non-ASCII chars). With this pull request, request #878 should considered closed. Thanks to nvie for the patch. 2014-02-16 21:47:51 +08:00
Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the max_age argument. 2022-03-04 20:57:10 +08:00			`def test_set_signed_cookie_max_age_argument(self):`
			`response = HttpResponse()`
			`response.set_signed_cookie("c", "value", max_age=100)`
			`self.assertEqual(response.cookies["c"]["max-age"], 100)`
			`response.set_signed_cookie("d", "value", max_age=timedelta(hours=2))`
			`self.assertEqual(response.cookies["d"]["max-age"], 7200)`

Refs #21230 -- removed direct settings manipulation from signed cookies tests 2014-04-08 23:21:20 +08:00			`@override_settings(SECRET_KEY=b"\xe7")`
Fixed #19980: Signer broken for binary keys (with non-ASCII chars). With this pull request, request #878 should considered closed. Thanks to nvie for the patch. 2014-02-16 21:47:51 +08:00			`def test_signed_cookies_with_binary_key(self):`
			`response = HttpResponse()`
			`response.set_signed_cookie("c", "hello")`

			`request = HttpRequest()`
			`request.COOKIES["c"] = response.cookies["c"].value`
			`self.assertEqual(request.get_signed_cookie("c"), "hello")`