def testRandomString(self):
""" util.random_string: test randomness and length """
length = 8
result1 = util.random_string(length)
result2 = util.random_string(length)
assert result1 != result2, ('Expected different random strings, but got "%(result1)s" and "%(result2)s"') % locals()
result = len(util.random_string(length))
expected = length
assert result == expected, ('Expected length "%(expected)s" but got "%(result)s"') % locals()
def encodePassword(cfg, pwd, salt=None, scheme=None):
""" Encode a cleartext password using the default algorithm.
@param cfg: the wiki config
@param pwd: the cleartext password, (unicode)
@param salt: the salt for the password (string) or None to generate a
random salt.
@param scheme: scheme to use (by default will use cfg.password_scheme)
@rtype: string
@return: the password hash in apache htpasswd compatible encoding,
"""
if scheme is None:
scheme = cfg.password_scheme
configured_scheme = True
else:
configured_scheme = False
if scheme == '{PASSLIB}':
return '{PASSLIB}' + cfg.cache.pwd_context.encrypt(pwd, salt=salt)
elif scheme == '{SSHA}':
pwd = pwd.encode('utf-8')
if salt is None:
salt = random_string(20)
assert isinstance(salt, str)
hash = hash_new('sha1', pwd)
hash.update(salt)
return '{SSHA}' + base64.encodestring(hash.digest() + salt).rstrip()
else:
# should never happen as we check the value of cfg.password_scheme
raise NotImplementedError
def generate_recovery_token(self):
key = random_string(64, "abcdefghijklmnopqrstuvwxyz0123456789")
msg = str(int(time.time()))
h = hmac_new(key, msg).hexdigest()
self.recoverpass_key = key
self.save()
return msg + '-' + h
def generate_recovery_token(self):
key = random_string(64, "abcdefghijklmnopqrstuvwxyz0123456789")
msg = str(int(time.time()))
h = hmac_new(key, msg).hexdigest()
self.recoverpass_key = key
self.save()
return msg + '-' + h
def encodePassword(cfg, pwd, salt=None, scheme=None):
""" Encode a cleartext password using the default algorithm.
@param cfg: the wiki config
@param pwd: the cleartext password, (unicode)
@param salt: the salt for the password (string) or None to generate a
random salt.
@param scheme: scheme to use (by default will use cfg.password_scheme)
@rtype: string
@return: the password hash in apache htpasswd compatible encoding,
"""
if scheme is None:
scheme = cfg.password_scheme
configured_scheme = True
else:
configured_scheme = False
if scheme == '{PASSLIB}':
return '{PASSLIB}' + cfg.cache.pwd_context.encrypt(pwd, salt=salt)
elif scheme == '{SSHA}':
pwd = pwd.encode('utf-8')
if salt is None:
salt = random_string(20)
assert isinstance(salt, str)
hash = hash_new('sha1', pwd)
hash.update(salt)
return '{SSHA}' + base64.encodestring(hash.digest() + salt).rstrip()
else:
# should never happen as we check the value of cfg.password_scheme
raise NotImplementedError
def encodePassword(pwd, salt=None):
""" Encode a cleartext password
@param pwd: the cleartext password, (unicode)
@param salt: the salt for the password (string)
@rtype: string
@return: the password in SHA256-encoding
"""
pwd = pwd.encode('utf-8')
if salt is None:
salt = random_string(32)
assert isinstance(salt, str)
hash = hashlib.new('sha256', pwd)
hash.update(salt)
return '{SSHA256}' + base64.encodestring(hash.digest() + salt).rstrip()
def createTestPlugin(self):
""" Create test plugin, skiping if plugin exists """
if self.pluginExists():
self.shouldDeleteTestPlugin = False
py.test.skip("Won't overwrite existing plugin: %s" % self.plugin)
self.key = random_string(32, 'abcdefg')
data = '''
# If you find this file in your wiki plugin directory, you can safely
# delete it.
import sys, os
class Parser:
key = '%s'
''' % self.key
try:
file(self.pluginFilePath('.py'), 'w').write(data)
except Exception, err:
py.test.skip("Can't create test plugin: %s" % str(err))
def encodePassword(pwd, salt=None):
""" Encode a cleartext password
@param pwd: the cleartext password, (unicode)
@param salt: the salt for the password (string)
@rtype: string
@return: the password in apache htpasswd compatible SHA-encoding,
or None
"""
pwd = pwd.encode('utf-8')
if salt is None:
salt = random_string(20)
assert isinstance(salt, str)
hash = hash_new('sha1', pwd)
hash.update(salt)
return '{SSHA}' + base64.encodestring(hash.digest() + salt).rstrip()
def createTestPlugin(self):
""" Create test plugin, skiping if plugin exists """
if self.pluginExists():
self.shouldDeleteTestPlugin = False
py.test.skip("Won't overwrite existing plugin: %s" % self.plugin)
self.key = random_string(32, 'abcdefg')
data = '''
# If you find this file in your wiki plugin directory, you can safely
# delete it.
import sys, os
class Parser:
key = '%s'
''' % self.key
try:
file(self.pluginFilePath('.py'), 'w').write(data)
except Exception, err:
py.test.skip("Can't create test plugin: %s" % str(err))
def encodePassword(pwd, salt=None):
""" Encode a cleartext password
@param pwd: the cleartext password, (unicode)
@param salt: the salt for the password (string)
@rtype: string
@return: the password in apache htpasswd compatible SHA-encoding,
or None
"""
pwd = pwd.encode('utf-8')
if salt is None:
salt = random_string(20)
assert isinstance(salt, str)
hash = hash_new('sha1', pwd)
hash.update(salt)
return '{SSHA}' + base64.encodestring(hash.digest() + salt).rstrip()
def create_random_string_list(length=14, count=10):
""" creates a list of random strings """
chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
return [u"%s" % random_string(length, chars) for counter in range(count)]
def create_random_string_list(length=14, count=10):
""" creates a list of random strings """
chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
return [u"%s" % random_string(length, chars) for counter in range(count)]
