def test_verify_different_action_values_raises(self): token = xsrf.XSRFToken(user_id='*****@*****.**', secret='secret', current_time=1354160000) token_string = token.generate_token_string('action') token.verify_token_string(token_string, 'action') self.assertRaises( xsrf.XSRFTokenInvalid, token.verify_token_string, xsrf.XSRFToken(user_id='*****@*****.**', secret='differentsecret', current_time=1354160000).generate_token_string())
def test_verify_substring_of_tokenstr_fails(self): """Tests that a substring of the correct token fails to verify.""" token = xsrf.XSRFToken(user_id='*****@*****.**', secret='secret', current_time=1354160000) token_string = token.generate_token_string() test_token, test_time = base64.urlsafe_b64decode(token_string).split( '|') test_string = base64.urlsafe_b64encode('|'.join( [test_token[:-1], test_time])) self.assertRaises(xsrf.XSRFTokenInvalid, token.verify_token_string, test_string)
def test_verify_timeout_elapse_raises(self): """Test that the time span between generation and verification raises if the time span is greater than the timeout arg.""" token = xsrf.XSRFToken(user_id='*****@*****.**', secret='secret', current_time=1354160000) token_string = token.generate_token_string() token.verify_token_string(token_string, timeout=10, current_time=1354160010) self.assertRaises(xsrf.XSRFTokenExpiredException, token.verify_token_string, token_string, timeout=10, current_time=1354160011)
def test_verify_tokenstr_not_int_time_raises(self): """Tests that the time must be a correct datetime int value.""" token = xsrf.XSRFToken(user_id='*****@*****.**', secret='secret') self.assertRaises(xsrf.XSRFTokenMalformed, token.verify_token_string, base64.b64encode('FAKE_STR|FAKE_TIME_NOTINT'))
def test_verify_tokenstr_wo_delimiter_raises(self): """Tests that a token string must properly created from the digest maker.""" token = xsrf.XSRFToken(user_id='*****@*****.**', secret='secret') self.assertRaises(xsrf.XSRFTokenMalformed, token.verify_token_string, base64.b64encode('FAKE_STR_NO_DELIMITER'))
def test_verify_tokenstr_not_b64_raises(self): """Tests that a token string must be a valid base64 string.""" token = xsrf.XSRFToken(user_id='*****@*****.**', secret='secret') self.assertRaises(xsrf.XSRFTokenMalformed, token.verify_token_string, 'FAKE_STR_NOT_B64')