def test_service_creation_ratelimiters(self, monkeypatch):
crypt_context_obj = pretend.stub()
crypt_context_cls = pretend.call_recorder(
lambda **kwargs: crypt_context_obj)
monkeypatch.setattr(services, "CryptContext", crypt_context_cls)
ratelimiters = {"user": pretend.stub(), "global": pretend.stub()}
session = pretend.stub()
service = services.DatabaseUserService(session,
metrics=NullMetrics(),
ratelimiters=ratelimiters)
assert service.db is session
assert service.ratelimiters == ratelimiters
assert service.hasher is crypt_context_obj
assert crypt_context_cls.calls == [
pretend.call(
schemes=[
"argon2",
"bcrypt_sha256",
"bcrypt",
"django_bcrypt",
"unix_disabled",
],
deprecated=["auto"],
truncate_error=True,
argon2__memory_cost=1024,
argon2__parallelism=6,
argon2__time_cost=6,
)
]
def test_success(self, password, prefix, expected, dataset):
response = pretend.stub(text=dataset, raise_for_status=lambda: None)
session = pretend.stub(get=pretend.call_recorder(lambda url: response))
svc = services.HaveIBeenPwnedPasswordBreachedService(
session=session, metrics=NullMetrics())
assert svc.check_password(password) == expected
assert session.get.calls == [
pretend.call(f"https://api.pwnedpasswords.com/range/{prefix}")
]
def test_failure_message(self, help_url, expected):
context = pretend.stub()
request = pretend.stub(
http=pretend.stub(),
find_service=lambda iface, context: {
(IMetricsService, None): NullMetrics()
}[(iface, context)],
help_url=lambda _anchor=None: help_url,
)
svc = services.hibp_password_breach_factory(context, request)
assert svc.failure_message == expected
def test_failure_message_plain(self, help_url, expected):
context = pretend.stub()
request = pretend.stub(
http=pretend.stub(),
find_service=lambda iface, context: {
(IMetricsService, None): NullMetrics()
}[(iface, context)],
help_url=lambda _anchor=None: help_url,
)
svc = services.HaveIBeenPwnedPasswordBreachedService.create_service(
context, request)
assert svc.failure_message_plain == expected
def test_http_failure(self):
@pretend.call_recorder
def raiser():
raise requests.RequestException()
response = pretend.stub(raise_for_status=raiser)
session = pretend.stub(get=lambda url: response)
svc = services.HaveIBeenPwnedPasswordBreachedService(
session=session, metrics=NullMetrics())
assert not svc.check_password("my password")
assert raiser.calls
def test_factory(self):
context = pretend.stub()
request = pretend.stub(
http=pretend.stub(),
find_service=lambda iface, context: {
(IMetricsService, None): NullMetrics()
}[(iface, context)],
help_url=lambda _anchor=None: f"http://localhost/help/#{_anchor}",
)
svc = services.hibp_password_breach_factory(context, request)
assert svc._http is request.http
assert isinstance(svc._metrics, NullMetrics)
assert svc._help_url == "http://localhost/help/#compromised-password"
def test_failure(self):
class AnError(Exception):
pass
def raiser():
raise AnError
response = pretend.stub(raise_for_status=raiser)
session = pretend.stub(get=lambda url: response)
svc = services.HaveIBeenPwnedPasswordBreachedService(
session=session, metrics=NullMetrics())
with pytest.raises(AnError):
svc.check_password("my password")
