def test_sign_uses_correct_key(self): "If a key is provided, sign should use it; otherwise, use SECRET_KEY" s = 'This is a string' self.assertEqual(signed.sign(s), s + '.' + signed.base64_hmac(s, settings.SECRET_KEY)) self.assertEqual(signed.sign(s, 'sekrit'), s + '.' + signed.base64_hmac(s, 'sekrit'))
def test_sign_uses_correct_key(self): "If a key is provided, sign should use it; otherwise, use SECRET_KEY" s = 'This is a string' self.assertEqual( signed.sign(s), s + '.' + signed.base64_hmac(s, settings.SECRET_KEY) ) self.assertEqual( signed.sign(s, 'sekrit'), s + '.' + signed.base64_hmac(s, 'sekrit') )
def sign_is_reversible(self): "sign/unsign should be reversible against any bytestring" examples = ( 'q;wjmbk;wkmb', '3098247529087', '3098247:529:087:', 'jkw osanteuh ,rcuh nthu aou oauh ,ud du', u'\u2019'.encode('utf8'), ) for example in examples: self.assert_(example != signed.sign(example)) self.assertEqual(example, signed.unsign(utils.sign(example)))
def unsign_detects_tampering(self): "unsign should raise an exception if the value has been tampered with" value = 'Another string' signed_value = signed.sign(value) transforms = ( lambda s: s.upper(), lambda s: s + 'a', lambda s: 'a' + s[1:], lambda s: s.replace(':', ''), ) self.assertEqual(value, signed.unsign(signed_value)) for transform in transforms: self.assertRaises(signed.BadSignature, signed.unsign, transform(signed_value))
def unsign_detects_tampering(self): "unsign should raise an exception if the value has been tampered with" value = 'Another string' signed_value = signed.sign(value) transforms = ( lambda s: s.upper(), lambda s: s + 'a', lambda s: 'a' + s[1:], lambda s: s.replace(':', ''), ) self.assertEqual(value, signed.unsign(signed_value)) for transform in transforms: self.assertRaises( signed.BadSignature, signed.unsign, transform(signed_value) )