def test_ttl(self):
with freeze_time(499162800):
instance = EncryptedTTLIntegerModel(field=42)
instance.save()
with freeze_time(123456789):
loaded = EncryptedTTLIntegerModel.objects.get()
self.assertIs(loaded.field, Expired)
def test_ttl(self):
with freeze_time(499162800):
instance = EncryptedTTLIntegerModel(field=42)
instance.save()
with freeze_time(123456789):
loaded = EncryptedTTLIntegerModel.objects.get()
self.assertIs(loaded.field, Expired)
def test_standard_fernet(self):
key = 'cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4='
data = ('gAAAAAAdwJ6wAAECAwQFBgcICQoLDA0ODy021cpGVWKZ_eEwCG'
'M4BLLF_5CV9dOPmrhuVUPgJobwOz7JcbmrR64jVmpU4IwqDA==')
with freeze_time(499162800):
fernet = Fernet(key)
self.assertEqual(fernet.decrypt(data, 60), b'hello')
with freeze_time(123456789):
fernet = Fernet(key)
with self.assertRaises(signing.SignatureExpired):
self.assertEqual(fernet.decrypt(data, 60), b'hello')
def test_timestamp_signer(self):
value = 'hello'
with freeze_time(123456789):
signer = signing.TimestampSigner('predictable-key')
ts = signer.sign(value)
self.assertNotEqual(ts,
signing.Signer('predictable-key').sign(value))
self.assertEqual(signer.unsign(ts), value)
with freeze_time(123456800):
self.assertEqual(signer.unsign(ts, max_age=12), value)
# max_age parameter can also accept a datetime.timedelta object
self.assertEqual(signer.unsign(ts, max_age=datetime.timedelta(seconds=11)), value)
self.assertRaises(signing.SignatureExpired, signer.unsign, ts, max_age=10)
def test_max_age_argument(self):
value = 'hello'
with freeze_time(123456789):
response = HttpResponse()
response.set_signed_cookie('c', value)
request = HttpRequest()
request.COOKIES['c'] = response.cookies['c'].value
self.assertEqual(request.get_signed_cookie('c'), value)
with freeze_time(123456800):
self.assertEqual(request.get_signed_cookie('c', max_age=12), value)
self.assertEqual(request.get_signed_cookie('c', max_age=11), value)
with self.assertRaises(signing.SignatureExpired):
request.get_signed_cookie('c', max_age=10)
def test_max_age_argument(self):
value = 'hello'
with freeze_time(123456789):
response = HttpResponse()
response.set_signed_cookie('c', value)
request = HttpRequest()
request.COOKIES['c'] = response.cookies['c'].value
self.assertEqual(request.get_signed_cookie('c'), value)
with freeze_time(123456800):
self.assertEqual(request.get_signed_cookie('c', max_age=12), value)
self.assertEqual(request.get_signed_cookie('c', max_age=11), value)
self.assertRaises(signing.SignatureExpired,
request.get_signed_cookie, 'c', max_age=10)
def test_timestamp_signer(self):
value = 'hello'
with freeze_time(123456789):
signer = signing.TimestampSigner('predictable-key')
ts = signer.sign(value)
self.assertNotEqual(ts,
signing.Signer('predictable-key').sign(value))
self.assertEqual(signer.unsign(ts), value)
with freeze_time(123456800):
self.assertEqual(signer.unsign(ts, max_age=12), value)
# max_age parameter can also accept a datetime.timedelta object
self.assertEqual(signer.unsign(ts, max_age=datetime.timedelta(seconds=11)), value)
self.assertRaises(signing.SignatureExpired, signer.unsign, ts, max_age=10)
def test_encrypt_decrypt(self):
key = 'cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4='
value = b'hello'
iv = b'0123456789abcdef'
data = (b'gAAAAAAdwJ6wMDEyMzQ1Njc4OWFiY2RlZjYYKxzJY4VTm9YIi4'
b'Pp6o_RvhRbEt-VW6a0zE-ys6tS1_2Xd2011mjXrVrMV0QfRA==')
with freeze_time(499162800):
fernet = Fernet(key)
self.assertEqual(data, fernet._encrypt_from_parts(value, iv))
self.assertEqual(value, fernet.decrypt(data, 60))
with freeze_time(123456789):
fernet = Fernet(key)
with self.assertRaises(signing.SignatureExpired):
fernet.decrypt(data, 60)
def test_encrypt_decrypt(self):
key = 'cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4='
value = b'hello'
iv = b'0123456789abcdef'
data = (b'gAAAAAAdwJ6wMDEyMzQ1Njc4OWFiY2RlZjYYKxzJY4VTm9YIi4'
b'Pp6o_RvhRbEt-VW6a0zE-ys6tS1_2Xd2011mjXrVrMV0QfRA==')
with freeze_time(499162800):
fernet = Fernet(key)
self.assertEqual(data, fernet._encrypt_from_parts(value, iv))
self.assertEqual(value, fernet.decrypt(data, 60))
with freeze_time(123456789):
fernet = Fernet(key)
with self.assertRaises(signing.SignatureExpired):
fernet.decrypt(data, 60)
def test_session_expires(req):
def view(request):
assert request.session.is_empty()
return HttpResponse()
with freeze_time(SESSION_EXPIRATION_SECONDS + 1):
handle_request(req, view, TEST_SESSION_DATA)
def setUp(self):
super().setUp()
self.compute_task_def = self._get_deserialized_compute_task_def(
kwargs={
'deadline': "2017-12-01 11:00:00",
'task_id': self._get_uuid(),
}, )
self.task_to_compute_timestamp = "2017-12-01 10:00:00"
self.task_to_compute = self._get_deserialized_task_to_compute(
timestamp=self.task_to_compute_timestamp,
compute_task_def=self.compute_task_def,
)
self.report_computed_task_timestamp = "2017-12-01 11:01:00"
self.report_computed_task = self._get_deserialized_report_computed_task(
timestamp=self.report_computed_task_timestamp,
task_to_compute=self.task_to_compute,
)
with freeze_time(self.task_to_compute_timestamp):
self.force_get_task_result = message.concents.ForceGetTaskResult(
report_computed_task=self.report_computed_task, )
self.provider_public_key = hex_to_bytes_convert(
self.task_to_compute.provider_public_key)
self.requestor_public_key = hex_to_bytes_convert(
self.task_to_compute.requestor_public_key)
def test_session_lasts_until_expiration(req):
def view(request):
assert request.session.get(TEST_SESSION_KEY) == TEST_SESSION_VALUE
return HttpResponse()
with freeze_time(SESSION_EXPIRATION_SECONDS - 1):
handle_request(req, view, TEST_SESSION_DATA)
def test_decryptor_invalid_token(self):
data = ('8000000000075bcd153031323334353637383961626364656629b930b1955'
'ddaec2d74fb4ff565d549d94cc75de940d1d25507f30763f05c412390d15d'
'a26bccee69f1b4543e75')
with freeze_time(123456789):
fernet = FernetBytes()
with self.assertRaises(InvalidToken):
fernet.decrypt(binascii.unhexlify(data))
def test_unpadder_invalid_token(self):
data = ('8000000000075bcd15303132333435363738396162636465660ecd40b0f64'
'8f001b78b5a77b334b40fbbff559444b3325233e71c24e53f6028116b0377'
'b910ebe5498396de36dee59b')
with freeze_time(123456789):
fernet = FernetBytes()
with self.assertRaises(InvalidToken):
fernet.decrypt(binascii.unhexlify(data))
def test_decryptor_invalid_token(self):
data = ('8000000000075bcd153031323334353637383961626364656629b930b1955'
'ddaec2d74fb4ff565d549d94cc75de940d1d25507f30763f05c412390d15d'
'a26bccee69f1b4543e75')
with freeze_time(123456789):
fernet = FernetBytes()
with self.assertRaises(InvalidToken):
fernet.decrypt(binascii.unhexlify(data))
def test_unpadder_invalid_token(self):
data = ('8000000000075bcd15303132333435363738396162636465660ecd40b0f64'
'8f001b78b5a77b334b40fbbff559444b3325233e71c24e53f6028116b0377'
'b910ebe5498396de36dee59b')
with freeze_time(123456789):
fernet = FernetBytes()
with self.assertRaises(InvalidToken):
fernet.decrypt(binascii.unhexlify(data))
def test_max_age_expiration(self):
"""Cookie will expire if max_age is provided."""
response = HttpResponse()
set_cookie_time = time.time()
with freeze_time(set_cookie_time):
response.set_cookie('max_age', max_age=10)
max_age_cookie = response.cookies['max_age']
self.assertEqual(max_age_cookie['max-age'], 10)
self.assertEqual(max_age_cookie['expires'], http_date(set_cookie_time + 10))
def test_fernet_signer(self):
value = b'hello'
with freeze_time(123456789):
signer = signing.FernetSigner('predictable-key')
ts = signer.sign(value)
self.assertEqual(signer.unsign(ts), value)
with freeze_time(123456800 + signing._MAX_CLOCK_SKEW):
self.assertEqual(signer.unsign(ts, ttl=12), value)
# max_age parameter can also accept a datetime.timedelta object
self.assertEqual(
signer.unsign(ts, ttl=datetime.timedelta(seconds=11)), value)
with self.assertRaises(signing.SignatureExpired):
signer.unsign(ts, ttl=10)
with freeze_time(123456778 - signing._MAX_CLOCK_SKEW):
with self.assertRaises(signing.SignatureExpired):
signer.unsign(ts, ttl=10)
def test_fernet_signer(self):
value = b'hello'
with freeze_time(123456789):
signer = signing.FernetSigner('predictable-key')
ts = signer.sign(value)
self.assertEqual(signer.unsign(ts), value)
with freeze_time(123456800 + signing._MAX_CLOCK_SKEW):
self.assertEqual(signer.unsign(ts, ttl=12), value)
# max_age parameter can also accept a datetime.timedelta object
self.assertEqual(
signer.unsign(ts, ttl=datetime.timedelta(seconds=11)), value)
with self.assertRaises(signing.SignatureExpired):
signer.unsign(ts, ttl=10)
with freeze_time(123456778 - signing._MAX_CLOCK_SKEW):
with self.assertRaises(signing.SignatureExpired):
signer.unsign(ts, ttl=10)
def test_max_age_expiration(self):
"Cookie will expire if max_age is provided"
response = HttpResponse()
set_cookie_time = time.time()
with freeze_time(set_cookie_time):
response.set_cookie('max_age', max_age=10)
max_age_cookie = response.cookies['max_age']
self.assertEqual(max_age_cookie['max-age'], 10)
self.assertEqual(max_age_cookie['expires'], cookie_date(set_cookie_time + 10))
def test_max_age_argument(self):
value = "hello"
with freeze_time(123456789):
response = HttpResponse()
response.set_signed_cookie("c", value)
request = HttpRequest()
request.COOKIES["c"] = response.cookies["c"].value
self.assertEqual(request.get_signed_cookie("c"), value)
with freeze_time(123456800):
self.assertEqual(request.get_signed_cookie("c", max_age=12), value)
self.assertEqual(request.get_signed_cookie("c", max_age=11), value)
self.assertEqual(
request.get_signed_cookie("c", max_age=timedelta(seconds=11)),
value)
with self.assertRaises(signing.SignatureExpired):
request.get_signed_cookie("c", max_age=10)
with self.assertRaises(signing.SignatureExpired):
request.get_signed_cookie("c", max_age=timedelta(seconds=10))
def test_encrypt_decrypt(self):
value = b'hello'
iv = b'0123456789abcdef'
data = ('8000000000075bcd153031323334353637383961626364656629b930b1955'
'ddaec2d74fb4ff565280abdc39baf116e80f116496cde9515bd7d938e5c74'
'd60bc186286e701ba4fb4004')
with freeze_time(123456789):
fernet = FernetBytes()
self.assertEqual(fernet._encrypt_from_parts(value, iv),
binascii.unhexlify(data))
self.assertEqual(fernet.decrypt(binascii.unhexlify(data)), value)
def test_encrypt_decrypt(self):
value = b'hello'
iv = b'0123456789abcdef'
data = ('8000000000075bcd153031323334353637383961626364656629b930b1955'
'ddaec2d74fb4ff565280abdc39baf116e80f116496cde9515bd7d938e5c74'
'd60bc186286e701ba4fb4004')
with freeze_time(123456789):
fernet = FernetBytes()
self.assertEqual(fernet._encrypt_from_parts(value, iv),
binascii.unhexlify(data))
self.assertEqual(fernet.decrypt(binascii.unhexlify(data)), value)
def test_session_activity_updates(req):
def view(request):
return HttpResponse()
request_time = 1000
with freeze_time(request_time):
handle_request(req, view, TEST_SESSION_DATA)
assert req.session[TEST_SESSION_KEY] == TEST_SESSION_VALUE
assert req.session[SESSION_EXPIRATION_KEY] == request_time
def test_max_age_expiration(self):
"Cookie will expire if max_age is provided"
response = HttpResponse()
set_cookie_time = time.time()
with freeze_time(set_cookie_time):
response.set_cookie('max_age', max_age=10)
max_age_cookie = response.cookies['max_age']
self.assertEqual(max_age_cookie['max-age'], 10)
# Django2.2 use http_date Django1.11 use cookie_date
self.assertIn(max_age_cookie['expires'],
(http_date(set_cookie_time + 10),
cookie_date(set_cookie_time + 10)))
