def test_pwned_password_fails(self, m):
validator = PWNEDPasswordValidator()
password = "******"
m.get(validator.url.format(password=password), status_code=200)
with self.assertRaises(ValidationError):
validator.validate(password)
def test_not_fail_safe_fails_on_rate_limit(self, m):
validator = PWNEDPasswordValidator()
password = "******"
m.get(validator.url.format(password=password), status_code=429)
with self.assertRaises(ValidationError):
validator.validate(password)
def test_not_fail_safe_redirect_fails(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash), status_code=301)
with self.assertRaises(ValidationError):
validator.validate(password)
def test_fail_safe_ignores_rate_limit(self, m):
validator = PWNEDPasswordValidator()
password = "******"
m.get(validator.url.format(password=password), status_code=429)
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_unpwned_password_succeeds(self, m):
validator = PWNEDPasswordValidator()
password = "******"
m.get(validator.url.format(password=password), status_code=404)
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_not_fail_safe_fails_on_rate_limit(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash), status_code=429)
with self.assertRaises(ValidationError):
validator.validate(password)
def test_custom_fail_safe_ignores_exceptions(self, m):
validator = PWNEDPasswordValidator()
password = "******"
m.get(validator.url.format(password=password),
exc=requests.exceptions.RequestException)
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_pwned_password_fails_multiline(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash),
status_code=200,
text=p_hash[5:] + ":6\n07A60BA364011AACB2F0470CC983FCA6AF5:1")
with self.assertRaises(ValidationError):
validator.validate(password)
def test_zero_results_succeeds(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash), status_code=404)
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_pwned_password_bad_response(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash),
status_code=200,
text="random test with no colons")
with self.assertRaises(ValidationError):
validator.validate(password)
def test_custom_fail_message(self, m):
validator = PWNEDPasswordValidator()
password = "******"
m.get(validator.url.format(password=password), status_code=500)
try:
validator.validate(password)
except ValidationError as e:
self.assertEqual(e.message, "failure")
return
self.fail("No exception was thrown")
def test_pwned_password_fails(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash),
status_code=200,
text=p_hash[5:] + ":1")
with self.assertRaises(ValidationError):
validator.validate(password)
def test_custom_fail_safe_ignores_exceptions(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash),
exc=requests.exceptions.RequestException)
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_custom_fail_message_timeout(self, m):
validator = PWNEDPasswordValidator()
password = "******"
m.get(validator.url.format(password=password),
exc=requests.exceptions.ConnectTimeout)
try:
validator.validate(password)
except ValidationError as e:
self.assertEqual(e.message, "failure")
return
self.fail("No exception was thrown")
def test_unpwned_password_succeeds(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash),
status_code=200,
text="07A60BA364011AACB2F0470CC983FCA6AF5:1")
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_not_fail_safe_unpwned_password_succeeds(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash),
status_code=200,
text=self.get_hash("notsecret")[5:] + ":1")
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_below_limit_password_passes(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash),
status_code=200,
text=p_hash[5:] + ":9")
try:
validator.validate(password)
except ValidationError:
self.fail("ValidationError was raised for valid password")
def test_custom_fail_message(self, m):
validator = PWNEDPasswordValidator()
password = "******"
p_hash = self.get_hash(password)
short_hash = p_hash.upper()[:5]
m.get(validator.url.format(short_hash=short_hash), status_code=500)
try:
validator.validate(password)
except ValidationError as e:
self.assertEqual(e.message, "failure")
return
self.fail("No exception was thrown")
