def test_service_creation_ratelimiters(self, monkeypatch): crypt_context_obj = pretend.stub() crypt_context_cls = pretend.call_recorder( lambda **kwargs: crypt_context_obj) monkeypatch.setattr(services, "CryptContext", crypt_context_cls) ratelimiters = {"user": pretend.stub(), "global": pretend.stub()} session = pretend.stub() service = services.DatabaseUserService(session, metrics=NullMetrics(), ratelimiters=ratelimiters) assert service.db is session assert service.ratelimiters == ratelimiters assert service.hasher is crypt_context_obj assert crypt_context_cls.calls == [ pretend.call( schemes=[ "argon2", "bcrypt_sha256", "bcrypt", "django_bcrypt", "unix_disabled", ], deprecated=["auto"], truncate_error=True, argon2__memory_cost=1024, argon2__parallelism=6, argon2__time_cost=6, ) ]
def test_success(self, password, prefix, expected, dataset): response = pretend.stub(text=dataset, raise_for_status=lambda: None) session = pretend.stub(get=pretend.call_recorder(lambda url: response)) svc = services.HaveIBeenPwnedPasswordBreachedService( session=session, metrics=NullMetrics()) assert svc.check_password(password) == expected assert session.get.calls == [ pretend.call(f"https://api.pwnedpasswords.com/range/{prefix}") ]
def test_failure_message(self, help_url, expected): context = pretend.stub() request = pretend.stub( http=pretend.stub(), find_service=lambda iface, context: { (IMetricsService, None): NullMetrics() }[(iface, context)], help_url=lambda _anchor=None: help_url, ) svc = services.hibp_password_breach_factory(context, request) assert svc.failure_message == expected
def test_failure_message_plain(self, help_url, expected): context = pretend.stub() request = pretend.stub( http=pretend.stub(), find_service=lambda iface, context: { (IMetricsService, None): NullMetrics() }[(iface, context)], help_url=lambda _anchor=None: help_url, ) svc = services.HaveIBeenPwnedPasswordBreachedService.create_service( context, request) assert svc.failure_message_plain == expected
def test_http_failure(self): @pretend.call_recorder def raiser(): raise requests.RequestException() response = pretend.stub(raise_for_status=raiser) session = pretend.stub(get=lambda url: response) svc = services.HaveIBeenPwnedPasswordBreachedService( session=session, metrics=NullMetrics()) assert not svc.check_password("my password") assert raiser.calls
def test_factory(self): context = pretend.stub() request = pretend.stub( http=pretend.stub(), find_service=lambda iface, context: { (IMetricsService, None): NullMetrics() }[(iface, context)], help_url=lambda _anchor=None: f"http://localhost/help/#{_anchor}", ) svc = services.hibp_password_breach_factory(context, request) assert svc._http is request.http assert isinstance(svc._metrics, NullMetrics) assert svc._help_url == "http://localhost/help/#compromised-password"
def test_failure(self): class AnError(Exception): pass def raiser(): raise AnError response = pretend.stub(raise_for_status=raiser) session = pretend.stub(get=lambda url: response) svc = services.HaveIBeenPwnedPasswordBreachedService( session=session, metrics=NullMetrics()) with pytest.raises(AnError): svc.check_password("my password")