def test_different_hashalg(sessionmaker):
settings = sessionmaker.settings
delattr(sessionmaker, "settings")
settings["hashalg"] = hashlib.md5
sessionmaker.configure(**settings)
session = sessionmaker()
cookie = session.save()
session_id = session._get_session_id_from_cookie()
val = base64.b64decode(str(cookie).split(";")[0][20:])
sig, data = val[:32], val[32:]
sig_key = session.sig_key
assert authenticate_data(data, sig_key, hashlib.md5) == sig
old_session = sessionmaker(str(cookie))
assert old_session.session_id == session_id
def value_encode(self, val):
orig_val = val
log.debug("Value to encode: %s" % str(val))
val = self.serializer.dumps(val)
sig = authenticate_data(val, self.sig_key, self.hashalg)
return orig_val, base64.b64encode(b"{0}{1}".format(sig, val))
def authed(request):
"""Authenticate a test value and return the pair (testval, signature)."""
testval = request.param
return testval, authenticate_data(testval, test_sig_key, hashlib.sha256)
def test_authentication_key_type_check():
with pytest.raises(TypeError):
authenticate_data("", unicode("0"), hashlib.sha256)
