def test_47_verify_and_update(self):
cc = CryptContext(**self.sample_4_dict)
h1 = cc.handler('des_crypt').hash('password')
h2 = cc.handler('sha256_crypt').hash('password')
ok, new_hash = cc.verify_and_update('wrongpass', h1)
self.assertFalse(ok)
self.assertIs(new_hash, None)
ok, new_hash = cc.verify_and_update('wrongpass', h2)
self.assertFalse(ok)
self.assertIs(new_hash, None)
ok, new_hash = cc.verify_and_update('password', h1)
self.assertTrue(ok)
self.assertTrue(cc.identify(new_hash), 'sha256_crypt')
ok, new_hash = cc.verify_and_update('password', h2)
self.assertTrue(ok)
self.assertIs(new_hash, None)
cc = CryptContext(['des_crypt'])
hash = refhash = cc.hash('stub')
for secret, kwds in self.nonstring_vectors:
self.assertRaises(TypeError, cc.verify_and_update, secret, hash, **kwds)
self.assertEqual(cc.verify_and_update(secret, None), (False, None))
cc = CryptContext(['des_crypt'])
for hash, kwds in self.nonstring_vectors:
if hash is None:
continue
self.assertRaises(TypeError, cc.verify_and_update, 'secret', hash, **kwds)
self.assertRaises(KeyError, CryptContext().verify_and_update, 'secret', 'hash')
self.assertRaises(KeyError, cc.verify_and_update, 'secret', refhash, scheme='fake')
self.assertRaises(TypeError, cc.verify_and_update, 'secret', refhash, scheme=1)
self.assertRaises(TypeError, cc.verify_and_update, 'secret', refhash, category=1)
return
def test_48_context_kwds(self):
from otp.ai.passlib.hash import des_crypt, md5_crypt, postgres_md5
des_hash = des_crypt.hash('stub')
pg_root_hash = postgres_md5.hash('stub', user='******')
pg_admin_hash = postgres_md5.hash('stub', user='******')
cc1 = CryptContext([des_crypt, md5_crypt])
self.assertEqual(cc1.context_kwds, set())
self.assertTrue(des_crypt.identify(cc1.hash('stub')), 'des_crypt')
self.assertTrue(cc1.verify('stub', des_hash))
self.assertEqual(cc1.verify_and_update('stub', des_hash), (True, None))
with self.assertWarningList(['passing settings to.*is deprecated']):
self.assertRaises(TypeError, cc1.hash, 'stub', user='******')
self.assertRaises(TypeError, cc1.verify, 'stub', des_hash, user='******')
self.assertRaises(TypeError, cc1.verify_and_update, 'stub', des_hash, user='******')
cc2 = CryptContext([des_crypt, postgres_md5])
self.assertEqual(cc2.context_kwds, set(['user']))
self.assertTrue(des_crypt.identify(cc2.hash('stub')), 'des_crypt')
self.assertTrue(cc2.verify('stub', des_hash))
self.assertEqual(cc2.verify_and_update('stub', des_hash), (True, None))
self.assertTrue(des_crypt.identify(cc2.hash('stub', user='******')), 'des_crypt')
self.assertTrue(cc2.verify('stub', des_hash, user='******'))
self.assertEqual(cc2.verify_and_update('stub', des_hash, user='******'), (True, None))
with self.assertWarningList(['passing settings to.*is deprecated']):
self.assertRaises(TypeError, cc2.hash, 'stub', badkwd='root')
self.assertRaises(TypeError, cc2.verify, 'stub', des_hash, badkwd='root')
self.assertRaises(TypeError, cc2.verify_and_update, 'stub', des_hash, badkwd='root')
cc3 = CryptContext([postgres_md5, des_crypt], deprecated='auto')
self.assertEqual(cc3.context_kwds, set(['user']))
self.assertRaises(TypeError, cc3.hash, 'stub')
self.assertRaises(TypeError, cc3.verify, 'stub', pg_root_hash)
self.assertRaises(TypeError, cc3.verify_and_update, 'stub', pg_root_hash)
self.assertEqual(cc3.hash('stub', user='******'), pg_root_hash)
self.assertTrue(cc3.verify('stub', pg_root_hash, user='******'))
self.assertEqual(cc3.verify_and_update('stub', pg_root_hash, user='******'), (True, None))
self.assertEqual(cc3.verify_and_update('stub', pg_root_hash, user='******'), (False, None))
self.assertEqual(cc3.verify_and_update('stub', des_hash, user='******'), (
True, pg_root_hash))
return
