Merge pull request #3412 from mmerickel/remove-unencrypted-session-config

remove UnencryptedCookieSessionFactoryConfig and signed_(de)serialize
author: Michael Merickel <github@m.merickel.org> 2018-11-03 14:17:11 -0500
committer: GitHub <noreply@github.com> 2018-11-03 14:17:11 -0500
commit: 133db09d179c3f5afe7e02dc13ab6687517db5a1 (patch)
tree: 4f433ad0811495ced4900055426f5d9ac3c658f5 /tests/test_session.py
parent: fc67869fb2732e715905614af3f9a69d48aed644 (diff)
parent: 02caee917f1b629467942ae3112d10e13d03202a (diff)
download: pyramid-133db09d179c3f5afe7e02dc13ab6687517db5a1.tar.gz
pyramid-133db09d179c3f5afe7e02dc13ab6687517db5a1.tar.bz2
pyramid-133db09d179c3f5afe7e02dc13ab6687517db5a1.zip
1 files changed, 0 insertions, 173 deletions
diff --git a/tests/test_session.py b/tests/test_session.py
index 05c257e73..6f93864a5 100644
--- a/tests/test_session.py
+++ b/tests/test_session.py
@@ -524,94 +524,6 @@ class TestSignedCookieSession(SharedCookieSessionTests, unittest.TestCase):
         self.assertEqual(session, {})
 
 
-class TestUnencryptedCookieSession(
-    SharedCookieSessionTests, unittest.TestCase
-):
-    def setUp(self):
-        super(TestUnencryptedCookieSession, self).setUp()
-        from zope.deprecation import __show__
-
-        __show__.off()
-
-    def tearDown(self):
-        super(TestUnencryptedCookieSession, self).tearDown()
-        from zope.deprecation import __show__
-
-        __show__.on()
-
-    def _makeOne(self, request, **kw):
-        from pyramid.session import UnencryptedCookieSessionFactoryConfig
-
-        self._rename_cookie_var(kw, 'path', 'cookie_path')
-        self._rename_cookie_var(kw, 'domain', 'cookie_domain')
-        self._rename_cookie_var(kw, 'secure', 'cookie_secure')
-        self._rename_cookie_var(kw, 'httponly', 'cookie_httponly')
-        self._rename_cookie_var(kw, 'set_on_exception', 'cookie_on_exception')
-        return UnencryptedCookieSessionFactoryConfig('secret', **kw)(request)
-
-    def _rename_cookie_var(self, kw, src, dest):
-        if src in kw:
-            kw.setdefault(dest, kw.pop(src))
-
-    def _serialize(self, value):
-        from pyramid.compat import bytes_
-        from pyramid.session import signed_serialize
-
-        return bytes_(signed_serialize(value, 'secret'))
-
-    def test_serialize_option(self):
-        from pyramid.response import Response
-
-        secret = 'secret'
-        request = testing.DummyRequest()
-        session = self._makeOne(
-            request, signed_serialize=dummy_signed_serialize
-        )
-        session['key'] = 'value'
-        response = Response()
-        self.assertEqual(session._set_cookie(response), True)
-        cookie = response.headerlist[-1][1]
-        expected_cookieval = dummy_signed_serialize(
-            (session.accessed, session.created, {'key': 'value'}), secret
-        )
-        response = Response()
-        response.set_cookie('session', expected_cookieval, samesite='Lax')
-        expected_cookie = response.headerlist[-1][1]
-        self.assertEqual(cookie, expected_cookie)
-
-    def test_deserialize_option(self):
-        import time
-
-        secret = 'secret'
-        request = testing.DummyRequest()
-        accessed = time.time()
-        state = {'key': 'value'}
-        cookieval = dummy_signed_serialize((accessed, accessed, state), secret)
-        request.cookies['session'] = cookieval
-        session = self._makeOne(
-            request, signed_deserialize=dummy_signed_deserialize
-        )
-        self.assertEqual(dict(session), state)
-
-
-def dummy_signed_serialize(data, secret):
-    import base64
-    from pyramid.compat import pickle, bytes_
-
-    pickled = pickle.dumps(data)
-    return base64.b64encode(bytes_(secret)) + base64.b64encode(pickled)
-
-
-def dummy_signed_deserialize(serialized, secret):
-    import base64
-    from pyramid.compat import pickle, bytes_
-
-    serialized_data = base64.b64decode(
-        serialized[len(base64.b64encode(bytes_(secret))) :]
-    )
-    return pickle.loads(serialized_data)
-
-
 class Test_manage_accessed(unittest.TestCase):
     def _makeOne(self, wrapped):
         from pyramid.session import manage_accessed
@@ -669,91 +581,6 @@ class Test_manage_changed(unittest.TestCase):
         self.assertTrue(session._dirty)
 
 
-def serialize(data, secret):
-    import hmac
-    import base64
-    from hashlib import sha1
-    from pyramid.compat import bytes_
-    from pyramid.compat import native_
-    from pyramid.compat import pickle
-
-    pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)
-    sig = hmac.new(bytes_(secret, 'utf-8'), pickled, sha1).hexdigest()
-    return sig + native_(base64.b64encode(pickled))
-
-
-class Test_signed_serialize(unittest.TestCase):
-    def _callFUT(self, data, secret):
-        from pyramid.session import signed_serialize
-
-        return signed_serialize(data, secret)
-
-    def test_it(self):
-        expected = serialize('123', 'secret')
-        result = self._callFUT('123', 'secret')
-        self.assertEqual(result, expected)
-
-    def test_it_with_highorder_secret(self):
-        secret = b'\xce\xb1\xce\xb2\xce\xb3\xce\xb4'.decode('utf-8')
-        expected = serialize('123', secret)
-        result = self._callFUT('123', secret)
-        self.assertEqual(result, expected)
-
-    def test_it_with_latin1_secret(self):
-        secret = b'La Pe\xc3\xb1a'
-        expected = serialize('123', secret)
-        result = self._callFUT('123', secret.decode('latin-1'))
-        self.assertEqual(result, expected)
-
-
-class Test_signed_deserialize(unittest.TestCase):
-    def _callFUT(self, serialized, secret, hmac=None):
-        if hmac is None:
-            import hmac
-        from pyramid.session import signed_deserialize
-
-        return signed_deserialize(serialized, secret, hmac=hmac)
-
-    def test_it(self):
-        serialized = serialize('123', 'secret')
-        result = self._callFUT(serialized, 'secret')
-        self.assertEqual(result, '123')
-
-    def test_invalid_bits(self):
-        serialized = serialize('123', 'secret')
-        self.assertRaises(ValueError, self._callFUT, serialized, 'seekrit')
-
-    def test_invalid_len(self):
-        class hmac(object):
-            def new(self, *arg):
-                return self
-
-            def hexdigest(self):
-                return '1234'
-
-        serialized = serialize('123', 'secret123')
-        self.assertRaises(
-            ValueError, self._callFUT, serialized, 'secret', hmac=hmac()
-        )
-
-    def test_it_bad_encoding(self):
-        serialized = 'bad' + serialize('123', 'secret')
-        self.assertRaises(ValueError, self._callFUT, serialized, 'secret')
-
-    def test_it_with_highorder_secret(self):
-        secret = b'\xce\xb1\xce\xb2\xce\xb3\xce\xb4'.decode('utf-8')
-        serialized = serialize('123', secret)
-        result = self._callFUT(serialized, secret)
-        self.assertEqual(result, '123')
-
-    # bwcompat with pyramid <= 1.5b1 where latin1 is the default
-    def test_it_with_latin1_secret(self):
-        secret = b'La Pe\xc3\xb1a'
-        serialized = serialize('123', secret)
-        result = self._callFUT(serialized, secret.decode('latin-1'))
-        self.assertEqual(result, '123')
-
-
 class TestPickleSerializer(unittest.TestCase):
     def _makeOne(self):
         from pyramid.session import PickleSerializer
author	Michael Merickel <github@m.merickel.org>	2018-11-03 14:17:11 -0500
committer	GitHub <noreply@github.com>	2018-11-03 14:17:11 -0500
commit	133db09d179c3f5afe7e02dc13ab6687517db5a1 (patch)
tree	4f433ad0811495ced4900055426f5d9ac3c658f5 /tests/test_session.py
parent	fc67869fb2732e715905614af3f9a69d48aed644 (diff)
parent	02caee917f1b629467942ae3112d10e13d03202a (diff)
download	pyramid-133db09d179c3f5afe7e02dc13ab6687517db5a1.tar.gz pyramid-133db09d179c3f5afe7e02dc13ab6687517db5a1.tar.bz2 pyramid-133db09d179c3f5afe7e02dc13ab6687517db5a1.zip