1
0
mirror of https://github.com/django/django.git synced 2024-12-22 00:55:44 +00:00

Refs #33199 -- Removed support for passing positional arguments to Signer/TimestampSigner.

Per deprecation timeline.
This commit is contained in:
Mariusz Felisiak 2023-09-14 16:09:28 +02:00
parent 5e4c1793b7
commit 3a3e737694
4 changed files with 5 additions and 56 deletions

View File

@ -37,12 +37,10 @@ import base64
import datetime
import json
import time
import warnings
import zlib
from django.conf import settings
from django.utils.crypto import constant_time_compare, salted_hmac
from django.utils.deprecation import RemovedInDjango51Warning
from django.utils.encoding import force_bytes
from django.utils.module_loading import import_string
from django.utils.regex_helper import _lazy_re_compile
@ -177,18 +175,8 @@ def loads(
class Signer:
# RemovedInDjango51Warning: When the deprecation ends, replace with:
# def __init__(
# self, *, key=None, sep=":", salt=None, algorithm=None, fallback_keys=None
# ):
def __init__(
self,
*args,
key=None,
sep=":",
salt=None,
algorithm=None,
fallback_keys=None,
self, *, key=None, sep=":", salt=None, algorithm=None, fallback_keys=None
):
self.key = key or settings.SECRET_KEY
self.fallback_keys = (
@ -202,19 +190,6 @@ class Signer:
self.__class__.__name__,
)
self.algorithm = algorithm or "sha256"
# RemovedInDjango51Warning.
if args:
warnings.warn(
f"Passing positional arguments to {self.__class__.__name__} is "
f"deprecated.",
RemovedInDjango51Warning,
stacklevel=2,
)
for arg, attr in zip(
args, ["key", "sep", "salt", "algorithm", "fallback_keys"]
):
if arg or attr == "sep":
setattr(self, attr, arg)
if _SEP_UNSAFE.match(self.sep):
raise ValueError(
"Unsafe Signer separator: %r (cannot be empty or consist of "

View File

@ -277,3 +277,6 @@ to remove usage of these features.
* Support for passing encoded JSON string literals to ``JSONField`` and
associated lookups and expressions is removed.
* Support for passing positional arguments to ``Signer`` and
``TimestampSigner`` is removed.

View File

@ -120,10 +120,6 @@ generate signatures. You can use a different secret by passing it to the
of additional values used to validate signed data, defaults to
:setting:`SECRET_KEY_FALLBACKS`.
.. deprecated:: 4.2
Support for passing positional arguments is deprecated.
Using the ``salt`` argument
---------------------------
@ -209,10 +205,6 @@ created within a specified period of time:
otherwise raises ``SignatureExpired``. The ``max_age`` parameter can
accept an integer or a :py:class:`datetime.timedelta` object.
.. deprecated:: 4.2
Support for passing positional arguments is deprecated.
.. _signing-complex-data:
Protecting complex data structures

View File

@ -2,9 +2,8 @@ import datetime
from django.core import signing
from django.test import SimpleTestCase, override_settings
from django.test.utils import freeze_time, ignore_warnings
from django.test.utils import freeze_time
from django.utils.crypto import InvalidAlgorithm
from django.utils.deprecation import RemovedInDjango51Warning
class TestSigner(SimpleTestCase):
@ -240,23 +239,3 @@ class TestBase62(SimpleTestCase):
tests = [-(10**10), 10**10, 1620378259, *range(-100, 100)]
for i in tests:
self.assertEqual(i, signing.b62_decode(signing.b62_encode(i)))
class SignerPositionalArgumentsDeprecationTests(SimpleTestCase):
def test_deprecation(self):
msg = "Passing positional arguments to Signer is deprecated."
with self.assertRaisesMessage(RemovedInDjango51Warning, msg):
signing.Signer("predictable-secret")
msg = "Passing positional arguments to TimestampSigner is deprecated."
with self.assertRaisesMessage(RemovedInDjango51Warning, msg):
signing.TimestampSigner("predictable-secret")
@ignore_warnings(category=RemovedInDjango51Warning)
def test_positional_arguments(self):
signer = signing.Signer("secret", "/", "somesalt", "sha1", ["oldsecret"])
signed = signer.sign("xyz")
self.assertEqual(signed, "xyz/zzdO_8rk-NGnm8jNasXRTF2P5kY")
self.assertEqual(signer.unsign(signed), "xyz")
old_signer = signing.Signer("oldsecret", "/", "somesalt", "sha1")
signed = old_signer.sign("xyz")
self.assertEqual(signer.unsign(signed), "xyz")