mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-22 09:05:43 +00:00
Code Issues 25 Releases Wiki Activity

Refs #33199 -- Removed support for passing positional arguments to Signer/TimestampSigner.

Browse Source 
Per deprecation timeline.
This commit is contained in:
Mariusz Felisiak 2023-09-14 16:09:28 +02:00
parent 5e4c1793b7
commit 3a3e737694
4 changed files with 5 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
django/core/signing.py
View File

@ -37,12 +37,10 @@ import base64
import datetime import datetime
import json import json
import time import time
import warnings
import zlib import zlib
from django.conf import settings from django.conf import settings
from django.utils.crypto import constant_time_compare, salted_hmac from django.utils.crypto import constant_time_compare, salted_hmac
from django.utils.deprecation import RemovedInDjango51Warning
from django.utils.encoding import force_bytes from django.utils.encoding import force_bytes
from django.utils.module_loading import import_string from django.utils.module_loading import import_string
from django.utils.regex_helper import _lazy_re_compile from django.utils.regex_helper import _lazy_re_compile
@ -177,18 +175,8 @@ def loads(
class Signer: class Signer:
# RemovedInDjango51Warning: When the deprecation ends, replace with:
# def __init__(
# self, *, key=None, sep=":", salt=None, algorithm=None, fallback_keys=None
# ):
def __init__( def __init__(
self, self, *, key=None, sep=":", salt=None, algorithm=None, fallback_keys=None
*args,
key=None,
sep=":",
salt=None,
algorithm=None,
fallback_keys=None,
): ):
self.key = key or settings.SECRET_KEY self.key = key or settings.SECRET_KEY
self.fallback_keys = ( self.fallback_keys = (
@ -202,19 +190,6 @@ class Signer:
self.__class__.__name__, self.__class__.__name__,
) )
self.algorithm = algorithm or "sha256" self.algorithm = algorithm or "sha256"
# RemovedInDjango51Warning.
if args:
warnings.warn(
f"Passing positional arguments to {self.__class__.__name__} is "
f"deprecated.",
RemovedInDjango51Warning,
stacklevel=2,
)
for arg, attr in zip(
args, ["key", "sep", "salt", "algorithm", "fallback_keys"]
):
if arg or attr == "sep":
setattr(self, attr, arg)
if _SEP_UNSAFE.match(self.sep): if _SEP_UNSAFE.match(self.sep):
raise ValueError( raise ValueError(
"Unsafe Signer separator: %r (cannot be empty or consist of " "Unsafe Signer separator: %r (cannot be empty or consist of "

3
docs/releases/5.1.txt
View File

@ -277,3 +277,6 @@ to remove usage of these features.
* Support for passing encoded JSON string literals to ``JSONField`` and * Support for passing encoded JSON string literals to ``JSONField`` and
associated lookups and expressions is removed. associated lookups and expressions is removed.
* Support for passing positional arguments to ``Signer`` and
``TimestampSigner`` is removed.

8
docs/topics/signing.txt
View File

@ -120,10 +120,6 @@ generate signatures. You can use a different secret by passing it to the
of additional values used to validate signed data, defaults to of additional values used to validate signed data, defaults to
:setting:`SECRET_KEY_FALLBACKS`. :setting:`SECRET_KEY_FALLBACKS`.
.. deprecated:: 4.2
Support for passing positional arguments is deprecated.
Using the ``salt`` argument Using the ``salt`` argument
--------------------------- ---------------------------
@ -209,10 +205,6 @@ created within a specified period of time:
otherwise raises ``SignatureExpired``. The ``max_age`` parameter can otherwise raises ``SignatureExpired``. The ``max_age`` parameter can
accept an integer or a :py:class:`datetime.timedelta` object. accept an integer or a :py:class:`datetime.timedelta` object.
.. deprecated:: 4.2
Support for passing positional arguments is deprecated.
.. _signing-complex-data: .. _signing-complex-data:
Protecting complex data structures Protecting complex data structures

23
tests/signing/tests.py
View File

@ -2,9 +2,8 @@ import datetime
from django.core import signing from django.core import signing
from django.test import SimpleTestCase, override_settings from django.test import SimpleTestCase, override_settings
from django.test.utils import freeze_time, ignore_warnings from django.test.utils import freeze_time
from django.utils.crypto import InvalidAlgorithm from django.utils.crypto import InvalidAlgorithm
from django.utils.deprecation import RemovedInDjango51Warning
class TestSigner(SimpleTestCase): class TestSigner(SimpleTestCase):
@ -240,23 +239,3 @@ class TestBase62(SimpleTestCase):
tests = [-(10**10), 10**10, 1620378259, *range(-100, 100)] tests = [-(10**10), 10**10, 1620378259, *range(-100, 100)]
for i in tests: for i in tests:
self.assertEqual(i, signing.b62_decode(signing.b62_encode(i))) self.assertEqual(i, signing.b62_decode(signing.b62_encode(i)))
class SignerPositionalArgumentsDeprecationTests(SimpleTestCase):
def test_deprecation(self):
msg = "Passing positional arguments to Signer is deprecated."
with self.assertRaisesMessage(RemovedInDjango51Warning, msg):
signing.Signer("predictable-secret")
msg = "Passing positional arguments to TimestampSigner is deprecated."
with self.assertRaisesMessage(RemovedInDjango51Warning, msg):
signing.TimestampSigner("predictable-secret")
@ignore_warnings(category=RemovedInDjango51Warning)
def test_positional_arguments(self):
signer = signing.Signer("secret", "/", "somesalt", "sha1", ["oldsecret"])
signed = signer.sign("xyz")
self.assertEqual(signed, "xyz/zzdO_8rk-NGnm8jNasXRTF2P5kY")
self.assertEqual(signer.unsign(signed), "xyz")
old_signer = signing.Signer("oldsecret", "/", "somesalt", "sha1")
signed = old_signer.sign("xyz")
self.assertEqual(signer.unsign(signed), "xyz")