mirror of
				https://github.com/django/django.git
				synced 2025-10-24 22:26:08 +00:00 
			
		
		
		
	Refs #31359 -- Made get_random_string()'s length argument required.
Per deprecation timeline.
This commit is contained in:
		| @@ -4,10 +4,8 @@ Django's standard crypto functions and utilities. | |||||||
| import hashlib | import hashlib | ||||||
| import hmac | import hmac | ||||||
| import secrets | import secrets | ||||||
| import warnings |  | ||||||
|  |  | ||||||
| from django.conf import settings | from django.conf import settings | ||||||
| from django.utils.deprecation import RemovedInDjango40Warning |  | ||||||
| from django.utils.encoding import force_bytes | from django.utils.encoding import force_bytes | ||||||
|  |  | ||||||
|  |  | ||||||
| @@ -46,13 +44,10 @@ def salted_hmac(key_salt, value, secret=None, *, algorithm='sha1'): | |||||||
|     return hmac.new(key, msg=force_bytes(value), digestmod=hasher) |     return hmac.new(key, msg=force_bytes(value), digestmod=hasher) | ||||||
|  |  | ||||||
|  |  | ||||||
| NOT_PROVIDED = object()  # RemovedInDjango40Warning. |  | ||||||
| RANDOM_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' | RANDOM_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' | ||||||
|  |  | ||||||
|  |  | ||||||
| # RemovedInDjango40Warning: when the deprecation ends, replace with: | def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS): | ||||||
| #   def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS): |  | ||||||
| def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS): |  | ||||||
|     """ |     """ | ||||||
|     Return a securely generated random string. |     Return a securely generated random string. | ||||||
|  |  | ||||||
| @@ -63,12 +58,6 @@ def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS): | |||||||
|       * length: 12, bit length =~ 71 bits |       * length: 12, bit length =~ 71 bits | ||||||
|       * length: 22, bit length =~ 131 bits |       * length: 22, bit length =~ 131 bits | ||||||
|     """ |     """ | ||||||
|     if length is NOT_PROVIDED: |  | ||||||
|         warnings.warn( |  | ||||||
|             'Not providing a length argument is deprecated.', |  | ||||||
|             RemovedInDjango40Warning, |  | ||||||
|         ) |  | ||||||
|         length = 12 |  | ||||||
|     return ''.join(secrets.choice(allowed_chars) for i in range(length)) |     return ''.join(secrets.choice(allowed_chars) for i in range(length)) | ||||||
|  |  | ||||||
|  |  | ||||||
|   | |||||||
| @@ -302,6 +302,9 @@ to remove usage of these features. | |||||||
|  |  | ||||||
| * The ``providing_args`` argument for ``django.dispatch.Signal`` is removed. | * The ``providing_args`` argument for ``django.dispatch.Signal`` is removed. | ||||||
|  |  | ||||||
|  | * The ``length`` argument for ``django.utils.crypto.get_random_string()`` is | ||||||
|  |   required. | ||||||
|  |  | ||||||
| * The ``list`` message for ``ModelMultipleChoiceField`` is removed. | * The ``list`` message for ``ModelMultipleChoiceField`` is removed. | ||||||
|  |  | ||||||
| * Support for passing raw column aliases to ``QuerySet.order_by()`` is removed. | * Support for passing raw column aliases to ``QuerySet.order_by()`` is removed. | ||||||
|   | |||||||
| @@ -1,12 +1,10 @@ | |||||||
| import hashlib | import hashlib | ||||||
| import unittest | import unittest | ||||||
|  |  | ||||||
| from django.test import SimpleTestCase, ignore_warnings | from django.test import SimpleTestCase | ||||||
| from django.utils.crypto import ( | from django.utils.crypto import ( | ||||||
|     InvalidAlgorithm, constant_time_compare, get_random_string, pbkdf2, |     InvalidAlgorithm, constant_time_compare, pbkdf2, salted_hmac, | ||||||
|     salted_hmac, |  | ||||||
| ) | ) | ||||||
| from django.utils.deprecation import RemovedInDjango40Warning |  | ||||||
|  |  | ||||||
|  |  | ||||||
| class TestUtilsCryptoMisc(SimpleTestCase): | class TestUtilsCryptoMisc(SimpleTestCase): | ||||||
| @@ -185,14 +183,3 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase): | |||||||
|     def test_default_hmac_alg(self): |     def test_default_hmac_alg(self): | ||||||
|         kwargs = {'password': b'password', 'salt': b'salt', 'iterations': 1, 'dklen': 20} |         kwargs = {'password': b'password', 'salt': b'salt', 'iterations': 1, 'dklen': 20} | ||||||
|         self.assertEqual(pbkdf2(**kwargs), hashlib.pbkdf2_hmac(hash_name=hashlib.sha256().name, **kwargs)) |         self.assertEqual(pbkdf2(**kwargs), hashlib.pbkdf2_hmac(hash_name=hashlib.sha256().name, **kwargs)) | ||||||
|  |  | ||||||
|  |  | ||||||
| class DeprecationTests(SimpleTestCase): |  | ||||||
|     @ignore_warnings(category=RemovedInDjango40Warning) |  | ||||||
|     def test_get_random_string(self): |  | ||||||
|         self.assertEqual(len(get_random_string()), 12) |  | ||||||
|  |  | ||||||
|     def test_get_random_string_warning(self): |  | ||||||
|         msg = 'Not providing a length argument is deprecated.' |  | ||||||
|         with self.assertRaisesMessage(RemovedInDjango40Warning, msg): |  | ||||||
|             get_random_string() |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user