mirror of
https://github.com/django/django.git
synced 2025-10-24 14:16:09 +00:00
Refs #31359 -- Made get_random_string()'s length argument required.
Per deprecation timeline.
This commit is contained in:
@@ -4,10 +4,8 @@ Django's standard crypto functions and utilities.
|
||||
import hashlib
|
||||
import hmac
|
||||
import secrets
|
||||
import warnings
|
||||
|
||||
from django.conf import settings
|
||||
from django.utils.deprecation import RemovedInDjango40Warning
|
||||
from django.utils.encoding import force_bytes
|
||||
|
||||
|
||||
@@ -46,13 +44,10 @@ def salted_hmac(key_salt, value, secret=None, *, algorithm='sha1'):
|
||||
return hmac.new(key, msg=force_bytes(value), digestmod=hasher)
|
||||
|
||||
|
||||
NOT_PROVIDED = object() # RemovedInDjango40Warning.
|
||||
RANDOM_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
|
||||
|
||||
|
||||
# RemovedInDjango40Warning: when the deprecation ends, replace with:
|
||||
# def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
|
||||
def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
|
||||
def get_random_string(length, allowed_chars=RANDOM_STRING_CHARS):
|
||||
"""
|
||||
Return a securely generated random string.
|
||||
|
||||
@@ -63,12 +58,6 @@ def get_random_string(length=NOT_PROVIDED, allowed_chars=RANDOM_STRING_CHARS):
|
||||
* length: 12, bit length =~ 71 bits
|
||||
* length: 22, bit length =~ 131 bits
|
||||
"""
|
||||
if length is NOT_PROVIDED:
|
||||
warnings.warn(
|
||||
'Not providing a length argument is deprecated.',
|
||||
RemovedInDjango40Warning,
|
||||
)
|
||||
length = 12
|
||||
return ''.join(secrets.choice(allowed_chars) for i in range(length))
|
||||
|
||||
|
||||
|
@@ -302,6 +302,9 @@ to remove usage of these features.
|
||||
|
||||
* The ``providing_args`` argument for ``django.dispatch.Signal`` is removed.
|
||||
|
||||
* The ``length`` argument for ``django.utils.crypto.get_random_string()`` is
|
||||
required.
|
||||
|
||||
* The ``list`` message for ``ModelMultipleChoiceField`` is removed.
|
||||
|
||||
* Support for passing raw column aliases to ``QuerySet.order_by()`` is removed.
|
||||
|
@@ -1,12 +1,10 @@
|
||||
import hashlib
|
||||
import unittest
|
||||
|
||||
from django.test import SimpleTestCase, ignore_warnings
|
||||
from django.test import SimpleTestCase
|
||||
from django.utils.crypto import (
|
||||
InvalidAlgorithm, constant_time_compare, get_random_string, pbkdf2,
|
||||
salted_hmac,
|
||||
InvalidAlgorithm, constant_time_compare, pbkdf2, salted_hmac,
|
||||
)
|
||||
from django.utils.deprecation import RemovedInDjango40Warning
|
||||
|
||||
|
||||
class TestUtilsCryptoMisc(SimpleTestCase):
|
||||
@@ -185,14 +183,3 @@ class TestUtilsCryptoPBKDF2(unittest.TestCase):
|
||||
def test_default_hmac_alg(self):
|
||||
kwargs = {'password': b'password', 'salt': b'salt', 'iterations': 1, 'dklen': 20}
|
||||
self.assertEqual(pbkdf2(**kwargs), hashlib.pbkdf2_hmac(hash_name=hashlib.sha256().name, **kwargs))
|
||||
|
||||
|
||||
class DeprecationTests(SimpleTestCase):
|
||||
@ignore_warnings(category=RemovedInDjango40Warning)
|
||||
def test_get_random_string(self):
|
||||
self.assertEqual(len(get_random_string()), 12)
|
||||
|
||||
def test_get_random_string_warning(self):
|
||||
msg = 'Not providing a length argument is deprecated.'
|
||||
with self.assertRaisesMessage(RemovedInDjango40Warning, msg):
|
||||
get_random_string()
|
||||
|
Reference in New Issue
Block a user