0001-paybox-improve-shared_secret-validation-49822.patch
eopayment/paybox.py | ||
---|---|---|
253 | 253 |
'name': 'shared_secret', |
254 | 254 |
'caption': 'Secret partagé (clé HMAC)', |
255 | 255 |
'validation': lambda x: isinstance(x, str) |
256 |
and all(a.lower() in '0123456789abcdef' for a in x), |
|
256 |
and all(a.lower() in '0123456789abcdef' for a in x) and (len(x) % 2 == 0),
|
|
257 | 257 |
'required': True, |
258 | 258 |
}, |
259 | 259 |
{ |
tests/test_paybox.py | ||
---|---|---|
25 | 25 |
from six.moves.urllib import parse as urllib |
26 | 26 |
from xml.etree import ElementTree as ET |
27 | 27 | |
28 |
import pytest |
|
29 | ||
28 | 30 |
import eopayment.paybox as paybox |
29 | 31 |
import eopayment |
30 | 32 | |
... | ... | |
359 | 361 |
if node.attrib['type'] == 'hidden')) |
360 | 362 |
self.assertIn('PBX_AUTOSEULE', form_params) |
361 | 363 |
self.assertEqual(form_params['PBX_AUTOSEULE'], 'O') |
364 | ||
365 | ||
366 |
@pytest.mark.parametrize('name,value,result', [ |
|
367 |
('shared_secret', '1f', True), |
|
368 |
('shared_secret', '1fxx', False), |
|
369 |
('shared_secret', '1fa', False), |
|
370 |
('shared_secret', '1fa2', True), |
|
371 |
]) |
|
372 |
def test_param_validation(name, value, result): |
|
373 |
for param in paybox.Payment.description['parameters']: |
|
374 |
if param['name'] == name: |
|
375 |
assert param['validation'](value) is result |
|
376 |
break |
|
377 |
else: |
|
378 |
assert False, 'param %s not found' % name |
|
362 |
- |