import os

from django.contrib.auth import validators

from django.contrib.auth.models import User

from django.contrib.auth.password_validation import (

    CommonPasswordValidator,

    MinimumLengthValidator,

    NumericPasswordValidator,

    UserAttributeSimilarityValidator,

    get_default_password_validators,

    get_password_validators,

    password_changed,

    password_validators_help_text_html,

    password_validators_help_texts,

    validate_password,

)

from django.core.exceptions import ValidationError

from django.db import models

from django.test import SimpleTestCase, TestCase, override_settings

from django.test.utils import isolate_apps

from django.utils.html import conditional_escape

@override_settings(

    AUTH_PASSWORD_VALIDATORS=[

        {"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},

        {

            "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",

            "OPTIONS": {

                "min_length": 12,

            },

        },

    ]

)

class PasswordValidationTest(SimpleTestCase):

    def test_get_default_password_validators(self):

        validators = get_default_password_validators()

        self.assertEqual(len(validators), 2)

        self.assertEqual(validators[0].__class__.__name__, "CommonPasswordValidator")

        self.assertEqual(validators[1].__class__.__name__, "MinimumLengthValidator")

        self.assertEqual(validators[1].min_length, 12)

    def test_get_password_validators_custom(self):

        validator_config = [

            {"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"}

        ]

        validators = get_password_validators(validator_config)

        self.assertEqual(len(validators), 1)

        self.assertEqual(validators[0].__class__.__name__, "CommonPasswordValidator")

        self.assertEqual(get_password_validators([]), [])

    def test_validate_password(self):

        self.assertIsNone(validate_password("sufficiently-long"))

        msg_too_short = (

            "This password is too short. It must contain at least 12 characters."

        )

        with self.assertRaises(ValidationError) as cm:

            validate_password("django4242")

        self.assertEqual(cm.exception.messages, [msg_too_short])

        self.assertEqual(cm.exception.error_list[0].code, "password_too_short")

        with self.assertRaises(ValidationError) as cm:

            validate_password("password")

        self.assertEqual(

            cm.exception.messages, ["This password is too common.", msg_too_short]

        )

        self.assertEqual(cm.exception.error_list[0].code, "password_too_common")

        self.assertIsNone(validate_password("password", password_validators=[]))

    def test_password_changed(self):

        self.assertIsNone(password_changed("password"))

    def test_password_changed_with_custom_validator(self):

        class Validator:

            def password_changed(self, password, user):

                self.password = password

                self.user = user

        user = object()

        validator = Validator()

        password_changed("password", user=user, password_validators=(validator,))

        self.assertIs(validator.user, user)

        self.assertEqual(validator.password, "password")

    def test_password_validators_help_texts(self):

        help_texts = password_validators_help_texts()

        self.assertEqual(len(help_texts), 2)

        self.assertIn("12 characters", help_texts[1])

        self.assertEqual(password_validators_help_texts(password_validators=[]), [])

    def test_password_validators_help_text_html(self):

        help_text = password_validators_help_text_html()

        self.assertEqual(help_text.count("<li>"), 2)

        self.assertIn("12 characters", help_text)

    def test_password_validators_help_text_html_escaping(self):

        class AmpersandValidator:

            def get_help_text(self):

                return "Must contain &"

        help_text = password_validators_help_text_html([AmpersandValidator()])

        self.assertEqual(help_text, "<ul><li>Must contain &amp;</li></ul>")

        # help_text is marked safe and therefore unchanged by conditional_escape().

        self.assertEqual(help_text, conditional_escape(help_text))

    @override_settings(AUTH_PASSWORD_VALIDATORS=[])

    def test_empty_password_validator_help_text_html(self):

        self.assertEqual(password_validators_help_text_html(), "")

class MinimumLengthValidatorTest(SimpleTestCase):

    def test_validate(self):

        expected_error = (

            "This password is too short. It must contain at least %d characters."

        )

        self.assertIsNone(MinimumLengthValidator().validate("12345678"))

        self.assertIsNone(MinimumLengthValidator(min_length=3).validate("123"))

        with self.assertRaises(ValidationError) as cm:

            MinimumLengthValidator().validate("1234567")

        self.assertEqual(cm.exception.messages, [expected_error % 8])

        self.assertEqual(cm.exception.error_list[0].code, "password_too_short")

        with self.assertRaises(ValidationError) as cm:

            MinimumLengthValidator(min_length=3).validate("12")

        self.assertEqual(cm.exception.messages, [expected_error % 3])

    def test_help_text(self):

        self.assertEqual(

            MinimumLengthValidator().get_help_text(),

            "Your password must contain at least 8 characters.",

        )

class UserAttributeSimilarityValidatorTest(TestCase):

    def test_validate(self):

        user = User.objects.create_user(

            username="testclient",

            password="password",

            email="[email protected]",

            first_name="Test",

            last_name="Client",

        )

        expected_error = "The password is too similar to the %s."

        self.assertIsNone(UserAttributeSimilarityValidator().validate("testclient"))

        with self.assertRaises(ValidationError) as cm:

            UserAttributeSimilarityValidator().validate("testclient", user=user),

        self.assertEqual(cm.exception.messages, [expected_error % "username"])

        self.assertEqual(cm.exception.error_list[0].code, "password_too_similar")

        with self.assertRaises(ValidationError) as cm:

            UserAttributeSimilarityValidator().validate("example.com", user=user),

        self.assertEqual(cm.exception.messages, [expected_error % "email address"])

        with self.assertRaises(ValidationError) as cm:

            UserAttributeSimilarityValidator(

                user_attributes=["first_name"],

                max_similarity=0.3,

            ).validate("testclient", user=user)

        self.assertEqual(cm.exception.messages, [expected_error % "first name"])

        # max_similarity=1 doesn't allow passwords that are identical to the

        # attribute's value.

        with self.assertRaises(ValidationError) as cm:

            UserAttributeSimilarityValidator(

                user_attributes=["first_name"],

                max_similarity=1,

            ).validate(user.first_name, user=user)

        self.assertEqual(cm.exception.messages, [expected_error % "first name"])

        # Very low max_similarity is rejected.

        msg = "max_similarity must be at least 0.1"

        with self.assertRaisesMessage(ValueError, msg):

            UserAttributeSimilarityValidator(max_similarity=0.09)

        # Passes validation.

        self.assertIsNone(

            UserAttributeSimilarityValidator(user_attributes=["first_name"]).validate(

                "testclient", user=user

            )

        )

    @isolate_apps("auth_tests")

    def test_validate_property(self):

        class TestUser(models.Model):

            pass

            @property

            def username(self):

                return "foobar"

        with self.assertRaises(ValidationError) as cm:

            UserAttributeSimilarityValidator().validate("foobar", user=TestUser()),

        self.assertEqual(

            cm.exception.messages, ["The password is too similar to the username."]

        )

    def test_help_text(self):

        self.assertEqual(

            UserAttributeSimilarityValidator().get_help_text(),

            "Your password can’t be too similar to your other personal information.",

        )

class CommonPasswordValidatorTest(SimpleTestCase):

    def test_validate(self):

        expected_error = "This password is too common."

        self.assertIsNone(CommonPasswordValidator().validate("a-safe-password"))

        with self.assertRaises(ValidationError) as cm:

            CommonPasswordValidator().validate("godzilla")

        self.assertEqual(cm.exception.messages, [expected_error])

    def test_validate_custom_list(self):

        path = os.path.join(

            os.path.dirname(os.path.realpath(__file__)), "common-passwords-custom.txt"

        )

        validator = CommonPasswordValidator(password_list_path=path)

        expected_error = "This password is too common."

        self.assertIsNone(validator.validate("a-safe-password"))

        with self.assertRaises(ValidationError) as cm:

            validator.validate("from-my-custom-list")

        self.assertEqual(cm.exception.messages, [expected_error])

        self.assertEqual(cm.exception.error_list[0].code, "password_too_common")

    def test_validate_django_supplied_file(self):

        validator = CommonPasswordValidator()

        for password in validator.passwords:

            self.assertEqual(password, password.lower())

    def test_help_text(self):

        self.assertEqual(

            CommonPasswordValidator().get_help_text(),

            "Your password can’t be a commonly used password.",

        )

class NumericPasswordValidatorTest(SimpleTestCase):

    def test_validate(self):

        expected_error = "This password is entirely numeric."

        self.assertIsNone(NumericPasswordValidator().validate("a-safe-password"))

        with self.assertRaises(ValidationError) as cm:

            NumericPasswordValidator().validate("42424242")

        self.assertEqual(cm.exception.messages, [expected_error])

        self.assertEqual(cm.exception.error_list[0].code, "password_entirely_numeric")

    def test_help_text(self):

        self.assertEqual(

            NumericPasswordValidator().get_help_text(),

            "Your password can’t be entirely numeric.",

        )

class UsernameValidatorsTests(SimpleTestCase):

    def test_unicode_validator(self):

        valid_usernames = ["joe", "René", "ᴮᴵᴳᴮᴵᴿᴰ", "أحمد"]

        invalid_usernames = [

            "o'connell",

            "عبد ال",

            "zerowidth\u200Bspace",

            "nonbreaking\u00A0space",

            "en\u2013dash",

            "trailingnewline\u000A",

        ]

        v = validators.UnicodeUsernameValidator()

        for valid in valid_usernames:

            with self.subTest(valid=valid):

                v(valid)

        for invalid in invalid_usernames:

            with self.subTest(invalid=invalid):

                with self.assertRaises(ValidationError):

                    v(invalid)

    def test_ascii_validator(self):

        valid_usernames = ["glenn", "GLEnN", "jean-marc"]

        invalid_usernames = [

            "o'connell",

            "Éric",

            "jean marc",

            "أحمد",

            "trailingnewline\n",

        ]

        v = validators.ASCIIUsernameValidator()

        for valid in valid_usernames:

            with self.subTest(valid=valid):

                v(valid)

        for invalid in invalid_usernames:

            with self.subTest(invalid=invalid):

                with self.assertRaises(ValidationError):

                    v(invalid)