Adjusted authentication test for internal CSRF changes.

carltongibson · carltongibson · commit 19b609155479 · 2021-09-23T11:57:03.000+02:00
Private _get_new_csrf_token() was removed in django/django@231de68.
diff --git a/tests/authentication/test_authentication.py b/tests/authentication/test_authentication.py
@@ -1,5 +1,6 @@
 import base64
 
+import django
 import pytest
 from django.conf import settings
 from django.contrib.auth.models import User
@@ -218,7 +219,16 @@ def test_post_form_session_auth_passing_csrf(self):
         Ensure POSTing form over session authentication with CSRF token succeeds.
         Regression test for #6088
         """
-        from django.middleware.csrf import _get_new_csrf_token
+        # Remove this shim when dropping support for Django 2.2.
+        if django.VERSION < (3, 0):
+            from django.middleware.csrf import _get_new_csrf_token
+        else:
+            from django.middleware.csrf import (
+                _get_new_csrf_string, _mask_cipher_secret
+            )
+
+            def _get_new_csrf_token():
+                return _mask_cipher_secret(_get_new_csrf_string())
 
         self.csrf_client.login(username=self.username, password=self.password)
 
