Bump fastapi[all] from 0.82.0 to 0.89.1

requirements.txt

@@ -8,7 +8,7 @@ colorama>=0.4.3
 cryptography==38.0.3
 dask==2022.9.2
 deepdiff==5.8.1
-fastapi[all]==0.82.0
+fastapi[all]==0.89.1
 fastapi-caching[redis]==0.3.0
 fastapi-pagination[sqlalchemy]~= 0.10.0
 fideslang==1.3.3

src/fides/api/ops/api/v1/endpoints/connection_endpoints.py

@@ -210,6 +210,7 @@ def patch_connections(
     CONNECTION_BY_KEY,
     dependencies=[Security(verify_oauth_client, scopes=[CONNECTION_DELETE])],
     status_code=HTTP_204_NO_CONTENT,
+    response_model=None,
 )
 def delete_connection(
     connection_key: FidesKey, *, db: Session = Depends(deps.get_db)

src/fides/api/ops/api/v1/endpoints/user_endpoints.py

@@ -121,6 +121,7 @@ def update_user_password(
     urls.USER_FORCE_PASSWORD_RESET,
     dependencies=[Security(verify_oauth_client, scopes=[USER_PASSWORD_RESET])],
     status_code=HTTP_200_OK,
+    response_model=UserResponse,
 )
 def force_update_password(
     *,

src/fides/api/ops/service/connectors/fides/fides_client.py

@@ -2,10 +2,10 @@
 
 from typing import Any, Dict, List, Optional
 
-import requests
+import httpx
 from httpx import AsyncClient
 from loguru import logger
-from requests import PreparedRequest, Request, RequestException, Session
+from httpx import Request, RequestError, Client, HTTPStatusError
 
 from fides.api.ctl.utils.errors import FidesError
 from fides.api.ops.api.v1 import urn_registry as urls
@@ -41,7 +41,7 @@ def __init__(
         username: str,
         password: str,
     ):
-        self.session = Session()
+        self.session = Client(timeout=5.0)
         self.uri = uri
         self.username = username
         self.password = password
@@ -55,14 +55,14 @@ def login(self) -> None:
             self.username,
         )
         try:
-            response = requests.post(
+            response = httpx.post(
                 f"{self.uri}{urls.V1_URL_PREFIX}{urls.LOGIN}", json=ul.dict()
             )
-        except RequestException as e:
+        except RequestError as e:
             logger.error("Error logging in on remote Fides {}: {}", self.uri, str(e))
             raise e
 
-        if response.ok:
+        if response.is_success:
             self.token = response.json()["token_data"]["access_token"]
             logger.info(
                 "Successfully logged in to remote fides {} with username '{}'",
@@ -81,21 +81,21 @@ def authenticated_request(
         query_params: Optional[Dict[str, Any]] = {},
         data: Optional[Any] = None,
         json: Optional[Any] = None,
-    ) -> PreparedRequest:
+    ) -> Request:
 
         if not self.token:
             raise FidesError(
                 f"Unable to create authenticated request. No token for Fides connector for server {self.uri}"
             )
 
-        req: PreparedRequest = Request(
+        req: Request = self.session.build_request(
             method=method,
             url=f"{self.uri}{path}",
             headers=headers,
             params=query_params,
             data=data,
             json=json,
-        ).prepare()
+        )
         req.headers["Authorization"] = f"Bearer {self.token}"
         return req
 
@@ -117,15 +117,17 @@ def create_privacy_request(
             external_id,
             self.uri,
         )
-        request: PreparedRequest = self.authenticated_request(
+        request: Request = self.authenticated_request(
             method="POST",
             path=urls.V1_URL_PREFIX + urls.PRIVACY_REQUEST_AUTHENTICATED,
             json=[pr.dict()],
         )
         response = self.session.send(request)
-        if not response.ok:
+
+        if not response.is_success:
             logger.error("Error creating privacy request on remote Fides {}", self.uri)
             response.raise_for_status()
+
         if response.json()["failed"]:
             # TODO better handle errored state here?
             raise FidesError(
@@ -199,7 +201,7 @@ async def poll_for_request_completion(
             f"Privacy request [{privacy_request_id}] on remote Fides {self.uri} is in an unknown state. Look at the remote Fides for more information."
         )
 
-    def request_status(self, privacy_request_id: str = None) -> List[Dict[str, Any]]:
+    def request_status(self, privacy_request_id: str = "") -> List[Dict[str, Any]]:
         """
         Return privacy request object that tracks its status
         """
@@ -215,15 +217,16 @@ def request_status(self, privacy_request_id: str = None) -> List[Dict[str, Any]]
                 self.uri,
             )
 
-        request: PreparedRequest = self.authenticated_request(
+        request: Request = self.authenticated_request(
             method="GET",
             path=urls.V1_URL_PREFIX + urls.PRIVACY_REQUESTS,
             query_params={"request_id": privacy_request_id}
             if privacy_request_id
             else None,
         )
-        response = self.session.send(request, timeout=5)
-        if not response.ok:
+        response = self.session.send(request)
+
+        if not response.is_success:
             logger.error(
                 "Error retrieving status of privacy request [{}] on remote Fides {}",
                 privacy_request_id,
@@ -266,7 +269,7 @@ def retrieve_request_results(
                 headers={"Authorization": f"Bearer {self.token}"},
             )
             response = self.session.send(request)
-        except requests.exceptions.HTTPError as e:
+        except HTTPStatusError as e:
             logger.error(
                 "Error retrieving data from child server for privacy request {}: {}",
                 privacy_request_id,

src/fides/cli/utils.py

@@ -72,6 +72,12 @@ def check_server_health(server_url: str, verbose: bool = True) -> requests.Respo
     return health_response
 
 
+def compare_application_versions(server_version: str, cli_version: str) -> bool:
+    """Normalize and compare application versions."""
+    normalize_version = lambda v: str(v).replace(".dirty", "", 1)
+    return normalize_version(server_version) == normalize_version(cli_version)
+
+
 def check_server(cli_version: str, server_url: str, quiet: bool = False) -> None:
     """Runs a health check and a version check against the server."""
 
@@ -82,8 +88,7 @@ def check_server(cli_version: str, server_url: str, quiet: bool = False) -> None
         raise SystemExit(1)
 
     server_version = health_response.json()["version"]
-    normalize_version = lambda v: str(v).replace(".dirty", "", 1)
-    if normalize_version(server_version) == normalize_version(cli_version):
+    if compare_application_versions(server_version, cli_version):
         if not quiet:
             echo_green(
                 "Server is reachable and the client/server application versions match."

src/fides/lib/oauth/schemas/oauth.py

@@ -44,7 +44,9 @@ def __init__(
         )
 
     async def __call__(self, request: Request) -> Optional[str]:
-        authorization: str = request.headers.get("Authorization")
+        authorization: Optional[str] = request.headers.get("Authorization")
+        if not authorization:
+            raise InvalidAuthorizationSchemeError()
         scheme, param = get_authorization_scheme_param(authorization)
         if not authorization or scheme.lower() != "bearer":
             if self.auto_error:

tests/ctl/cli/test_utils.py

@@ -4,10 +4,9 @@
 
 import click
 import pytest
-from requests_mock import Mocker
 
 import fides.cli.utils as utils
-from fides.core.config import FidesConfig, get_config
+from fides.core.config import FidesConfig
 from tests.ctl.conftest import orig_requests_get
 
 
@@ -24,42 +23,30 @@ def test_check_server_bad_ping(test_client, monkeypatch) -> None:
 
 @pytest.mark.unit
 @pytest.mark.parametrize(
-    "server_version, cli_version, expected_output, quiet",
+    "server_version, cli_version, expected_result",
     [
-        ("1.6.0+7.ge953df5", "1.6.0+7.ge953df5", "application versions match", False),
-        ("1.6.0+7.ge953df5", "1.6.0+9.ge953df5", "Mismatched versions!", False),
+        ("1.6.0+7.ge953df5", "1.6.0+7.ge953df5", True),
+        ("1.6.0+7.ge953df5", "1.6.0+9.ge953df5", False),
         (
             "1.6.0+7.ge953df5",
             "1.6.0+7.ge953df5.dirty",
-            "application versions match",
-            False,
+            True,
         ),
         (
             "1.6.0+7.ge953df5.dirty",
             "1.6.0+7.ge953df5",
-            "application versions match",
-            False,
+            True,
         ),
-        ("1.6.0+7.ge953df5", "1.6.0+7.ge953df5.dirty", None, True),
     ],
 )
 def test_check_server_version_comparisons(
-    requests_mock: Mocker,
-    capsys: pytest.CaptureFixture,
     server_version: str,
     cli_version: str,
-    expected_output: str,
-    quiet: bool,
+    expected_result: str,
 ) -> None:
-    """Check that comparing versions works"""
-    fake_url = "http://fake_address:8080"
-    requests_mock.get(f"{fake_url}/health", json={"version": server_version})
-    utils.check_server(cli_version, "http://fake_address:8080", quiet=quiet)
-    captured = capsys.readouterr()
-    if expected_output is None:
-        assert captured.out == ""
-    else:
-        assert expected_output in captured.out
+    """Check that version comparison works."""
+    actual_result = utils.compare_application_versions(server_version, cli_version)
+    assert expected_result == actual_result
 
 
 @pytest.mark.unit

tests/ctl/conftest.py

@@ -19,18 +19,22 @@
 
 @pytest.fixture(scope="session")
 def monkeysession():
-    """monkeypatch fixture at the session level instead of the function level"""
+    """
+    Monkeypatch at the session level instead of the function level.
+    Automatically undoes the monkeypatching when the session finishes.
+    """
     mpatch = MonkeyPatch()
     yield mpatch
     mpatch.undo()
 
 
 @pytest.fixture(autouse=True, scope="session")
 def monkeypatch_requests(test_client, monkeysession) -> None:
-    """The requests library makes requests against the running webserver
-    which talks to the application db.  This monkeypatching operation
-    makes `requests` calls from src/fides/core/api.py in a test
-    context talk to the test db instead"""
+    """
+    Some places within the application, for example `fides.core.api`, use the `requests`
+    library to interact with the webserver. This fixture patches those `requests` calls
+    so that all of those tests instead interact with the test instance.
+    """
     monkeysession.setattr(requests, "get", test_client.get)
     monkeysession.setattr(requests, "post", test_client.post)
     monkeysession.setattr(requests, "put", test_client.put)

tests/ops/api/v1/endpoints/test_config_endpoints.py

@@ -329,7 +329,8 @@ def test_get_application_config(
 
         # then we test that we can GET them
         auth_header = generate_auth_header([scopes.CONFIG_READ])
-        response = api_client.get(
+        response = api_client.request(
+            "GET",
             url,
             headers=auth_header,
             params={"api_set": True},

tests/ops/api/v1/endpoints/test_consent_request_endpoints.py

@@ -374,7 +374,8 @@ class TestGetConsentUnverified:
     def test_consent_unverified_no_consent_request_id(self, api_client):
         data = {"code": "12345"}
 
-        response = api_client.get(
+        response = api_client.request(
+            "GET",
             f"{V1_URL_PREFIX}{CONSENT_REQUEST_PREFERENCES_WITH_ID.format(consent_request_id='non_existent_consent_id')}",
             json=data,
         )
@@ -387,7 +388,8 @@ def test_consent_unverified_no_consent_request_id(self, api_client):
     def test_consent_unverified_verification_error(self, api_client):
         data = {"code": "12345"}
 
-        response = api_client.get(
+        response = api_client.request(
+            "GET",
             f"{V1_URL_PREFIX}{CONSENT_REQUEST_PREFERENCES_WITH_ID.format(consent_request_id='non_existent_consent_id')}",
             json=data,
         )

tests/ops/api/v1/endpoints/test_oauth_endpoints.py

@@ -501,7 +501,7 @@ def test_callback_for_valid_state(
         response = api_client.get(
             callback_url, params={"code": "abc", "state": "new_request"}
         )
-        assert response.ok
+        response.raise_for_status()
         get_access_token_mock.assert_called_once()
 
         authentication_request.delete(db)

tests/ops/api/v1/endpoints/test_privacy_request_endpoints.py

@@ -1534,7 +1534,8 @@ def test_sort_privacy_request_by_due_date(
         api_client.post(url, json=data)
 
         auth_header = generate_auth_header(scopes=[PRIVACY_REQUEST_READ])
-        resp = api_client.get(
+        resp = api_client.request(
+            "GET",
             f"{url}?sort_direction=asc&sort_field=due_date",
             json=data,
             headers=auth_header,
@@ -1544,7 +1545,8 @@ def test_sort_privacy_request_by_due_date(
         for i, request in enumerate(asc_response_data):
             assert request["days_left"] == days_left_values[i]
 
-        resp = api_client.get(
+        resp = api_client.request(
+            "GET",
             f"{url}?sort_direction=desc&sort_field=due_date",
             json=data,
             headers=auth_header,

tests/ops/api/v1/endpoints/test_saas_config_endpoints.py

@@ -450,5 +450,5 @@ def test_get_authorize_url(
         authorization_url_mock.return_value = authorization_url
         auth_header = generate_auth_header([CONNECTION_AUTHORIZE])
         response = api_client.get(authorize_url, headers=auth_header)
-        assert response.ok
+        response.raise_for_status()
         assert response.text == f'"{authorization_url}"'