Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ [#50] updated dependecies and added oidc tests #122

Merged
merged 1 commit into from
Aug 15, 2024
Merged

⬆️ [#50] updated dependecies and added oidc tests #122

merged 1 commit into from
Aug 15, 2024

Conversation

bart-maykin
Copy link
Contributor

@bart-maykin bart-maykin commented Aug 1, 2024
edited
Loading

Fixes #50

Changes

updated libraries:

  • billiard 3.6.4.0 to 4.2.0
  • celery 5.2.7 to 5.4.0
  • certifi 2020.07.4 to 2023.7.04
  • django 4.2.11 to 4.2.14
  • django-axes 6.4.0 to 6.5.1
  • django-cors-headers 4.3.1 to 4.4.0
  • django-filters 23.2 to 24.2
  • django-jsonform 2.21.4 to 2.22.0
  • djangorestframework 3.14.0 to 3.15.2
  • maykin-2fa 1.0.0 to 1.0.1
  • mozilla-django-oidc-db 0.16.0 to 0.19.0
  • open-api-framework 0.5.0 to 0.6.1
  • requests 2.31.0 to 2.32.3
  • sentry-sdk 1.45.0 to 2.12.0
  • tornado 6.4 to 6.4.1
  • urllib3 2.2.1 to 2.2.2
  • vine 5.0.0 to 5.1.0

updated oidc tests to work for new library version

@bart-maykin bart-maykin requested a review from stevenbal August 1, 2024 23:40
@bart-maykin bart-maykin force-pushed the feature/50-fix-security-issues branch from 6e6c0e9 to 03484ee Compare August 1, 2024 23:42
@bart-maykin bart-maykin changed the title ⬆️ [#50] updated dependecies and fixed broken oidc tests ⬆️ [#50] updated dependecies and added oidc tests Aug 1, 2024
@bart-maykin bart-maykin force-pushed the feature/50-fix-security-issues branch from 03484ee to 58d3916 Compare August 2, 2024 08:43
@bart-maykin bart-maykin requested review from annashamray and removed request for stevenbal August 2, 2024 08:43
@annashamray annashamray requested a review from stevenbal August 2, 2024 09:11
annashamray
annashamray approved these changes Aug 2, 2024
View reviewed changes
Copy link
Collaborator

@annashamray annashamray left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved in relation to updating dependencies
@stevenbal could you please review OIDC part?

@bart-maykin bart-maykin force-pushed the feature/50-fix-security-issues branch from 58d3916 to 3fca474 Compare August 9, 2024 14:59
stevenbal
stevenbal requested changes Aug 13, 2024
View reviewed changes
Copy link
Contributor

@stevenbal stevenbal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some minor comments/questions. It also seems that CI is failing? Not sure if it's related https://github.com/maykinmedia/objecttypes-api/actions/runs/10321355943/job/28575706632?pr=122

package.json Outdated Show resolved Hide resolved
src/objecttypes/accounts/tests/factories.py Outdated
Comment on lines 18 to 26
class Params:
superuser = factory.Trait(
is_staff=True,
is_superuser=True,
)


class StaffUserFactory(UserFactory):
is_staff = True
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the difference between these? Doesn't UserFactory now also have is_staff=True?

src/objecttypes/utils/tests/keycloak.py
KEYCLOAK_BASE_URL = "http://localhost:8080/realms/test/protocol/openid-connect"


def keycloak_login(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't we reuse this from mozilla-django-oidc-db? https://github.com/maykinmedia/mozilla-django-oidc-db/blob/d0630df6a5dc9d8bf34dbed5a0be983973779ed6/tests/utils.py#L7

Copy link
Contributor Author

@bart-maykin bart-maykin Aug 14, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is reused from mozilla-django-oidc-db but with some slight alterations. Just as in open-forms.
Because the file itself is inaccessible
Screenshot from 2024-08-14 16-59-11

@bart-maykin bart-maykin requested a review from stevenbal August 14, 2024 15:03
@bart-maykin bart-maykin force-pushed the feature/50-fix-security-issues branch 2 times, most recently from 105f88c to 542ece2 Compare August 15, 2024 09:03
@bart-maykin bart-maykin force-pushed the feature/50-fix-security-issues branch from 542ece2 to 780b2e9 Compare August 15, 2024 09:08
@bart-maykin bart-maykin merged commit c15cff5 into master Aug 15, 2024
19 checks passed
@bart-maykin bart-maykin deleted the feature/50-fix-security-issues branch August 15, 2024 09:44
@bart-maykin bart-maykin mentioned this pull request Aug 16, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@annashamray annashamray annashamray approved these changes

@stevenbal stevenbal stevenbal approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update libraries in Open API framework and all components
3 participants
@bart-maykin @stevenbal @annashamray