Accepting request 1146556 from home:bnavigator:branches:science

- Update to 1.1.0 * Support multiple scopes in is_valid_token [!70] - Release 1.0.2 * Ensure that token=False works on all requests [!67] - Release 1.0.1 * Fix bug in disabling token auth via function call [!65] - Release 1.0.0 ## Major changes * Refactor requests auth handling to enable per-request token discovery [!59] ## Other changes: * Allow disabling automatic raise_for_status for Sessions [!52] * Fix keyword argument passing in requests wrappers [!56] * Add issuer keyword to is_valid_token [!57] * Allow deserialising token in is_valid_token [!58] * Add support for Python 3.11 [!61] * Workaround bug in requests 2.14 [!62] - Add patches for python 3.12 * igwn-auth-utils-mr73-utznow.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73 * igwn-auth-utils-mr76-mock_called_once.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76 OBS-URL: https://build.opensuse.org/request/show/1146556 OBS-URL: https://build.opensuse.org/package/show/science/python-igwn-auth-utils?expand=0&rev=8
2024-02-14 11:24:54 +00:00
parent 0330f4d858
commit 78e60eead0
6 changed files with 172 additions and 10 deletions
--- a/igwn-auth-utils-0.4.0.tar.gz
+++ b/igwn-auth-utils-0.4.0.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f7e909f058b29d17bb53b835b736dafb332cbd526b9f2e4ffcb9975031190cba
-size 30980
--- a/igwn-auth-utils-1.1.0.tar.gz
+++ b/igwn-auth-utils-1.1.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f993f0ed8b83538a14df7dda540eb2dcaebd26aa0b058fffa105cd6de2d16e69
+size 35411
--- a/igwn-auth-utils-mr73-utznow.patch
+++ b/igwn-auth-utils-mr73-utznow.patch
@@ -0,0 +1,81 @@
+From 3d716d0faad554fb9f50fc424b8b037c7427ebfa Mon Sep 17 00:00:00 2001
+From: "duncan.macleod" <duncan.macleod@ligo.org>
+Date: Wed, 18 Oct 2023 16:45:06 +0100
+Subject: [PATCH] x509: replace usage of datetime.utcnow()
+
+`utcnow()` is deprecated in favour of `now(UTC)`.
+---
+ igwn_auth_utils/tests/test_x509.py | 12 ++++++------
+ igwn_auth_utils/x509.py            | 11 +++++++++--
+ 2 files changed, 15 insertions(+), 8 deletions(-)
+
+diff --git a/igwn_auth_utils/tests/test_x509.py b/igwn_auth_utils/tests/test_x509.py
+index 6fd2b8f..cad47a7 100644
+--- a/igwn_auth_utils/tests/test_x509.py
+++ b/igwn_auth_utils/tests/test_x509.py
+@@ -7,11 +7,8 @@
+ 
+ __author__ = "Duncan Macleod <duncan.macleod@ligo.org>"
+ 
+import datetime
+ import os
+-from datetime import (
+-    datetime,
+-    timedelta,
+-)
+ from pathlib import Path
+ from unittest import mock
+ 
+@@ -36,14 +33,17 @@ def x509cert(private_key, public_key):
+     name = x509.Name([
+         x509.NameAttribute(NameOID.COMMON_NAME, "test"),
+     ])
+-    now = datetime.utcnow()
+    try:
+        now = datetime.datetime.now(datetime.UTC)
+    except AttributeError:  # python < 3.11
+        now = datetime.datetime.utcnow()
+     return x509.CertificateBuilder(
+         issuer_name=name,
+         subject_name=name,
+         public_key=public_key,
+         serial_number=1000,
+         not_valid_before=now,
+-        not_valid_after=now + timedelta(seconds=86400),
+        not_valid_after=now + datetime.timedelta(seconds=86400),
+     ).sign(private_key, hashes.SHA256(), backend=default_backend())
+ 
+ 
+diff --git a/igwn_auth_utils/x509.py b/igwn_auth_utils/x509.py
+index d5c6a90..6292fff 100644
+--- a/igwn_auth_utils/x509.py
+++ b/igwn_auth_utils/x509.py
+@@ -2,8 +2,8 @@
+ # Copyright 2021 Cardiff University
+ # Distributed under the terms of the BSD-3-Clause license
+ 
+import datetime
+ import os
+-from datetime import datetime
+ from pathlib import Path
+ 
+ from cryptography.x509 import (
+@@ -95,7 +95,14 @@ def is_valid_certificate(cert, timeleft=600):
+ def _timeleft(cert):
+     """Returns the time remaining (in seconds) for a ``cert``
+     """
+-    return (cert.not_valid_after - datetime.utcnow()).total_seconds()
+    expiry = cert.not_valid_after
+    try:
+        now = datetime.datetime.now(datetime.UTC)
+    except AttributeError:  # python < 3.11
+        now = datetime.datetime.utcnow()
+    else:
+        expiry = expiry.astimezone(datetime.UTC)
+    return (expiry - now).total_seconds()
+ 
+ 
+ def _default_cert_path(prefix="x509up_"):
+-- 
+GitLab
+
--- a/igwn-auth-utils-mr76-mock_called_once.patch
+++ b/igwn-auth-utils-mr76-mock_called_once.patch
@@ -0,0 +1,54 @@
+From ad5bb8ce2cdcb3352400c487f4e33cf5eb85fcc7 Mon Sep 17 00:00:00 2001
+From: Duncan Macleod <duncan.macleod@ligo.org>
+Date: Tue, 13 Feb 2024 13:27:37 +0000
+Subject: [PATCH] tests: fix call to mock.called_once_with
+
+need to use builtin assert_called_once_with
+---
+ igwn_auth_utils/tests/test_requests.py | 17 ++++++++++++++---
+ 1 file changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/igwn_auth_utils/tests/test_requests.py b/igwn_auth_utils/tests/test_requests.py
+index de9428b..5de05eb 100644
+--- a/igwn_auth_utils/tests/test_requests.py
+++ b/igwn_auth_utils/tests/test_requests.py
+@@ -23,6 +23,7 @@ from requests import (
+ 
+ from .. import requests as igwn_requests
+ from ..error import IgwnAuthError
+from ..scitokens import target_audience
+ from .test_scitokens import rtoken  # noqa: F401
+ 
+ SKIP_REQUESTS_NETRC = pytest.mark.skipif(
+@@ -425,15 +426,25 @@ class TestSession:
+             assert sess.auth.audience == session_aud
+             assert sess.auth.scope == session_scope
+ 
+            audience = (
+                request_aud
+                or session_aud
+                or target_audience(
+                    "https://example.com/api",
+                    include_any=False,
+                )
+            )
+
+             # but that the request auth uses any new settings we give it
+             sess.get(
+                 "https://example.com/api",
+                 token_audience=request_aud,
+                 token_scope=request_scope,
+             )
+-            assert find_scitoken.called_once_with(
+-                audience=request_aud or session_aud,
+-                scope=request_scope or session_scope,
+            find_scitoken.assert_called_once_with(
+                audience,
+                request_scope or session_scope,
+                issuer=None,
+             )
+ 
+     @mock.patch("igwn_auth_utils.requests.find_scitoken", return_value=None)
+-- 
+GitLab
+
--- a/python-igwn-auth-utils.changes
+++ b/python-igwn-auth-utils.changes
@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Wed Feb 14 11:14:43 UTC 2024 - Ben Greiner <code@bnavigator.de>
+
+- Update to 1.1.0
+  * Support multiple scopes in is_valid_token [!70]
+- Release 1.0.2
+  * Ensure that token=False works on all requests [!67]
+- Release 1.0.1
+  * Fix bug in disabling token auth via function call [!65]
+- Release 1.0.0
+  ## Major changes
+  * Refactor requests auth handling to enable per-request token
+    discovery [!59]
+  ## Other changes:
+  * Allow disabling automatic raise_for_status for Sessions [!52]
+  * Fix keyword argument passing in requests wrappers [!56]
+  * Add issuer keyword to is_valid_token [!57]
+  * Allow deserialising token in is_valid_token [!58]
+  * Add support for Python 3.11 [!61]
+  * Workaround bug in requests 2.14 [!62]
+- Add patches for python 3.12
+  * igwn-auth-utils-mr73-utznow.patch
+    https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73
+  * igwn-auth-utils-mr76-mock_called_once.patch
+    https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76
+
 -------------------------------------------------------------------
 Sat Apr  1 20:27:20 UTC 2023 - Ben Greiner <code@bnavigator.de>

--- a/python-igwn-auth-utils.spec
+++ b/python-igwn-auth-utils.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-igwn-auth-utils
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,16 +16,18 @@
 #


-%{?!python_module:%define python_module() python3-%{**}}
-%define skip_python2 1
 %global srcname igwn-auth-utils
 Name:           python-igwn-auth-utils
-Version:        0.4.0
+Version:        1.1.0
 Release:        0
 Summary:        Auth Utils for International Gravitational-Wave Observatory Network (IGWN)
 License:        BSD-3-Clause
 URL:            https://git.ligo.org/computing/igwn-auth-utils
 Source:         https://files.pythonhosted.org/packages/source/i/%{srcname}/%{srcname}-%{version}.tar.gz
+# PATCH-FIX-UPSTREAM igwn-auth-utils-mr73-utznow.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73
+Patch0:         https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73.patch#/igwn-auth-utils-mr73-utznow.patch
+# PATCH-FIX-UPSTREAM igwn-auth-utils-mr76-mock_called_once.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76
+Patch1:         https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76.patch#/igwn-auth-utils-mr76-mock_called_once.patch
 BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module setuptools_scm >= 3.4.3}
 BuildRequires:  %{python_module setuptools}
@@ -58,9 +60,8 @@ This project is primarily aimed at discovering X.509 credentials and
 SciTokens for use with HTTP(S) requests to IGWN-operated services.

 %prep
-%setup -q -n %{srcname}-%{version}
+%autosetup -p1 -n %{srcname}-%{version}
 sed -i 's/--color=yes//' pyproject.toml
-sed -i '/"error",/ a \        "ignore:pkg_resources is deprecated as an API:DeprecationWarning",' pyproject.toml

 %build
 %pyproject_wheel
@@ -76,6 +77,6 @@ sed -i '/"error",/ a \        "ignore:pkg_resources is deprecated as an API:Depr
 %doc README.md
 %license LICENSE
 %{python_sitelib}/igwn_auth_utils
-%{python_sitelib}/igwn_auth_utils-%{version}*-info
+%{python_sitelib}/igwn_auth_utils-%{version}.dist-info

 %changelog