Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-igwn-auth-utils for openSUSE:Factory checked in at 2024-02-14 23:19:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-igwn-auth-utils (Old) and /work/SRC/openSUSE:Factory/.python-igwn-auth-utils.new.1815 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-igwn-auth-utils" Wed Feb 14 23:19:36 2024 rev:4 rq:1146557 version:1.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-igwn-auth-utils/python-igwn-auth-utils.changes 2023-04-02 19:18:32.676875565 +0200 +++ /work/SRC/openSUSE:Factory/.python-igwn-auth-utils.new.1815/python-igwn-auth-utils.changes 2024-02-14 23:19:53.270738526 +0100 @@ -1,0 +2,26 @@ +Wed Feb 14 11:14:43 UTC 2024 - Ben Greiner <c...@bnavigator.de> + +- Update to 1.1.0 + * Support multiple scopes in is_valid_token [!70] +- Release 1.0.2 + * Ensure that token=False works on all requests [!67] +- Release 1.0.1 + * Fix bug in disabling token auth via function call [!65] +- Release 1.0.0 + ## Major changes + * Refactor requests auth handling to enable per-request token + discovery [!59] + ## Other changes: + * Allow disabling automatic raise_for_status for Sessions [!52] + * Fix keyword argument passing in requests wrappers [!56] + * Add issuer keyword to is_valid_token [!57] + * Allow deserialising token in is_valid_token [!58] + * Add support for Python 3.11 [!61] + * Workaround bug in requests 2.14 [!62] +- Add patches for python 3.12 + * igwn-auth-utils-mr73-utznow.patch + https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73 + * igwn-auth-utils-mr76-mock_called_once.patch + https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76 + +------------------------------------------------------------------- Old: ---- igwn-auth-utils-0.4.0.tar.gz New: ---- igwn-auth-utils-1.1.0.tar.gz igwn-auth-utils-mr73-utznow.patch igwn-auth-utils-mr76-mock_called_once.patch BETA DEBUG BEGIN: New:- Add patches for python 3.12 * igwn-auth-utils-mr73-utznow.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73 New: https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73 * igwn-auth-utils-mr76-mock_called_once.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76 BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-igwn-auth-utils.spec ++++++ --- /var/tmp/diff_new_pack.YPfcnY/_old 2024-02-14 23:19:54.890796932 +0100 +++ /var/tmp/diff_new_pack.YPfcnY/_new 2024-02-14 23:19:54.902797364 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-igwn-auth-utils # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,16 +16,18 @@ # -%{?!python_module:%define python_module() python3-%{**}} -%define skip_python2 1 %global srcname igwn-auth-utils Name: python-igwn-auth-utils -Version: 0.4.0 +Version: 1.1.0 Release: 0 Summary: Auth Utils for International Gravitational-Wave Observatory Network (IGWN) License: BSD-3-Clause URL: https://git.ligo.org/computing/igwn-auth-utils Source: https://files.pythonhosted.org/packages/source/i/%{srcname}/%{srcname}-%{version}.tar.gz +# PATCH-FIX-UPSTREAM igwn-auth-utils-mr73-utznow.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73 +Patch0: https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/73.patch#/igwn-auth-utils-mr73-utznow.patch +# PATCH-FIX-UPSTREAM igwn-auth-utils-mr76-mock_called_once.patch https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76 +Patch1: https://git.ligo.org/computing/igwn-auth-utils/-/merge_requests/76.patch#/igwn-auth-utils-mr76-mock_called_once.patch BuildRequires: %{python_module pip} BuildRequires: %{python_module setuptools_scm >= 3.4.3} BuildRequires: %{python_module setuptools} @@ -58,9 +60,8 @@ SciTokens for use with HTTP(S) requests to IGWN-operated services. %prep -%setup -q -n %{srcname}-%{version} +%autosetup -p1 -n %{srcname}-%{version} sed -i 's/--color=yes//' pyproject.toml -sed -i '/"error",/ a \ "ignore:pkg_resources is deprecated as an API:DeprecationWarning",' pyproject.toml %build %pyproject_wheel @@ -76,5 +77,5 @@ %doc README.md %license LICENSE %{python_sitelib}/igwn_auth_utils -%{python_sitelib}/igwn_auth_utils-%{version}*-info +%{python_sitelib}/igwn_auth_utils-%{version}.dist-info ++++++ igwn-auth-utils-0.4.0.tar.gz -> igwn-auth-utils-1.1.0.tar.gz ++++++ ++++ 1896 lines of diff (skipped) ++++++ igwn-auth-utils-mr73-utznow.patch ++++++ >From 3d716d0faad554fb9f50fc424b8b037c7427ebfa Mon Sep 17 00:00:00 2001 From: "duncan.macleod" <duncan.macl...@ligo.org> Date: Wed, 18 Oct 2023 16:45:06 +0100 Subject: [PATCH] x509: replace usage of datetime.utcnow() `utcnow()` is deprecated in favour of `now(UTC)`. --- igwn_auth_utils/tests/test_x509.py | 12 ++++++------ igwn_auth_utils/x509.py | 11 +++++++++-- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/igwn_auth_utils/tests/test_x509.py b/igwn_auth_utils/tests/test_x509.py index 6fd2b8f..cad47a7 100644 --- a/igwn_auth_utils/tests/test_x509.py +++ b/igwn_auth_utils/tests/test_x509.py @@ -7,11 +7,8 @@ __author__ = "Duncan Macleod <duncan.macl...@ligo.org>" +import datetime import os -from datetime import ( - datetime, - timedelta, -) from pathlib import Path from unittest import mock @@ -36,14 +33,17 @@ def x509cert(private_key, public_key): name = x509.Name([ x509.NameAttribute(NameOID.COMMON_NAME, "test"), ]) - now = datetime.utcnow() + try: + now = datetime.datetime.now(datetime.UTC) + except AttributeError: # python < 3.11 + now = datetime.datetime.utcnow() return x509.CertificateBuilder( issuer_name=name, subject_name=name, public_key=public_key, serial_number=1000, not_valid_before=now, - not_valid_after=now + timedelta(seconds=86400), + not_valid_after=now + datetime.timedelta(seconds=86400), ).sign(private_key, hashes.SHA256(), backend=default_backend()) diff --git a/igwn_auth_utils/x509.py b/igwn_auth_utils/x509.py index d5c6a90..6292fff 100644 --- a/igwn_auth_utils/x509.py +++ b/igwn_auth_utils/x509.py @@ -2,8 +2,8 @@ # Copyright 2021 Cardiff University # Distributed under the terms of the BSD-3-Clause license +import datetime import os -from datetime import datetime from pathlib import Path from cryptography.x509 import ( @@ -95,7 +95,14 @@ def is_valid_certificate(cert, timeleft=600): def _timeleft(cert): """Returns the time remaining (in seconds) for a ``cert`` """ - return (cert.not_valid_after - datetime.utcnow()).total_seconds() + expiry = cert.not_valid_after + try: + now = datetime.datetime.now(datetime.UTC) + except AttributeError: # python < 3.11 + now = datetime.datetime.utcnow() + else: + expiry = expiry.astimezone(datetime.UTC) + return (expiry - now).total_seconds() def _default_cert_path(prefix="x509up_"): -- GitLab ++++++ igwn-auth-utils-mr76-mock_called_once.patch ++++++ >From ad5bb8ce2cdcb3352400c487f4e33cf5eb85fcc7 Mon Sep 17 00:00:00 2001 From: Duncan Macleod <duncan.macl...@ligo.org> Date: Tue, 13 Feb 2024 13:27:37 +0000 Subject: [PATCH] tests: fix call to mock.called_once_with need to use builtin assert_called_once_with --- igwn_auth_utils/tests/test_requests.py | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/igwn_auth_utils/tests/test_requests.py b/igwn_auth_utils/tests/test_requests.py index de9428b..5de05eb 100644 --- a/igwn_auth_utils/tests/test_requests.py +++ b/igwn_auth_utils/tests/test_requests.py @@ -23,6 +23,7 @@ from requests import ( from .. import requests as igwn_requests from ..error import IgwnAuthError +from ..scitokens import target_audience from .test_scitokens import rtoken # noqa: F401 SKIP_REQUESTS_NETRC = pytest.mark.skipif( @@ -425,15 +426,25 @@ class TestSession: assert sess.auth.audience == session_aud assert sess.auth.scope == session_scope + audience = ( + request_aud + or session_aud + or target_audience( + "https://example.com/api", + include_any=False, + ) + ) + # but that the request auth uses any new settings we give it sess.get( "https://example.com/api", token_audience=request_aud, token_scope=request_scope, ) - assert find_scitoken.called_once_with( - audience=request_aud or session_aud, - scope=request_scope or session_scope, + find_scitoken.assert_called_once_with( + audience, + request_scope or session_scope, + issuer=None, ) @mock.patch("igwn_auth_utils.requests.find_scitoken", return_value=None) -- GitLab