Merge branch 'main' into auth-b-shown

.bumpversion.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2.1.0
+current_version = 2.2.0
 commit = False
 tag = False
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)(\-(?P<release>[a-z]+)(?P<build>\d+))?

.github/workflows/test-package.yml

@@ -13,7 +13,6 @@ jobs:
     strategy:
       matrix:
         python-version: ['3.11', '3.12']
-        pydantic-version: ['1.*', '2.*']
       fail-fast: false
     steps:
       - uses: actions/checkout@v2
@@ -26,8 +25,6 @@ jobs:
           python -m pip install --upgrade pip
           pip install flit
           flit install --deps develop
-          pip install -U "pydantic==${{ matrix.pydantic-version }}"
-          pip install pydantic_settings || true
       - name: Check formatting
         run: |
           black --check .
@@ -42,37 +39,29 @@ jobs:
           apache-license-check --copyright "2019-`date +%Y` SURF" oauth2_lib
       - name: Test with pytest
         run: |
-          pytest -vvv --cov-branch --cov-fail-under=80 --cov=oauth2_lib --cov-config=.coveragerc
-        env:
-          COVERAGE_FILE: reports/.coverage.${{ matrix.python-version }}
-      - name: Upload pytest test results
-        uses: actions/upload-artifact@v4
-        with:
-          name: reports
-          path: reports
-        # Use always() to always run this step to publish test results when there are test failures
-        if: ${{ matrix.pydantic-version == '2.*' }} && ${{ always() }}
-  coverage-combine:
-    needs: [build]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-python@v5
-        with:
-          python-version: '3.8'
-      - name: Get coverage files
-        uses: actions/download-artifact@v4
-        with:
-          name: reports
-          path: reports
-      - run: pip install coverage[toml]
-      - run: ls -la reports
-      - run: coverage combine reports
-      - run: coverage report
-      - run: coverage xml
-      - name: "Upload coverage to Codecov"
-        uses: codecov/codecov-action@v3
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-          fail_ci_if_error: true
-          files: ./coverage.xml
+          mkdir reports
+          pytest -vvv --cov-branch --cov-fail-under=80 --cov=oauth2_lib --cov-config=.coveragerc --cov-report=xml
+#  coverage-combine:
+#    needs: [build]
+#    runs-on: ubuntu-latest
+#    steps:
+#      - uses: actions/checkout@v3
+#      - uses: actions/setup-python@v5
+#        with:
+#          python-version: '3.8'
+#      - name: Get coverage files
+#        uses: actions/download-artifact@v4
+#        with:
+#          name: reports
+#          path: reports
+#      - run: pip install coverage[toml]
+#      - run: ls -la reports
+#      - run: coverage combine reports
+#      - run: coverage report
+#      - run: coverage xml
+#      - name: "Upload coverage to Codecov"
+#        uses: codecov/codecov-action@v3
+#        with:
+#          token: ${{ secrets.CODECOV_TOKEN }}
+#          fail_ci_if_error: true
+#          files: ./coverage.xml

oauth2_lib/__init__.py

@@ -13,4 +13,4 @@
 
 """This is the SURF Oauth2 module that interfaces with the oauth2 setup."""
 
-__version__ = "2.1.0"
+__version__ = "2.2.0"

oauth2_lib/fastapi.py

@@ -240,7 +240,7 @@ async def check_openid_config(self, async_client: AsyncClient) -> None:
                 status_code=HTTPStatus.SERVICE_UNAVAILABLE,
                 detail=f"Could not load openid config from {self.openid_config_url}",
             )
-        self.openid_config = OIDCConfig.parse_obj(response.json())
+        self.openid_config = OIDCConfig(**response.json())
 
 
 class Authorization(ABC):
@@ -286,7 +286,7 @@ async def get_decision(self, async_client: AsyncClient, opa_input: dict) -> OPAR
 
         json_result = result.json()
         logger.debug("Received decision from policy agent", decision=json_result)
-        return OPAResult.parse_obj(json_result)
+        return OPAResult(**json_result)
 
     def evaluate_decision(self, decision: OPAResult, **context: dict[str, Any]) -> bool:
         did = decision.decision_id

pyproject.toml

@@ -33,8 +33,9 @@ requires = [
     "structlog>=20.2.0",
     "fastapi>=0.90.1",
     "httpx[http2]>=0.23.0,<0.27.0",
-    "authlib==1.0.1",
-    "pydantic",
+    "authlib==1.3.1",
+    "pydantic>=2",
+    "pydantic-settings",
     "strawberry-graphql>=0.171.1",
     "asyncstdlib",
 ]

tests/test_fastapi.py

@@ -112,7 +112,7 @@ def oidc_auth():
 async def test_openid_config_success(make_mock_async_client, discovery, oidc_auth):
     mock_async_client = make_mock_async_client(MockResponse(json=discovery))
     await oidc_auth.check_openid_config(mock_async_client.client)
-    assert oidc_auth.openid_config == OIDCConfig.parse_obj(discovery)
+    assert oidc_auth.openid_config == OIDCConfig(**discovery)
     mock_async_client.client.get.assert_called_once_with("openid_url/.well-known/openid-configuration")
     assert oidc_auth.openid_config.issuer == discovery["issuer"], "OpenID configuration not loaded correctly"