HP-2441 | deps: bump to django 4.2

.github/workflows/ci.yml

@@ -15,7 +15,7 @@ jobs:
 
     services:
       postgres:
-        image: postgres:9.6
+        image: postgres:13.4
         ports:
           - 5432:5432
         options: >-

Dockerfile

@@ -1,5 +1,5 @@
 # =========================================================
-FROM helsinkitest/python-node:3.9-14-slim as staticbuilder
+FROM helsinkitest/python-node:3.9-14-slim AS staticbuilder
 # ---------------------------------------------------------
 # Stage for building static files for
 # the project. Installs Node as that
@@ -20,7 +20,7 @@ WORKDIR /app
 COPY requirements.txt /app/requirements.txt
 COPY package.json /app/package.json
 COPY package-lock.json /app/package-lock.json
-RUN pip install -U pip \
+RUN pip install -U pip setuptools wheel \
     && pip install --no-cache-dir  -r /app/requirements.txt
 RUN npm install
 
@@ -29,7 +29,7 @@ RUN python manage.py compilescss \
     && python manage.py collectstatic --noinput
 
 # ===========================================
-FROM helsinkitest/python:3.9-slim as appbase
+FROM helsinkitest/python:3.9-slim AS appbase
 # ===========================================
 
 WORKDIR /app
@@ -72,7 +72,7 @@ USER appuser
 RUN python manage.py compilemessages
 
 # =========================
-FROM appbase as development
+FROM appbase AS development
 # =========================
 
 COPY --chown=appuser:appuser requirements-dev.txt /app/requirements-dev.txt
@@ -84,7 +84,7 @@ USER appuser
 EXPOSE 8000/tcp
 
 # ==========================
-FROM appbase as production
+FROM appbase AS production
 # ==========================
 
 USER appuser

README.md

@@ -62,7 +62,7 @@ modify them in the same file by adding these lines:
 ```
 DATABASES = {
     'default': {
-        'ENGINE': 'django.db.backends.postgresql_psycopg2',
+        'ENGINE': 'django.db.backends.postgresql',
         'NAME': 'custom_database',
         'USER': 'custom_user',
         'PASSWORD': 'your_password',

auth_backends/backchannel_logout.py

@@ -47,7 +47,7 @@ def validate_and_return_logout_token(self, logout_token):
 
         try:
             key = self.find_valid_key(logout_token)
-        except ValueError:
+        except JWTError:
             raise AuthTokenError(self, 'Incorrect logout_token: signature missing')
 
         if not key:

auth_backends/tests/conftest.py

@@ -33,10 +33,10 @@ class DummyOidcBackchannelLogoutBackend(
 
 def create_backend_logout_token(backend, **kwargs):
     kwargs.setdefault('iss', backend.oidc_config().get('issuer'))
-    kwargs.setdefault('sub', get_random_string())
+    kwargs.setdefault('sub', get_random_string(12))
     kwargs.setdefault('aud', backend.setting('KEY'))
     kwargs.setdefault('iat', int(time.time()) - 10)
-    kwargs.setdefault('jti', get_random_string())
+    kwargs.setdefault('jti', get_random_string(12))
     kwargs.setdefault('events', {
         'http://schemas.openid.net/event/backchannel-logout': {},
     })

auth_backends/tests/test_oidc_backchannel_logout.py

@@ -227,7 +227,7 @@ def test_logout_token_extra_nonce(
 ):
     logout_token = logout_token_factory(
         backend,
-        nonce=get_random_string(),
+        nonce=get_random_string(12),
     )
     backend.strategy.logout_token = logout_token
 
@@ -245,7 +245,7 @@ def test_logout_token_no_social_auth(
 ):
     logout_token = logout_token_factory(
         backend,
-        sub=get_random_string(),
+        sub=get_random_string(12),
     )
     backend.strategy.logout_token = logout_token
 
@@ -269,7 +269,7 @@ def test_backchannel_logout_not_implemented_in_backend(
 
     reload_social_django_utils()
 
-    password = get_random_string()
+    password = get_random_string(12)
     user = user_factory(password=password)
     usersocialauth_factory(provider='dummyoidcbackend', user=user)
 
@@ -310,7 +310,7 @@ def test_backchannel_successful_logout(
 
     reload_social_django_utils()
 
-    password = get_random_string()
+    password = get_random_string(12)
     user = user_factory(password=password)
 
     backend = DummyOidcBackchannelLogoutBackend()
@@ -367,7 +367,7 @@ def test_backchannel_logout_no_social_auth(
 
     reload_social_django_utils()
 
-    password = get_random_string()
+    password = get_random_string(12)
     user = user_factory(password=password)
 
     backend = DummyOidcBackchannelLogoutBackend()
@@ -416,9 +416,9 @@ def test_backchannel_successful_logout_other_session_unaffected(
 
     reload_social_django_utils()
 
-    password = get_random_string()
+    password = get_random_string(12)
     user = user_factory(password=password)
-    password2 = get_random_string()
+    password2 = get_random_string(12)
     user2 = user_factory(password=password2)
 
     backend = DummyOidcBackchannelLogoutBackend()

docker-compose.yml

@@ -1,7 +1,6 @@
-version: '3.7'
 services:
     postgres:
-        image: postgres:9.6-alpine
+        image: postgres:13.4-alpine
         environment:
             POSTGRES_USER: tunnistamo
             POSTGRES_PASSWORD: tunnistamo

local_settings.py.docker.template

@@ -2,7 +2,7 @@ DEBUG = True
 
 DATABASES = {
     'default': {
-        'ENGINE': 'django.db.backends.postgresql_psycopg2',
+        'ENGINE': 'django.db.backends.postgresql',
         'NAME': 'tunnistamo',
         'USER': 'tunnistamo',
         'PASSWORD': 'tunnistamo',

oidc_apis/migrations/0004_alter_apiscopetranslation_master.py

@@ -0,0 +1,26 @@
+# Generated by Django 4.2.14 on 2024-07-31 11:37
+
+from django.db import migrations
+import django.db.models.deletion
+import parler.fields
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("oidc_apis", "0003_api_backchannel_logout_url"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="apiscopetranslation",
+            name="master",
+            field=parler.fields.TranslationsForeignKey(
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="translations",
+                to="oidc_apis.apiscope",
+                verbose_name="API scope",
+            ),
+        ),
+    ]

oidc_apis/models.py

@@ -5,7 +5,7 @@
 from django.utils.translation import gettext_lazy as _
 from multiselectfield import MultiSelectField
 from oidc_provider.models import Client
-from parler.fields import TranslatedField
+from parler.fields import TranslatedField, TranslationsForeignKey
 from parler.managers import TranslatableQuerySet
 from parler.models import TranslatableModel, TranslatedFieldsModel
 
@@ -193,7 +193,7 @@ def _get_required_scopes(cls, scopes):
 
 
 class ApiScopeTranslation(TranslatedFieldsModel):
-    master = models.ForeignKey(
+    master = TranslationsForeignKey(
         ApiScope, related_name='translations', null=True,
         on_delete=models.CASCADE,
         verbose_name=_("API scope"))

oidc_apis/scopes.py

@@ -142,6 +142,7 @@ def create_response_dic(self):
             social_user = UserSocialAuth.objects.get(user=self.user, provider='suomifi')
         except UserSocialAuth.DoesNotExist:
             return dic
+
         for level in SuomiFiAccessLevel.objects.all():
             scope = 'suomifi_' + level.shorthand
             if scope in self.scopes:

requirements-dev.in

@@ -3,9 +3,9 @@
 flake8
 isort
 pip-tools
-pytest>=6.0
-pytest-cov>=2.10
-pytest-django>4.0
+pytest
+pytest-cov
+pytest-django
 httpretty
 factory_boy
 freezegun

requirements-dev.txt

@@ -4,68 +4,63 @@
 #
 #    pip-compile --strip-extras requirements-dev.in
 #
---no-binary psycopg2
-
 argparse==1.4.0
     # via unittest2
-attrs==21.2.0
-    # via pytest
-build==1.0.3
+build==1.2.1
     # via pip-tools
 click==8.1.7
     # via pip-tools
-coverage==6.0.2
+coverage==7.6.0
     # via pytest-cov
-exceptiongroup==1.0.4
+exceptiongroup==1.2.2
     # via pytest
-factory-boy==3.2.0
+factory-boy==3.3.0
     # via -r requirements-dev.in
-faker==13.3.2
+faker==26.0.0
     # via factory-boy
-flake8==4.0.1
+flake8==7.1.0
     # via -r requirements-dev.in
-freezegun==1.1.0
+freezegun==1.5.1
     # via -r requirements-dev.in
 httpretty==1.1.4
     # via -r requirements-dev.in
-importlib-metadata==7.0.1
+importlib-metadata==8.2.0
     # via build
-iniconfig==1.1.1
+iniconfig==2.0.0
     # via pytest
-isort==5.9.3
+isort==5.13.2
     # via -r requirements-dev.in
 linecache2==1.0.0
     # via traceback2
-mccabe==0.6.1
+mccabe==0.7.0
     # via flake8
-packaging==21.0
+packaging==24.1
     # via
+    #   -c requirements.txt
     #   build
     #   pytest
-pip-tools==7.4.0
+pip-tools==7.4.1
     # via -r requirements-dev.in
-pluggy==1.0.0
+pluggy==1.5.0
     # via pytest
-pycodestyle==2.8.0
+pycodestyle==2.12.0
     # via flake8
-pyflakes==2.4.0
+pyflakes==3.2.0
     # via flake8
-pyparsing==2.4.7
-    # via packaging
-pyproject-hooks==1.0.0
+pyproject-hooks==1.1.0
     # via
     #   build
     #   pip-tools
-pytest==7.2.0
+pytest==8.3.2
     # via
     #   -r requirements-dev.in
     #   pytest-cov
     #   pytest-django
-pytest-cov==3.0.0
+pytest-cov==5.0.0
     # via -r requirements-dev.in
-pytest-django==4.4.0
+pytest-django==4.8.0
     # via -r requirements-dev.in
-python-dateutil==2.8.2
+python-dateutil==2.9.0.post0
     # via
     #   faker
     #   freezegun
@@ -74,20 +69,19 @@ six==1.16.0
     #   -c requirements.txt
     #   python-dateutil
     #   unittest2
-tomli==1.2.1
+tomli==2.0.1
     # via
     #   build
     #   coverage
     #   pip-tools
-    #   pyproject-hooks
     #   pytest
 traceback2==1.4.0
     # via unittest2
 unittest2==1.1.0
     # via -r requirements-dev.in
-wheel==0.42.0
+wheel==0.43.0
     # via pip-tools
-zipp==3.17.0
+zipp==3.19.2
     # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:

requirements-prod.txt

@@ -4,7 +4,5 @@
 #
 #    pip-compile --strip-extras requirements-prod.in
 #
---no-binary psycopg2
-
-uwsgi==2.0.23
+uwsgi==2.0.26
     # via -r requirements-prod.in

requirements.in

@@ -1,16 +1,15 @@
-django<4.0
+django<5.0
 django-multiselectfield
-django-oauth-toolkit
-django-parler>2.1
+django-oauth-toolkit<=2.0
+django-parler
 django-cors-headers
 # Use our own fork of django-oidc-provider as long as the token extraction PR is not merged
 # https://github.com/juanifioren/django-oidc-provider/pull/389
-git+https://github.com/City-of-Helsinki/django-oidc-provider.git@745b7ebfabd568acc282ec0e8ac098f54ee933f9
-djangorestframework>=3.10
+git+https://github.com/City-of-Helsinki/django-oidc-provider.git@f25cf7665eef59d15f14a8b2a8276ec955b5b73b
+djangorestframework
 django-helusers
 django-bootstrap3
-psycopg2
---no-binary psycopg2
+psycopg[c]
 raven
 PyJWT[crypto]
 cryptography
@@ -20,7 +19,7 @@ django-compressor
 django-environ
 django-sass-processor
 social-auth-core[openidconnect,saml]
-python-jose>=3.2.0
+python-jose
 social-auth-app-django
 requests
 jwcrypto