Merge pull request #54 from omnivector-solutions/tucker/upgrade-pydantic

Tucker/upgrade pydantic

CHANGELOG.md

@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ## Unreleased
 
+## v2.0.0 - 2024-05-28
+
+- Upgraded pydantic base version to 2.7.
+- Upgraded fastapi base version to 0.111.
+
+
 ## v1.4.0 - 2024-04-01
 
 - Added plugin support

armasec/openid_config_loader.py

@@ -95,7 +95,7 @@ def jwks(self) -> JWKs:
         """
         if not self._jwks:
             self.debug_logger("Fetching jwks")
-            data = self._load_openid_resource(self.config.jwks_uri)
+            data = self._load_openid_resource(str(self.config.jwks_uri))
             with AuthenticationError.handle_errors(
                 message="jwks data was invalid",
                 do_except=partial(log_error, self.debug_logger),

armasec/pytest_extension.py

@@ -258,14 +258,14 @@ def _helper(
             )
             openid_config_route.return_value = httpx.Response(
                 starlette.status.HTTP_200_OK,
-                json=openid_config.dict(),
+                json=openid_config.model_dump(mode="json"),
             )
 
             jwks = JWKs(keys=[jwk])
             jwks_route = respx.get(jwks_uri)
             jwks_route.return_value = httpx.Response(
                 starlette.status.HTTP_200_OK,
-                json=jwks.dict(),
+                json=jwks.model_dump(mode="json"),
             )
             yield MockOpenidRoutes(openid_config_route, jwks_route)
 

armasec/schemas/jwks.py

@@ -4,7 +4,7 @@
 
 from typing import List, Optional
 
-from pydantic import BaseModel
+from pydantic import ConfigDict, BaseModel
 
 
 class JWK(BaseModel):
@@ -29,12 +29,10 @@ class JWK(BaseModel):
     kty: str
     n: str
 
-    use: Optional[str]
-    x5c: Optional[List[str]]
-    x5t: Optional[str]
-
-    class Config:
-        extra = "allow"
+    use: Optional[str] = None
+    x5c: Optional[List[str]] = None
+    x5t: Optional[str] = None
+    model_config = ConfigDict(extra="allow")
 
 
 class JWKs(BaseModel):

armasec/schemas/openid_config.py

@@ -2,7 +2,7 @@
 This module provides a pydantic schema describing openid-configuration data.
 """
 
-from pydantic import AnyHttpUrl, BaseModel
+from pydantic import ConfigDict, AnyHttpUrl, BaseModel
 
 
 class OpenidConfig(BaseModel):
@@ -18,6 +18,4 @@ class OpenidConfig(BaseModel):
 
     issuer: AnyHttpUrl
     jwks_uri: AnyHttpUrl
-
-    class Config:
-        extra = "allow"
+    model_config = ConfigDict(extra="allow")

armasec/token_decoder.py

@@ -98,7 +98,7 @@ def get_decode_key(self, token: str) -> dict:
             self.debug_logger(f"Checking key in jwk: {jwk}")
             if jwk.kid == kid:
                 self.debug_logger("Key matches unverified header. Using as decode secret.")
-                return jwk.dict()
+                return jwk.model_dump()
 
         raise AuthenticationError("Could not find a matching jwk")
 

armasec/token_payload.py

@@ -5,7 +5,7 @@
 from datetime import datetime
 from typing import List, Optional
 
-from pydantic import BaseModel, Field
+from pydantic import ConfigDict, BaseModel, Field, AliasChoices
 
 
 class TokenPayload(BaseModel):
@@ -22,12 +22,10 @@ class TokenPayload(BaseModel):
 
     sub: str
     permissions: List[str] = Field(list())
-    expire: datetime = Field(None, alias="exp")
-    client_id: str = Field(None, alias="azp")
+    expire: datetime = Field(None, validation_alias=AliasChoices("exp", "expire"))
+    client_id: str = Field(None, validation_alias=AliasChoices("azp", "client_id"))
     original_token: Optional[str] = None
-
-    class Config:
-        extra = "allow"
+    model_config = ConfigDict(extra="allow")
 
     def to_dict(self):
         """

armasec/token_security.py

@@ -8,7 +8,7 @@
 from fastapi import HTTPException, status
 from fastapi.openapi.models import APIKey, APIKeyIn
 from fastapi.security.api_key import APIKeyBase
-from pydantic import BaseModel
+from pydantic import ConfigDict, BaseModel
 from snick import unwrap
 from starlette.requests import Request
 
@@ -33,9 +33,7 @@ class ManagerConfig(BaseModel):
 
     manager: TokenManager
     domain_config: DomainConfig
-
-    class Config:
-        arbitrary_types_allowed = True
+    model_config = ConfigDict(arbitrary_types_allowed=True)
 
 
 class PermissionMode(AutoNameEnum):

armasec_cli/client.py

@@ -96,7 +96,7 @@ def _deserialize_request_model(
             ),
         ),
     ):
-        request_kwargs["content"] = request_model.json()
+        request_kwargs["content"] = request_model.model_dump_json()
         request_kwargs["headers"] = {"Content-Type": "application/json"}
 
 

armasec_cli/config.py

@@ -71,7 +71,7 @@ def wrapper(ctx: typer.Context, *args, **kwargs):
 
 def dump_settings(settings: Settings):
     logger.debug(f"Saving settings to {settings_path}")
-    settings_values = json.dumps(settings.dict())
+    settings_values = json.dumps(settings.model_dump())
     settings_path.write_text(settings_values)
 
 

armasec_cli/main.py

@@ -122,7 +122,7 @@ def show_config(ctx: typer.Context):
     """
     Show the current config.
     """
-    render_json(ctx.obj.settings.dict())
+    render_json(ctx.obj.settings.model_dump())
 
 
 @app.command()

armasec_cli/schemas.py

@@ -28,6 +28,6 @@ class DeviceCodeData(BaseModel):
 
 
 class CliContext(BaseModel, arbitrary_types_allowed=True):
-    persona: Optional[Persona]
-    client: Optional[httpx.Client]
-    settings: Optional[Settings]
+    persona: Optional[Persona] = None
+    client: Optional[httpx.Client] = None
+    settings: Optional[Settings] = None

docs/source/tutorials/getting_started_with_keycloak.md

@@ -172,7 +172,7 @@ _Set Password_
 
 In the form that opens, use "local" for the password (and confirmation). Make sure to
 turn off the "Temporary" flag so that the user will not have to change their password
-in this tutoria. Then, click the "Save" button to finish setting up the user
+in this tutorial. Then, click the "Save" button to finish setting up the user
 credentials.
 
 ![Save Password](../images/keycloak-save-password.png){: .framed-image}