dpgaspar · dpgaspar · Feb 14, 2024 · Feb 14, 2024 · Feb 14, 2024 · Feb 14, 2024
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -83,7 +83,7 @@ jobs:
           pip install -r requirements-extra.txt
       - name: Run tests
         run: |
-          nose2 -c setup.cfg -F -v --with-coverage --coverage flask_appbuilder -A '!mongo' tests
+          nose2 -c setup.cfg -F -v --with-coverage --coverage flask_appbuilder -A '!mongo,!openid' tests
       - name: Upload code coverage
         run: |
           bash <(curl -s https://codecov.io/bash) -cF python
@@ -134,7 +134,7 @@ jobs:
           pip install -r requirements-extra.txt
       - name: Run tests
         run: |
-          nose2 -c setup.cfg -F -v --with-coverage --coverage flask_appbuilder -A '!mongo' tests
+          nose2 -c setup.cfg -F -v --with-coverage --coverage flask_appbuilder -A '!mongo,!openid' tests
       - name: Upload code coverage
         run: |
           bash <(curl -s https://codecov.io/bash) -cF python
@@ -184,7 +184,7 @@ jobs:
           sudo cp .github/workflows/odbcinst.ini /etc/odbcinst.ini
       - name: Run tests
         run: |
-          nose2 -c setup.cfg -F -v --with-coverage --coverage flask_appbuilder -A '!mongo' tests
+          nose2 -c setup.cfg -F -v --with-coverage --coverage flask_appbuilder -A '!mongo,!openid' tests
       - name: Upload code coverage
         run: |
           bash <(curl -s https://codecov.io/bash) -cF python
@@ -205,18 +205,6 @@ jobs:
         uses: actions/setup-python@v4
         with:
           python-version: ${{ matrix.python-version }}
-      - name: Run openldap
-        run: |
-          docker run -d \
-            -v '${{ github.workspace }}/docker/openldap/ldifs:/ldifs' \
-            -v '${{ github.workspace }}/docker/openldap/schemas/memberof.ldif:/opt/bitnami/openldap/etc/schema/memberof.ldif' \
-            -e LDAP_URI=ldap://openldap:1389 \
-            -e LDAP_BASE=dc=example,dc=org \
-            -e LDAP_ADMIN_USERNAME=admin \
-            -e LDAP_ADMIN_PASSWORD=admin_password \
-            -e LDAP_EXTRA_SCHEMAS=cosine,inetorgperson,nis,memberof \
-            -p 1389:1389 \
-            bitnami/openldap:2.6.4
       - name: Install dependencies
         run: |
           sudo apt-get update
@@ -232,3 +220,30 @@ jobs:
       - name: Upload code coverage
         run: |
           bash <(curl -s https://codecov.io/bash) -cF python
+
+  test-openid:
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        python-version: [3.8]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y libldap2-dev libsasl2-dev libssl-dev
+          pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install -r requirements-dev.txt
+          pip install -r requirements-extra.txt
+          pip install -r requirements-openid.txt
+      - name: Run tests
+        run: |
+          nose2 -c setup.cfg -F -v --with-coverage --coverage flask_appbuilder -A 'openid' tests
+      - name: Upload code coverage
+        run: |
+          bash <(curl -s https://codecov.io/bash) -cF python
diff --git a/flask_appbuilder/security/manager.py b/flask_appbuilder/security/manager.py
@@ -268,7 +268,12 @@ def __init__(self, appbuilder):
         if self.auth_type == AUTH_OID:
             from flask_openid import OpenID
 
+            log.warning(
+                "AUTH_OID is deprecated and will be removed in version 5. "
+                "Migrate to other authentication methods."
+            )
             self.oid = OpenID(app)
+
         if self.auth_type == AUTH_OAUTH:
             from authlib.integrations.flask_client import OAuth
 

diff --git a/flask_appbuilder/security/mongoengine/manager.py b/flask_appbuilder/security/mongoengine/manager.py
@@ -39,6 +39,8 @@ def __init__(self, appbuilder):
             F.A.B AppBuilder main object
         """
         super(SecurityManager, self).__init__(appbuilder)
+        log.warning("MongoEngine is deprecated and will be removed in version 5.")
+
         user_datamodel = MongoEngineInterface(self.user_model)
         if self.auth_type == c.AUTH_DB:
             self.userdbmodelview.datamodel = user_datamodel

diff --git a/flask_appbuilder/security/views.py b/flask_appbuilder/security/views.py
@@ -596,6 +596,10 @@ def after_login(resp):
                 remember_me = session["remember_me"]
                 session.pop("remember_me", None)
 
+            log.warning(
+                "AUTH_OID is deprecated and will be removed in version 5. "
+                "Migrate to other authentication methods."
+            )
             login_user(user, remember=remember_me)
             next_url = request.args.get("next", "")
             return redirect(get_safe_redirect(next_url))

diff --git a/requirements-extra.txt b/requirements-extra.txt
@@ -6,4 +6,3 @@ pyodbc==5.0.1
 requests==2.26.0
 Authlib==1.2.1
 python-ldap==3.4.3
-flask-openid==1.3.0
diff --git a/requirements-mongodb.txt b/requirements-mongodb.txt
@@ -1,3 +1,5 @@
+flask==2.2.5
+werkzeug==2.3.7
 flask-mongoengine==1.0.0
 mongoengine==0.27.0
 pymongo==4.5.0
diff --git a/requirements-openid.txt b/requirements-openid.txt
@@ -0,0 +1,3 @@
+flask==2.2.5
+werkzeug==2.3.7
+flask-openid==1.3.0
diff --git a/requirements.txt b/requirements.txt
@@ -24,7 +24,7 @@ dnspython==2.4.2
     # via email-validator
 email-validator==1.3.1
     # via Flask-AppBuilder (setup.py)
-flask==2.2.5
+flask==2.3.3
     # via
     #   Flask-AppBuilder (setup.py)
     #   flask-babel
@@ -39,7 +39,7 @@ flask-jwt-extended==4.5.3
     # via Flask-AppBuilder (setup.py)
 flask-limiter==3.5.0
     # via Flask-AppBuilder (setup.py)
-flask-login==0.6.2
+flask-login==0.6.3
     # via Flask-AppBuilder (setup.py)
 flask-sqlalchemy==2.5.1
     # via Flask-AppBuilder (setup.py)
@@ -137,7 +137,7 @@ typing-extensions==4.8.0
     #   flask-limiter
     #   limits
     #   rich
-werkzeug==2.3.7
+werkzeug==3.0.1
     # via
     #   Flask-AppBuilder (setup.py)
     #   flask

diff --git a/setup.py b/setup.py
@@ -49,7 +49,7 @@ def desc():
         "colorama>=0.3.9, <1",
         "click>=8, <9",
         "email_validator>=1.0.5, <2",
-        "Flask>=2, <2.3.0",  # Otherwise breaks flask-mongoengine 1.0.0 (Should be fixed in 1.0.1)
+        "Flask>=2, <3.0.0",
         "Flask-Babel>=1, <3",
         "Flask-Limiter>3,<4",
         "Flask-Login>=0.3, <0.7",
@@ -66,7 +66,7 @@ def desc():
         "SQLAlchemy<1.5",
         "sqlalchemy-utils>=0.32.21, <1",
         "WTForms<4",
-        "werkzeug<3",  # Otherwise breaks Flask-Login 0.6.2
+        "werkzeug<4",
     ],
     extras_require={
         "jmespath": ["jmespath>=0.9.5"],

diff --git a/tests/test_mvc_oid.py b/tests/test_mvc_oid.py
@@ -5,6 +5,8 @@
 
 
 class MVCOIDTestCase(FABTestCase):
+    openid = True
+
     def setUp(self):
         from flask import Flask
         from flask_appbuilder import AppBuilder