Merge branch 'master' into arbabkhalil/PSRE-1253

.github/dependabot.yml

@@ -0,0 +1,9 @@
+version: 2
+updates:
+    # Adding new check for github-actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+        interval: "weekly"
+    reviewers:
+      - "openedx/arbi-bom"

.github/workflows/add-depr-ticket-to-depr-board.yml

@@ -0,0 +1,19 @@
+# Run the workflow that adds new tickets that are either:
+# - labelled "DEPR"
+# - title starts with "[DEPR]"
+# - body starts with "Proposal Date" (this is the first template field)
+# to the org-wide DEPR project board
+
+name: Add newly created DEPR issues to the DEPR project board
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  routeissue:
+    uses: openedx/.github/.github/workflows/add-depr-ticket-to-depr-board.yml@master
+    secrets:
+      GITHUB_APP_ID: ${{ secrets.GRAPHQL_AUTH_APP_ID }}
+      GITHUB_APP_PRIVATE_KEY: ${{ secrets.GRAPHQL_AUTH_APP_PEM }}
+      SLACK_BOT_TOKEN: ${{ secrets.SLACK_ISSUE_BOT_TOKEN }}

.github/workflows/add-remove-label-on-comment.yml

@@ -0,0 +1,20 @@
+# This workflow runs when a comment is made on the ticket
+# If the comment starts with "label: " it tries to apply
+# the label indicated in rest of comment.
+# If the comment starts with "remove label: ", it tries
+# to remove the indicated label.
+# Note: Labels are allowed to have spaces and this script does
+# not parse spaces (as often a space is legitimate), so the command
+# "label: really long lots of words label" will apply the
+# label "really long lots of words label"
+
+name: Allows for the adding and removing of labels via comment
+
+on:
+  issue_comment:
+    types: [created]
+
+jobs:
+  add_remove_labels:
+    uses: openedx/.github/.github/workflows/add-remove-label-on-comment.yml@master
+

.github/workflows/ci.yml

@@ -15,12 +15,12 @@ jobs:
       matrix:
         os: [ubuntu-20.04]
         python-version: ['3.8']
-        toxenv: [django22, django30, django31, django32, quality, check_keywords]
+        toxenv: [quality, django32, django42, check_keywords]
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: setup python
-      uses: actions/setup-python@v2
+      uses: actions/setup-python@v4
       with:
         python-version: ${{ matrix.python-version }}
 
@@ -36,8 +36,8 @@ jobs:
       run: tox
 
     - name: Run Coverage
-      if: matrix.python-version == '3.8' && matrix.toxenv=='django22'
-      uses: codecov/codecov-action@v1
+      if: matrix.python-version == '3.8' && matrix.toxenv=='django42'
+      uses: codecov/codecov-action@v3
       with:
         flags: unittests
         fail_ci_if_error: true

.github/workflows/commitlint.yml

@@ -7,4 +7,4 @@ on:
 
 jobs:
   commitlint:
-    uses: edx/.github/.github/workflows/commitlint.yml@master
+    uses: openedx/.github/.github/workflows/commitlint.yml@master

.github/workflows/pypi-publish.yml

@@ -12,9 +12,9 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: setup python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v4
         with:
           python-version: 3.8
 

.github/workflows/self-assign-issue.yml

@@ -0,0 +1,12 @@
+# This workflow runs when a comment is made on the ticket
+# If the comment starts with "assign me" it assigns the author to the
+# ticket (case insensitive)
+
+name: Assign comment author to ticket if they say "assign me"
+on:
+  issue_comment:
+    types: [created]
+
+jobs:
+  self_assign_by_comment:
+    uses: openedx/.github/.github/workflows/self-assign-issue.yml@master

.github/workflows/upgrade-python-requirements.yml

@@ -21,4 +21,4 @@ jobs:
        requirements_bot_github_email: ${{ secrets.REQUIREMENTS_BOT_GITHUB_EMAIL }}
        edx_smtp_username: ${{ secrets.EDX_SMTP_USERNAME }}
        edx_smtp_password: ${{ secrets.EDX_SMTP_PASSWORD }}
-    uses: edx/.github/.github/workflows/upgrade-python-requirements.yml@master
+    uses: openedx/.github/.github/workflows/upgrade-python-requirements.yml@master

CHANGELOG.rst

@@ -14,6 +14,26 @@ Unreleased
 
 *
 
+[4.2.0] - 2023-08-03
+--------------------
+
+Added
+~~~~~~~
+* Added support for Django 4.2
+
+[4.1.0] - 2022-01-28
+--------------------
+
+Removed
+~~~~~~~
+
+* Removed Django22, 30, 31
+
+Added
+~~~~~~~
+* Added Django40 support in CI
+
+
 [4.0.1] - 2021-11-01
 --------------------
 

HISTORY.rst

@@ -97,7 +97,7 @@ Updated LoginRedirectBaseView to include querystring
 
 Intervening releases not documented here; see Releases:
 
-https://github.com/edx/auth-backends/releases?after=1.1.2
+https://github.com/openedx/auth-backends/releases?after=1.1.2
 
 
 0.1.3 (2015-03-31)

Makefile

@@ -36,6 +36,8 @@ upgrade: $(COMMON_CONSTRAINTS_TXT)  ## update the requirements/*.txt files with
 	# Make sure to compile files after any other files they include!
 	$(PIP_COMPILE) --allow-unsafe --rebuild -o requirements/pip.txt requirements/pip.in
 	$(PIP_COMPILE) -o requirements/pip-tools.txt requirements/pip-tools.in
+	pip install -qr requirements/pip.txt
+	pip install -qr requirements/pip-tools.txt
 	$(PIP_COMPILE) -o requirements/base.txt requirements/base.in
 	$(PIP_COMPILE) -o requirements/test.txt requirements/test.in
 	$(PIP_COMPILE) -o requirements/ci.txt requirements/ci.in

README.rst

@@ -1,7 +1,7 @@
 auth-backends  |CI|_ |Codecov|_
 ===================================
-.. |CI| image:: https://github.com/edx/auth-backends/workflows/Python%20CI/badge.svg?branch=master
-.. _CI: https://github.com/edx/auth-backends/actions?query=workflow%3A%22Python+CI%22
+.. |CI| image:: https://github.com/openedx/auth-backends/workflows/Python%20CI/badge.svg?branch=master
+.. _CI: https://github.com/openedx/auth-backends/actions?query=workflow%3A%22Python+CI%22
 
 .. |Codecov| image:: http://codecov.io/github/edx/auth-backends/coverage.svg?branch=master
 .. _Codecov: http://codecov.io/github/edx/auth-backends?branch=master
@@ -118,7 +118,7 @@ Publishing a Release
 --------------------
 
 After a PR merges, create a new tag from ``master`` branch with a new version of the package and create a
-`Github release <https://github.com/edx/auth-backends/releases>`_
+`Github release <https://github.com/openedx/auth-backends/releases>`_
 using the new tag that will automatically publish the package to PyPi when a release is created.
 
 
@@ -134,15 +134,12 @@ How To Contribute
 
 Contributions are very welcome!
 
-Please read `How To Contribute <https://github.com/edx/edx-platform/blob/master/CONTRIBUTING.rst>`_ for details.
-
-Even though it was written with `edx-platform <https://github.com/edx/edx-platform>`_ in mind,
-the guidelines should be followed for Open edX code in general.
+Please read `How To Contribute <https://github.com/openedx/.github/blob/master/CONTRIBUTING.md>`_ for details.
 
 Reporting Security Issues
 -------------------------
 
-Please do not report security issues in public. Please email security@edx.org.
+Please do not report security issues in public. Please email security@openedx.org.
 
 Mailing List and IRC Channel
 ----------------------------

auth_backends/__init__.py

@@ -3,4 +3,4 @@
  These package is designed to be used primarily with Open edX Django projects, but should be compatible with non-edX
  projects as well.
 """
-__version__ = '4.0.1'  # pragma: no cover
+__version__ = '4.2.0'  # pragma: no cover

auth_backends/docs/decisions/0001-use-changelog.rst

@@ -15,4 +15,4 @@ Decision
 
 For more background or details of this decision, see duplicate `0001-use-changelog.rst decision in edx-drf-extensions`_.
 
-.. _0001-use-changelog.rst decision in edx-drf-extensions: https://github.com/edx/edx-drf-extensions/blob/master/docs/decisions/0001-use-changelog.rst
+.. _0001-use-changelog.rst decision in edx-drf-extensions: https://github.com/openedx/edx-drf-extensions/blob/master/docs/decisions/0001-use-changelog.rst

auth_backends/tests/test_backends.py

@@ -3,11 +3,10 @@
 import json
 from calendar import timegm
 
+import jwt
 import six
 from Cryptodome.PublicKey import RSA
 from django.core.cache import cache
-from jwkest.jwk import RSAKey
-from jwkest.jws import JWS
 from social_core.tests.backends.oauth import OAuth2Test
 
 
@@ -25,7 +24,7 @@ class EdXOAuth2Tests(OAuth2Test):
     def setUp(self):
         cache.clear()
         super().setUp()
-        self.key = RSAKey(kid='testkey', key=RSA.generate(2048))
+        self.key = RSA.generate(2048).export_key('PEM')
 
     def set_social_auth_setting(self, setting_name, value):
         """
@@ -45,7 +44,7 @@ def access_token_body(self, request, _url, headers):
         self.assertEqual(body['token_type'], ['jwt'])
 
         expires_in = 3600
-        access_token = self.create_jws_access_token(expires_in)
+        access_token = self.create_jwt_access_token(expires_in)
         body = json.dumps({
             'scope': 'read write profile email user_id',
             'token_type': 'JWT',
@@ -54,18 +53,18 @@ def access_token_body(self, request, _url, headers):
         })
         return 200, headers, body
 
-    def create_jws_access_token(self, expires_in=3600, issuer=None, key=None, alg='RS512'):
+    def create_jwt_access_token(self, expires_in=3600, issuer=None, key=None, alg='RS512'):
         """
-        Creates a signed (JWS) access token.
+        Creates a signed (JWT) access token.
 
         Arguments:
             expires_in (int): Number of seconds after which the token expires.
             issuer (str): Issuer of the token.
-            key (jwkest.jwk.Key): Key used to sign the token.
+            key (bytes PEM-format): Key used to sign the token.
             alg (str): Signing algorithm.
 
         Returns:
-            str: JWS
+            str: JWT
         """
         key = key or self.key
         now = datetime.datetime.utcnow()
@@ -86,7 +85,7 @@ def create_jws_access_token(self, expires_in=3600, issuer=None, key=None, alg='R
             'family_name': 'Smith',
             'user_id': '1',
         }
-        access_token = JWS(payload, jwk=key, alg=alg).sign_compact()
+        access_token = jwt.encode(payload, key, algorithm=alg)
         return access_token
 
     def extra_settings(self):
@@ -150,7 +149,7 @@ def test_end_session_url(self):
         self.assertEqual(self.backend.end_session_url(), self.public_url_root + logout_location)
 
     def test_user_data(self):
-        user_data = self.backend.user_data(self.create_jws_access_token())
+        user_data = self.backend.user_data(self.create_jwt_access_token())
         self.assertDictEqual(user_data, {
             'name': 'Joe Smith',
             'preferred_username': 'jsmith',