From 007177171b20918e0fc3ee96bca9e59c1c22ec84 Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Thu, 19 Sep 2024 13:08:21 +0000 Subject: [PATCH 1/8] re-enable E501 --- ruff.toml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ruff.toml b/ruff.toml index fcff9c805..b25602e4d 100644 --- a/ruff.toml +++ b/ruff.toml @@ -5,5 +5,4 @@ target-version = "py310" [lint] select = ["E", "F", "W", "I", "ASYNC", "UP", "FLY", "PERF", "FURB"] -# For now, ignore E501 (line too long) errors. They are in strings and comments. -ignore = ["E501"] +ignore = [] From b74d0bc8838f46d031fcfae57ca59202a4654b31 Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Thu, 19 Sep 2024 13:29:51 +0000 Subject: [PATCH 2/8] keep format of XML-strings even if they are long --- src/eduid/webapp/bankid/tests/test_app.py | 8 ++++---- src/eduid/webapp/common/authn/tests/responses.py | 2 +- src/eduid/webapp/eidas/tests/test_app.py | 8 ++++---- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/eduid/webapp/bankid/tests/test_app.py b/src/eduid/webapp/bankid/tests/test_app.py index 611ad2615..32ed05f87 100644 --- a/src/eduid/webapp/bankid/tests/test_app.py +++ b/src/eduid/webapp/bankid/tests/test_app.py @@ -92,7 +92,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: {extra_attributes} -""" +""" # noqa: E501 self.saml_response_tpl_success = """ https://idp.example.com/simplesaml/saml2/idp/metadata.php @@ -138,7 +138,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: -""" +""" # noqa: E501 self.saml_response_tpl_fail = """ https://idp.example.com/simplesaml/saml2/idp/metadata.php @@ -148,7 +148,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: User login was not successful or could not meet the requirements of the requesting application. -""" +""" # noqa: E501 self.saml_response_tpl_cancel = """ @@ -159,7 +159,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: The login attempt was cancelled -""" +""" # noqa: E501 super().setUp(users=["hubba-bubba", "hubba-baar"]) diff --git a/src/eduid/webapp/common/authn/tests/responses.py b/src/eduid/webapp/common/authn/tests/responses.py index 1cabf12be..749a3d705 100644 --- a/src/eduid/webapp/common/authn/tests/responses.py +++ b/src/eduid/webapp/common/authn/tests/responses.py @@ -77,7 +77,7 @@ def auth_response(session_id: str, eppn: str, accr: EduidAuthnContextClass | Non -""" +""" # noqa: E501 return saml_response_tpl.format( **{ diff --git a/src/eduid/webapp/eidas/tests/test_app.py b/src/eduid/webapp/eidas/tests/test_app.py index a4179a321..730053a3b 100644 --- a/src/eduid/webapp/eidas/tests/test_app.py +++ b/src/eduid/webapp/eidas/tests/test_app.py @@ -106,7 +106,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: {extra_attributes} -""" +""" # noqa: E501 self.saml_response_tpl_fail = """ https://idp.example.com/simplesaml/saml2/idp/metadata.php @@ -116,7 +116,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: User login was not successful or could not meet the requirements of the requesting application. -""" +""" # noqa: E501 self.saml_response_tpl_cancel = """ @@ -127,7 +127,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: The login attempt was cancelled -""" +""" # noqa: E501 self.saml_response_foreign_eid_tpl_success = """ @@ -182,7 +182,7 @@ def setUp(self, *args: Any, **kwargs: Any) -> None: {extra_attributes} -""" +""" # noqa: E501 super().setUp(users=["hubba-bubba", "hubba-baar"]) From 9d85583ad4dd7385919750902de5bce02a043670 Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Thu, 19 Sep 2024 13:30:25 +0000 Subject: [PATCH 3/8] ignore dead code for now --- src/eduid/scimapi/routers/invites.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/eduid/scimapi/routers/invites.py b/src/eduid/scimapi/routers/invites.py index 19732beb5..df2a7032d 100644 --- a/src/eduid/scimapi/routers/invites.py +++ b/src/eduid/scimapi/routers/invites.py @@ -137,7 +137,7 @@ async def on_put( # req.app.context.logger.info(f"Profile {this}/{update_request.nutid_user_v1.profiles[this]} updated") # profiles_changed = True # else: - # req.app.context.logger.info(f"Profile {this}/{update_request.nutid_user_v1.profiles[this]} not changed") + # req.app.context.logger.info(f"Profile {this}/{update_request.nutid_user_v1.profiles[this]} not changed") # noqa: E501 # for this in db_invite.profiles.keys(): # if this not in update_request.nutid_user_v1.profiles: # req.app.context.logger.info(f"Profile {this}/{db_invite.profiles[this]} removed") From 5ba1c85c866879c971bc420b3759ee1f3545796f Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Thu, 19 Sep 2024 13:33:43 +0000 Subject: [PATCH 4/8] reformat comments --- src/eduid/common/config/base.py | 10 +++++----- src/eduid/satosa/scimapi/stepup.py | 6 +++++- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/src/eduid/common/config/base.py b/src/eduid/common/config/base.py index 2c86bc401..9e10a6f9b 100644 --- a/src/eduid/common/config/base.py +++ b/src/eduid/common/config/base.py @@ -197,12 +197,12 @@ class FlaskConfig(CORSMixin): # per-file basis using the get_send_file_max_age() hook on Flask or Blueprint, # respectively. Defaults to 43200 (12 hours). send_file_max_age_default: int = 43200 # 12 hours - # the name and port number of the server. Required for subdomain support (e.g.: 'myapp.dev:5000') Note that localhost - # does not support subdomains so setting this to “localhost” does not help. Setting a SERVER_NAME also by default - # enables URL generation without a request context but with an application context. + # the name and port number of the server. Required for subdomain support (e.g.: 'myapp.dev:5000') Note that + # localhost does not support subdomains so setting this to “localhost” does not help. Setting a SERVER_NAME also by + # default enables URL generation without a request context but with an application context. server_name: str | None = None - # If the application does not occupy a whole domain or subdomain this can be set to the path where the application is - # configured to live. This is for session cookie as path value. If domains are used, this should be None. + # If the application does not occupy a whole domain or subdomain this can be set to the path where the application + # is configured to live. This is for session cookie as path value. If domains are used, this should be None. application_root: str = "/" # The URL scheme that should be used for URL generation if no URL scheme is # available. This defaults to http diff --git a/src/eduid/satosa/scimapi/stepup.py b/src/eduid/satosa/scimapi/stepup.py index acfedfbb4..d6b59ff19 100644 --- a/src/eduid/satosa/scimapi/stepup.py +++ b/src/eduid/satosa/scimapi/stepup.py @@ -28,7 +28,11 @@ from satosa.context import Context from satosa.exception import SATOSAAuthenticationError, SATOSAError from satosa.internal import InternalData -from satosa.micro_services.base import ( # TODO: Enable when https://github.com/IdentityPython/SATOSA/pull/435 has been accepted; CallbackCallSignature,; CallbackReturnType,; ProcessReturnType, +from satosa.micro_services.base import ( + # TODO: Enable when https://github.com/IdentityPython/SATOSA/pull/435 has been accepted; + # CallbackCallSignature, + # CallbackReturnType, + # ProcessReturnType, RequestMicroService, ResponseMicroService, ) From db171a2662b894755d02dcf0461d79e0c3f7aa87 Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Thu, 19 Sep 2024 13:53:24 +0000 Subject: [PATCH 5/8] more comments --- src/eduid/satosa/scimapi/stepup.py | 9 ++++++--- src/eduid/userdb/util.py | 4 +++- src/eduid/webapp/common/proofing/methods.py | 3 ++- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/src/eduid/satosa/scimapi/stepup.py b/src/eduid/satosa/scimapi/stepup.py index d6b59ff19..4b14fffc4 100644 --- a/src/eduid/satosa/scimapi/stepup.py +++ b/src/eduid/satosa/scimapi/stepup.py @@ -98,10 +98,13 @@ class StepupPluginConfig(BaseModel): class StepupParams(BaseModel): issuer: str - issuer_loa: str | None = None # LoA that the IdP released - as requested through the acr_mapping configuration + # LoA that the IdP released - as requested through the acr_mapping configuration + issuer_loa: str | None = None requester: EntityId - requester_loas: list[str] # (original) LoAs required by the requester - loa_settings: LoaSettings # LoA settings to use. Either from the configuration or derived using entity attributes in the metadata. + # (original) LoAs required by the requester + requester_loas: list[str] + # LoA settings to use. Either from the configuration or derived using entity attributes in the metadata. + loa_settings: LoaSettings # Applied to response from IDP diff --git a/src/eduid/userdb/util.py b/src/eduid/userdb/util.py index 7da2da2e3..4e3d5db95 100644 --- a/src/eduid/userdb/util.py +++ b/src/eduid/userdb/util.py @@ -24,7 +24,9 @@ def dst(self, dt): return datetime.timedelta(0) -# NOTE: This function is copied from eduid.webapp.common.misc.timeutil because eduid-userdb can't import eduid.webapp.common +# NOTE: This function is copied from eduid.webapp.common.misc.timeutil +# because eduid-userdb can't import eduid.webapp.common +# TODO: check this as it is in eduid.common.misc.timeutil def utc_now() -> datetime.datetime: """Return current time with tz=UTC""" return datetime.datetime.now(tz=datetime.timezone.utc) diff --git a/src/eduid/webapp/common/proofing/methods.py b/src/eduid/webapp/common/proofing/methods.py index f2de1e752..e7d819688 100644 --- a/src/eduid/webapp/common/proofing/methods.py +++ b/src/eduid/webapp/common/proofing/methods.py @@ -181,7 +181,8 @@ def get_proofing_method( framework=TrustFramework.EIDAS, idp=config.foreign_identity_idp, method=method, - required_loa=config.foreign_required_loa, # TODO: True Required LOA is likely higher here when verifying credentials + # TODO: True Required LOA is likely higher here when verifying credentials + required_loa=config.foreign_required_loa, ) if method == "svipe_id": return ProofingMethodSvipe( From 13974d5080f5fdede2abaeb6fb4168c497572bd8 Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Thu, 19 Sep 2024 14:10:39 +0000 Subject: [PATCH 6/8] use implicit string concatenation to break long lines --- src/eduid/satosa/scimapi/accr.py | 3 ++- src/eduid/scimapi/tests/test_scimgroup.py | 3 ++- src/eduid/webapp/common/api/helpers.py | 5 ++++- src/eduid/webapp/common/api/testing.py | 7 ++++--- .../webapp/common/authn/tests/test_fido_tokens.py | 10 ++++++++-- src/eduid/webapp/group_management/helpers.py | 6 ++++-- src/eduid/webapp/idp/idp_authn.py | 3 ++- src/eduid/webapp/reset_password/tests/test_app.py | 4 +++- src/eduid/webapp/signup/helpers.py | 3 ++- src/eduid/workers/am/tests/test_proofing_fetchers.py | 7 ++++--- src/eduid/workers/job_runner/helpers.py | 3 ++- 11 files changed, 37 insertions(+), 17 deletions(-) diff --git a/src/eduid/satosa/scimapi/accr.py b/src/eduid/satosa/scimapi/accr.py index 4c35955ce..5cd93b92a 100644 --- a/src/eduid/satosa/scimapi/accr.py +++ b/src/eduid/satosa/scimapi/accr.py @@ -93,7 +93,8 @@ def process(self, context: satosa.context.Context, data: satosa.internal.Interna supported_accr = self.supported_accr_sorted_by_prio required_accr_by_virtual_idp = supported_accr[: supported_accr.index(minimum_accr) + 1] logger.info( - f"Replacing requested ACCR: {requested_accr}, with what {virtual_idp} requires: {required_accr_by_virtual_idp}." + f"Replacing requested ACCR: {requested_accr}, " + f"with what {virtual_idp} requires: {required_accr_by_virtual_idp}." ) accr_to_forward = required_accr_by_virtual_idp diff --git a/src/eduid/scimapi/tests/test_scimgroup.py b/src/eduid/scimapi/tests/test_scimgroup.py index 38864cd65..d098d303d 100644 --- a/src/eduid/scimapi/tests/test_scimgroup.py +++ b/src/eduid/scimapi/tests/test_scimgroup.py @@ -139,7 +139,8 @@ def _perform_search( self.assertEqual( expected_group.display_name, resources[0].get("displayName"), - f"Search parsed_response group does not have the expected displayName: {str(expected_group.display_name)}", + "Search parsed_response group does not have the expected displayName: " + f"{str(expected_group.display_name)}", ) return resources diff --git a/src/eduid/webapp/common/api/helpers.py b/src/eduid/webapp/common/api/helpers.py index 15f184539..ca99e86ae 100644 --- a/src/eduid/webapp/common/api/helpers.py +++ b/src/eduid/webapp/common/api/helpers.py @@ -97,7 +97,10 @@ def set_user_names_from_official_address( """ user.given_name = proofing_log_entry.user_postal_address.name.given_name user.surname = proofing_log_entry.user_postal_address.name.surname - user.legal_name = f"{proofing_log_entry.user_postal_address.name.given_name} {proofing_log_entry.user_postal_address.name.surname}" + user.legal_name = ( + f"{proofing_log_entry.user_postal_address.name.given_name} " + f"{proofing_log_entry.user_postal_address.name.surname}" + ) # please mypy if user.given_name is None or user.surname is None: diff --git a/src/eduid/webapp/common/api/testing.py b/src/eduid/webapp/common/api/testing.py index 409db5b5f..26d93916e 100644 --- a/src/eduid/webapp/common/api/testing.py +++ b/src/eduid/webapp/common/api/testing.py @@ -510,9 +510,10 @@ def _assure_not_in_dict(d: Mapping[str, Any], unwanted_key: str): assert ( k in _json["payload"] ), f"The Flux response payload {_json['payload']} does not contain {repr(k)}" - assert ( - v == _json["payload"][k] - ), f"The Flux response payload item {repr(k)} should be {repr(v)} but is {repr(_json['payload'][k])}" + assert v == _json["payload"][k], ( + f"The Flux response payload item {repr(k)} should be {repr(v)} " + f"but is {repr(_json['payload'][k])}" + ) if assure_not_in_payload is not None: for key in assure_not_in_payload: _assure_not_in_dict(_json["payload"], key) diff --git a/src/eduid/webapp/common/authn/tests/test_fido_tokens.py b/src/eduid/webapp/common/authn/tests/test_fido_tokens.py index b36486144..4d89750e3 100644 --- a/src/eduid/webapp/common/authn/tests/test_fido_tokens.py +++ b/src/eduid/webapp/common/authn/tests/test_fido_tokens.py @@ -61,8 +61,14 @@ def __init__(self, config: MockFidoConfig): SAMPLE_WEBAUTHN_REQUEST = { "credentialId": "i3KjBT0t5TPm693T9O0f4zyiwvdu9cY8BegCjiVvq_FS-ZmPcvXipFvHvD5CH6ZVRR3nsVsOla0Cad3fbtUA_Q", "authenticatorData": "3PcEcSYqagziJNECYxSBKMR01J4pmySHIPPDM-42YdMBAAAGNw", - # {"type":"webauthn.get","challenge":"saoY-78kzDgV6mX5R2ixraC699jEU1cJTu7I9twUfJQ","origin":"https://idp.eduid.docker","crossOrigin":false} - "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoic2FvWS03OGt6RGdWNm1YNVIyaXhyYUM2OTlqRVUxY0pUdTdJOXR3VWZKUSIsIm9yaWdpbiI6Imh0dHBzOi8vaWRwLmVkdWlkLmRvY2tlciIsImNyb3NzT3JpZ2luIjpmYWxzZX0", + # { + # "type":"webauthn.get", + # "challenge":"saoY-78kzDgV6mX5R2ixraC699jEU1cJTu7I9twUfJQ", + # "origin":"https://idp.eduid.docker", + # "crossOrigin":false + # } + "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoic2FvWS03OGt6RGdWNm1YNVIyaXhyYUM2OTlqRVUxY0pU" + "dTdJOXR3VWZKUSIsIm9yaWdpbiI6Imh0dHBzOi8vaWRwLmVkdWlkLmRvY2tlciIsImNyb3NzT3JpZ2luIjpmYWxzZX0", # This is a fake signature, we mock its verification below "signature": "MEUCICVPIQ5fO6gXtu3nXD9ff5ILcmWc54m6AxvK9vcS8IjkAiEAoFAKblpl29UHK6AhnOf6r7hezTZeQdK5lB4J3F-cguY", } diff --git a/src/eduid/webapp/group_management/helpers.py b/src/eduid/webapp/group_management/helpers.py index b3ae9c61b..4308addaa 100644 --- a/src/eduid/webapp/group_management/helpers.py +++ b/src/eduid/webapp/group_management/helpers.py @@ -169,7 +169,8 @@ def remove_user_from_group(scim_user: ScimApiUser, scim_group: ScimApiGroup, rol if not current_app.scimapi_groupdb.save(scim_group): raise EduIDDBError(f"Failed to save group with scim_id {scim_group.scim_id}") current_app.logger.info( - f"Removed user as with scim_id {scim_user.scim_id} as {role.value} from group with scim_id {scim_group.scim_id}" + f"Removed user as with scim_id {scim_user.scim_id} as {role.value} " + f"from group with scim_id {scim_group.scim_id}" ) return None @@ -285,7 +286,8 @@ def send_delete_invite_email(invite_state: GroupInviteState): ) except MailTaskFailed as e: current_app.logger.error( - f"Sending group {invite_state.group_scim_id} cancel invite email to {invite_state.email_address} failed: {e}" + f"Sending group {invite_state.group_scim_id} cancel invite email to " + f"{invite_state.email_address} failed: {e}" ) raise e diff --git a/src/eduid/webapp/idp/idp_authn.py b/src/eduid/webapp/idp/idp_authn.py index 32c624d6a..60ff8b798 100644 --- a/src/eduid/webapp/idp/idp_authn.py +++ b/src/eduid/webapp/idp/idp_authn.py @@ -129,7 +129,8 @@ def _verify_username_and_password2(self, user: IdPUser, password: str) -> Passwo authn_info = self.authn_store.get_user_authn_info(user) if authn_info.failures_this_month > self.config.max_authn_failures_per_month: logger.info( - f"User {user!r} AuthN failures this month {authn_info.failures_this_month!r} > {self.config.max_authn_failures_per_month!r}" + f"User {user!r} AuthN failures this month " + f"{authn_info.failures_this_month!r} > {self.config.max_authn_failures_per_month!r}" ) raise exceptions.EduidTooManyRequests("Too Many Requests") diff --git a/src/eduid/webapp/reset_password/tests/test_app.py b/src/eduid/webapp/reset_password/tests/test_app.py index 46440f609..3d71a7499 100644 --- a/src/eduid/webapp/reset_password/tests/test_app.py +++ b/src/eduid/webapp/reset_password/tests/test_app.py @@ -928,7 +928,9 @@ def test_post_reset_password_secure_token_no_data(self): def test_post_reset_password_secure_token_wrong_credential(self): credential_data = { - "credential_data": "AAAAAAAAAAAAAAAAAAAAAABAi3KjBT0t5TPm693T0O0f4zyiwvdu9cY8BegCjiVvq_FS-ZmPcvXipFvHvD5CH6ZVRR3nsVsOla0Cad3fbtUA_aUBAgMmIAEhWCCiwDYGxl1LnRMqooWm0aRR9YbBG2LZ84BMNh_4rHkA9yJYIIujMrUOpGekbXjgMQ8M13ZsBD_cROSPB79eGz2Nw1ZE" + "credential_data": "AAAAAAAAAAAAAAAAAAAAAABAi3KjBT0t5TPm693T0O0f4zyiwvdu9cY8BegCjiVvq_FS-ZmPcvXipFvHv" + "D5CH6ZVRR3nsVsOla0Cad3fbtUA_aUBAgMmIAEhWCCiwDYGxl1LnRMqooWm0aRR9YbBG2LZ84BMNh_4rHkA9yJYIIujMrUOpGekb" + "XjgMQ8M13ZsBD_cROSPB79eGz2Nw1ZE" } response = self._post_reset_password_secure_token(credential_data=credential_data) self._check_error_response( diff --git a/src/eduid/webapp/signup/helpers.py b/src/eduid/webapp/signup/helpers.py index 61746c5e0..25c6f396e 100644 --- a/src/eduid/webapp/signup/helpers.py +++ b/src/eduid/webapp/signup/helpers.py @@ -260,7 +260,8 @@ def record_tou(signup_user: SignupUser, tou_version: str) -> None: """ event = ToUEvent(version=tou_version, created_by=current_app.conf.app_name) current_app.logger.info( - f"Recording ToU acceptance {event.event_id} (version {event.version}) for user {signup_user} (source: {current_app.conf.app_name})" + f"Recording ToU acceptance {event.event_id} (version {event.version}) for user {signup_user} " + f"(source: {current_app.conf.app_name})" ) signup_user.tou.add(event) diff --git a/src/eduid/workers/am/tests/test_proofing_fetchers.py b/src/eduid/workers/am/tests/test_proofing_fetchers.py index ecbb9a3c1..1e0f4d91f 100644 --- a/src/eduid/workers/am/tests/test_proofing_fetchers.py +++ b/src/eduid/workers/am/tests/test_proofing_fetchers.py @@ -187,9 +187,10 @@ def test_append_attributes_letter_proofing_data(self): "$unset": {"nins": None}, } - assert ( - normalised_data(fetched3) == normalised_data(expected) - ), f"Fetched (3d time) letter proofing data with appended attributes has unexpected data: {DeepDiff(fetched, expected)}" + assert normalised_data(fetched3) == normalised_data(expected), ( + "Fetched (3d time) letter proofing data with appended attributes has unexpected data: " + f"{DeepDiff(fetched, expected)}" + ) class AttributeFetcherEmailProofingTests(ProofingTestCase): diff --git a/src/eduid/workers/job_runner/helpers.py b/src/eduid/workers/job_runner/helpers.py index 81168c52a..cc072d16e 100644 --- a/src/eduid/workers/job_runner/helpers.py +++ b/src/eduid/workers/job_runner/helpers.py @@ -14,7 +14,8 @@ def save_and_sync_user(context: Context, user: User) -> bool: private_user = CleanerUser.from_user(user, context.private_db) context.private_db.save(private_user) context.logger.debug( - f"Saving user {private_user} to private userdb {context.private_db} (is_in_database: {user.meta.is_in_database})" + f"Saving user {private_user} to private userdb {context.private_db} " + f"(is_in_database: {user.meta.is_in_database})" ) # Sync to central userdb From d0e89a04bee1dd096fd4d2c4acae7039fbaec0cb Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Thu, 19 Sep 2024 14:21:58 +0000 Subject: [PATCH 7/8] remove unnecessary implicit string concatenations --- src/eduid/graphdb/tests/test_db.py | 4 ++-- src/eduid/userdb/tests/test_db.py | 2 +- src/eduid/vccs/server/db.py | 2 +- src/eduid/vccs/server/run.py | 2 +- src/eduid/webapp/authn/tests/test_authn.py | 2 +- src/eduid/webapp/common/api/views/status.py | 2 +- src/eduid/webapp/email/verifications.py | 2 +- src/eduid/webapp/email/views.py | 8 ++++---- src/eduid/webapp/idp/sso_session.py | 4 +--- src/eduid/webapp/oidc_proofing/helpers.py | 4 +--- src/eduid/workers/amapi/routers/utils/status.py | 2 +- 11 files changed, 15 insertions(+), 19 deletions(-) diff --git a/src/eduid/graphdb/tests/test_db.py b/src/eduid/graphdb/tests/test_db.py index 2d7f665ad..11f4669b0 100644 --- a/src/eduid/graphdb/tests/test_db.py +++ b/src/eduid/graphdb/tests/test_db.py @@ -11,7 +11,7 @@ def test_create_db(self): with self.neo4jdb.driver.session() as session: session.run("CREATE (n:Test $props)", props={"name": "test node", "testing": True}) with self.neo4jdb.driver.session() as session: - result = session.run("MATCH (n {name: $name})" "RETURN n.testing", name="test node") + result = session.run("MATCH (n {name: $name})RETURN n.testing", name="test node") self.assertTrue(result.single().value()) @@ -33,5 +33,5 @@ def test_base_db(self): with test_db._db.driver.session() as session: session.run("CREATE (n:Test $props)", props={"name": "test node", "testing": True}) with test_db._db.driver.session() as session: - result = session.run("MATCH (n {name: $name})" "RETURN n.testing", name="test node") + result = session.run("MATCH (n {name: $name})RETURN n.testing", name="test node") self.assertTrue(result.single().value()) diff --git a/src/eduid/userdb/tests/test_db.py b/src/eduid/userdb/tests/test_db.py index afe976c6a..fef175352 100644 --- a/src/eduid/userdb/tests/test_db.py +++ b/src/eduid/userdb/tests/test_db.py @@ -51,7 +51,7 @@ def test_uri_with_replicaset(self): self.assertEqual(mdb.sanitized_uri, "mongodb://john:secret@db.example.com/testdb?replicaset=rs9") self.assertEqual( mdb._db_uri, - "mongodb://john:s3cr3t@db.example.com,db2.example.com,db3.example.com:1234" "/testdb?replicaset=rs9", + "mongodb://john:s3cr3t@db.example.com,db2.example.com,db3.example.com:1234/testdb?replicaset=rs9", ) def test_uri_with_options(self): diff --git a/src/eduid/vccs/server/db.py b/src/eduid/vccs/server/db.py index 1e9a80185..4c3c1ef23 100644 --- a/src/eduid/vccs/server/db.py +++ b/src/eduid/vccs/server/db.py @@ -212,7 +212,7 @@ def save(self, credential: Credential) -> bool: logger.debug(f"Updated credential {credential} in the db (to revision {credential.revision}): {result}") return True logger.warning( - f"Could not update credential {credential} (to revision {credential.revision}): " f"{result.raw_result}" + f"Could not update credential {credential} (to revision {credential.revision}): {result.raw_result}" ) credential.revision -= 1 return False diff --git a/src/eduid/vccs/server/run.py b/src/eduid/vccs/server/run.py index e56683c0a..64c3bb935 100644 --- a/src/eduid/vccs/server/run.py +++ b/src/eduid/vccs/server/run.py @@ -70,7 +70,7 @@ async def startup_event(): if _name == "uvicorn.access": _logger.propagate = False app.logger.info( - f"Updated logger {_name} handlers {_old_handlers} -> {_logger.handlers} " f"(prop: {_logger.propagate})" + f"Updated logger {_name} handlers {_old_handlers} -> {_logger.handlers} (prop: {_logger.propagate})" ) diff --git a/src/eduid/webapp/authn/tests/test_authn.py b/src/eduid/webapp/authn/tests/test_authn.py index 1c2666cdc..4aa4bcec6 100644 --- a/src/eduid/webapp/authn/tests/test_authn.py +++ b/src/eduid/webapp/authn/tests/test_authn.py @@ -859,7 +859,7 @@ def test_no_cookie(self): self.assertTrue(resp.location.startswith(self.app.conf.authn_service_url)) def test_cookie(self): - sessid = "fb1f42420b0109020203325d750185673df252de388932a3957f522a6c43a" "a47" + sessid = "fb1f42420b0109020203325d750185673df252de388932a3957f522a6c43aa47" self.redis_instance.conn.set(sessid, json.dumps({"v1": {"id": "0"}})) with self.session_cookie(self.browser, self.test_user.eppn) as c: diff --git a/src/eduid/webapp/common/api/views/status.py b/src/eduid/webapp/common/api/views/status.py index 78cecaa08..83ed2e924 100644 --- a/src/eduid/webapp/common/api/views/status.py +++ b/src/eduid/webapp/common/api/views/status.py @@ -47,7 +47,7 @@ def cached_json_response(key: str, data: dict[str, Any] | None = None) -> Respon if SIMPLE_CACHE.get(key) is not None: if now < SIMPLE_CACHE[key].expire_time: if get_from_current_app("debug", bool): - logger.debug(f"Returned cached response for {key}" f" {now} < {SIMPLE_CACHE[key].expire_time}") + logger.debug(f"Returned cached response for {key} {now} < {SIMPLE_CACHE[key].expire_time}") response = jsonify(SIMPLE_CACHE[key].data) response.headers.add("Expires", SIMPLE_CACHE[key].expire_time.strftime("%a, %d %b %Y %H:%M:%S UTC")) response.headers.add("Cache-Control", f"public,max-age={cache_for_seconds}") diff --git a/src/eduid/webapp/email/verifications.py b/src/eduid/webapp/email/verifications.py index e3ed736ce..08d6ff95d 100644 --- a/src/eduid/webapp/email/verifications.py +++ b/src/eduid/webapp/email/verifications.py @@ -59,7 +59,7 @@ def send_verification_code(email: str, user: User) -> bool: # Debug-log the code and message in development environment current_app.logger.debug(f"code: {state.verification.verification_code}") current_app.logger.debug(f"Generating verification e-mail with context:\n{payload}") - current_app.logger.info(f"Sent email address verification mail to user {user}" f" about address {email!s}.") + current_app.logger.info(f"Sent email address verification mail to user {user} about address {email!s}.") return True diff --git a/src/eduid/webapp/email/views.py b/src/eduid/webapp/email/views.py index 92152cd58..acb77fa43 100644 --- a/src/eduid/webapp/email/views.py +++ b/src/eduid/webapp/email/views.py @@ -150,7 +150,7 @@ def verify(user: User, code: str, email: str) -> FluxData: @require_user def post_remove(user, email): proofing_user = ProofingUser.from_user(user, current_app.private_userdb) - current_app.logger.debug(f"Trying to remove email address {email!r} " f"from user {proofing_user}") + current_app.logger.debug(f"Trying to remove email address {email!r} from user {proofing_user}") # Do not let the user remove all mail addresses if proofing_user.mail_addresses.count == 1: @@ -184,17 +184,17 @@ def post_remove(user, email): @MarshalWith(EmailResponseSchema) @require_user def resend_code(user: User, email: str) -> FluxData: - current_app.logger.debug("Trying to send new verification code for email " f"address {email} for user {user}") + current_app.logger.debug(f"Trying to send new verification code for email address {email} for user {user}") if not user.mail_addresses.find(email): - current_app.logger.debug(f"Unknown email {email!r} in resend_code_action," f" user {user}") + current_app.logger.debug(f"Unknown email {email!r} in resend_code_action, user {user}") return error_response(message=CommonMsg.out_of_sync) sent = send_verification_code(email, user) if not sent: return error_response(message=EmailMsg.still_valid_code) - current_app.logger.debug("New verification code sent to " f"address {email} for user {user}") + current_app.logger.debug(f"New verification code sent to address {email} for user {user}") current_app.stats.count(name="email_resend_code", value=1) emails = {"emails": user.mail_addresses.to_list_of_dicts()} diff --git a/src/eduid/webapp/idp/sso_session.py b/src/eduid/webapp/idp/sso_session.py index 2c1dee673..0bfbcf8c5 100644 --- a/src/eduid/webapp/idp/sso_session.py +++ b/src/eduid/webapp/idp/sso_session.py @@ -189,9 +189,7 @@ def _lookup_sso_session(sso_sessions: SSOSessionCache) -> SSOSession | None: # Debug issues with browsers not returning updated SSO cookie values. # Only log partial cookie value since it allows impersonation if leaked. _other_session_id = SSOSessionId(session.idp.sso_cookie_val) - logger.debug( - "Found potential sso_cookie_val in the eduID session: " f"({session.idp.sso_cookie_val[:8]}...)" - ) + logger.debug(f"Found potential sso_cookie_val in the eduID session: ({session.idp.sso_cookie_val[:8]}...)") _other_sso = sso_sessions.get_session(_other_session_id) if _other_sso is not None: logger.info(f"Found no SSO session, but found one from session.idp.sso_cookie_val: {_other_sso}") diff --git a/src/eduid/webapp/oidc_proofing/helpers.py b/src/eduid/webapp/oidc_proofing/helpers.py index b35e227f0..9d4542ad3 100644 --- a/src/eduid/webapp/oidc_proofing/helpers.py +++ b/src/eduid/webapp/oidc_proofing/helpers.py @@ -203,9 +203,7 @@ def handle_freja_eid_userinfo(user: User, proofing_state: OidcProofingState, use opaque = userinfo["results"]["freja_eid"]["opaque"] transaction_id = userinfo["results"]["freja_eid"]["ref"] if not number_match_proofing(user, proofing_state, number): - current_app.logger.warning( - "Proofing state number did not match number in userinfo." "Using number from userinfo." - ) + current_app.logger.warning("Proofing state number did not match number in userinfo.Using number from userinfo.") proofing_state.nin.number = number current_app.logger.info(f"Getting address for user {user}") diff --git a/src/eduid/workers/amapi/routers/utils/status.py b/src/eduid/workers/amapi/routers/utils/status.py index e0033dd82..fa4a933b5 100644 --- a/src/eduid/workers/amapi/routers/utils/status.py +++ b/src/eduid/workers/amapi/routers/utils/status.py @@ -76,7 +76,7 @@ def get_cached_response(ctx: ContextRequest, resp: Response, key: str) -> Mappin if now < SIMPLE_CACHE[key].expire_time: if ctx.app.context.config.debug: ctx.app.context.logger.debug( - f"Returned cached response for {key}" f" {now} < {SIMPLE_CACHE[key].expire_time}" + f"Returned cached response for {key} {now} < {SIMPLE_CACHE[key].expire_time}" ) resp.headers["Expires"] = SIMPLE_CACHE[key].expire_time.strftime("%a, %d %b %Y %H:%M:%S UTC") return SIMPLE_CACHE[key].data From 9c3047e1848522ed4908bb25e69a0411205acb70 Mon Sep 17 00:00:00 2001 From: Lasse Yledahl Date: Fri, 20 Sep 2024 11:30:26 +0000 Subject: [PATCH 8/8] move extended rules to post-format check --- Makefile | 2 ++ ruff-extended.toml | 6 ++++++ ruff.toml | 2 +- 3 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 ruff-extended.toml diff --git a/Makefile b/Makefile index fa3ae0783..32cb35be1 100644 --- a/Makefile +++ b/Makefile @@ -17,6 +17,8 @@ reformat: ruff check --select F401,I --fix # reformat ruff format + # make an extended check with rules that might be triggered by reformat + ruff check --config ruff-extended.toml lint: ruff check diff --git a/ruff-extended.toml b/ruff-extended.toml new file mode 100644 index 000000000..6cee5972f --- /dev/null +++ b/ruff-extended.toml @@ -0,0 +1,6 @@ +extend = "./ruff.toml" + +[lint] +# Some rules are marked as incompatible with the formatter so use them in an extended check instead. +# See: https://docs.astral.sh/ruff/formatter/#conflicting-lint-rules +extend-select = ["E501", "ISC"] diff --git a/ruff.toml b/ruff.toml index b25602e4d..62e6457b0 100644 --- a/ruff.toml +++ b/ruff.toml @@ -5,4 +5,4 @@ target-version = "py310" [lint] select = ["E", "F", "W", "I", "ASYNC", "UP", "FLY", "PERF", "FURB"] -ignore = [] +ignore = ["E501"]