diff --git a/e2e/test_flows_enroll.py b/e2e/test_flows_enroll.py index 110635861..2bb947f28 100644 --- a/e2e/test_flows_enroll.py +++ b/e2e/test_flows_enroll.py @@ -104,7 +104,8 @@ class TestFlowsEnroll(SeleniumTestCase): self.wait_for_url(self.url("passbook_core:user-settings")) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, "foo", + self.driver.find_element(By.ID, "user-settings").text, + "foo", ) self.assertEqual( self.driver.find_element(By.ID, "id_username").get_attribute("value"), "foo" @@ -208,7 +209,8 @@ class TestFlowsEnroll(SeleniumTestCase): self.driver.find_element(By.ID, "user-settings").click() self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, "foo", + self.driver.find_element(By.ID, "user-settings").text, + "foo", ) self.assertEqual( self.driver.find_element(By.ID, "id_username").get_attribute("value"), "foo" diff --git a/e2e/test_flows_login.py b/e2e/test_flows_login.py index 188bc1a02..7d549123b 100644 --- a/e2e/test_flows_login.py +++ b/e2e/test_flows_login.py @@ -21,5 +21,6 @@ class TestFlowsLogin(SeleniumTestCase): self.driver.find_element(By.ID, "id_password").send_keys(USER().username) self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, USER().username, + self.driver.find_element(By.ID, "user-settings").text, + USER().username, ) diff --git a/e2e/test_flows_otp.py b/e2e/test_flows_otp.py index 75a4146c1..556aaa17f 100644 --- a/e2e/test_flows_otp.py +++ b/e2e/test_flows_otp.py @@ -48,7 +48,8 @@ class TestFlowsOTP(SeleniumTestCase): self.driver.find_element(By.ID, "id_code").send_keys(Keys.ENTER) self.wait_for_url(self.url("passbook_core:overview")) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, USER().username, + self.driver.find_element(By.ID, "user-settings").text, + USER().username, ) def test_otp_totp_setup(self): @@ -62,7 +63,8 @@ class TestFlowsOTP(SeleniumTestCase): self.driver.find_element(By.ID, "id_password").send_keys(USER().username) self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, USER().username, + self.driver.find_element(By.ID, "user-settings").text, + USER().username, ) self.driver.find_element(By.CSS_SELECTOR, ".pf-c-page__header").click() @@ -107,7 +109,8 @@ class TestFlowsOTP(SeleniumTestCase): self.driver.find_element(By.ID, "id_password").send_keys(USER().username) self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, USER().username, + self.driver.find_element(By.ID, "user-settings").text, + USER().username, ) self.driver.find_element(By.CSS_SELECTOR, ".pf-c-page__header").click() diff --git a/e2e/test_provider_oauth2_github.py b/e2e/test_provider_oauth2_github.py index 8eff0d0c5..ce755bb5d 100644 --- a/e2e/test_provider_oauth2_github.py +++ b/e2e/test_provider_oauth2_github.py @@ -77,7 +77,9 @@ class TestProviderOAuth2Github(SeleniumTestCase): authorization_flow=authorization_flow, ) Application.objects.create( - name="Grafana", slug="grafana", provider=provider, + name="Grafana", + slug="grafana", + provider=provider, ) self.driver.get("http://localhost:3000") @@ -129,7 +131,9 @@ class TestProviderOAuth2Github(SeleniumTestCase): authorization_flow=authorization_flow, ) app = Application.objects.create( - name="Grafana", slug="grafana", provider=provider, + name="Grafana", + slug="grafana", + provider=provider, ) self.driver.get("http://localhost:3000") @@ -143,13 +147,17 @@ class TestProviderOAuth2Github(SeleniumTestCase): sleep(1) self.assertEqual( - app.name, self.driver.find_element(By.ID, "application-name").text, + app.name, + self.driver.find_element(By.ID, "application-name").text, ) self.assertEqual( "GitHub Compatibility: Access you Email addresses", self.driver.find_element(By.ID, "scope-user:email").text, ) - self.driver.find_element(By.CSS_SELECTOR, ("[type=submit]"),).click() + self.driver.find_element( + By.CSS_SELECTOR, + ("[type=submit]"), + ).click() self.wait_for_url("http://localhost:3000/?orgId=1") self.driver.get("http://localhost:3000/profile") @@ -192,7 +200,9 @@ class TestProviderOAuth2Github(SeleniumTestCase): authorization_flow=authorization_flow, ) app = Application.objects.create( - name="Grafana", slug="grafana", provider=provider, + name="Grafana", + slug="grafana", + provider=provider, ) negative_policy = ExpressionPolicy.objects.create( diff --git a/e2e/test_provider_oauth2_grafana.py b/e2e/test_provider_oauth2_grafana.py index ad0aaf41b..a201cf24c 100644 --- a/e2e/test_provider_oauth2_grafana.py +++ b/e2e/test_provider_oauth2_grafana.py @@ -104,7 +104,9 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): ) provider.save() Application.objects.create( - name="Grafana", slug=APPLICATION_SLUG, provider=provider, + name="Grafana", + slug=APPLICATION_SLUG, + provider=provider, ) self.driver.get("http://localhost:3000") @@ -144,7 +146,9 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): ) provider.save() Application.objects.create( - name="Grafana", slug=APPLICATION_SLUG, provider=provider, + name="Grafana", + slug=APPLICATION_SLUG, + provider=provider, ) self.driver.get("http://localhost:3000") @@ -203,7 +207,9 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): ) provider.save() Application.objects.create( - name="Grafana", slug=APPLICATION_SLUG, provider=provider, + name="Grafana", + slug=APPLICATION_SLUG, + provider=provider, ) self.driver.get("http://localhost:3000") @@ -270,7 +276,9 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): ) provider.save() app = Application.objects.create( - name="Grafana", slug=APPLICATION_SLUG, provider=provider, + name="Grafana", + slug=APPLICATION_SLUG, + provider=provider, ) self.driver.get("http://localhost:3000") @@ -282,7 +290,8 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER) self.assertEqual( - app.name, self.driver.find_element(By.ID, "application-name").text, + app.name, + self.driver.find_element(By.ID, "application-name").text, ) self.wait.until( ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]")) @@ -340,7 +349,9 @@ class TestProviderOAuth2OAuth(SeleniumTestCase): ) provider.save() app = Application.objects.create( - name="Grafana", slug=APPLICATION_SLUG, provider=provider, + name="Grafana", + slug=APPLICATION_SLUG, + provider=provider, ) negative_policy = ExpressionPolicy.objects.create( diff --git a/e2e/test_provider_oauth2_oidc.py b/e2e/test_provider_oauth2_oidc.py index 46a6090ba..42d74d1da 100644 --- a/e2e/test_provider_oauth2_oidc.py +++ b/e2e/test_provider_oauth2_oidc.py @@ -100,7 +100,9 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): ) provider.save() Application.objects.create( - name=self.application_slug, slug=self.application_slug, provider=provider, + name=self.application_slug, + slug=self.application_slug, + provider=provider, ) self.container = self.setup_client() @@ -141,7 +143,9 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): ) provider.save() Application.objects.create( - name=self.application_slug, slug=self.application_slug, provider=provider, + name=self.application_slug, + slug=self.application_slug, + provider=provider, ) self.container = self.setup_client() @@ -189,7 +193,9 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): ) provider.save() app = Application.objects.create( - name=self.application_slug, slug=self.application_slug, provider=provider, + name=self.application_slug, + slug=self.application_slug, + provider=provider, ) self.container = self.setup_client() @@ -202,7 +208,8 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER) self.assertEqual( - app.name, self.driver.find_element(By.ID, "application-name").text, + app.name, + self.driver.find_element(By.ID, "application-name").text, ) self.wait.until( ec.presence_of_element_located((By.CSS_SELECTOR, "[type=submit]")) @@ -246,7 +253,9 @@ class TestProviderOAuth2OIDC(SeleniumTestCase): ) provider.save() app = Application.objects.create( - name=self.application_slug, slug=self.application_slug, provider=provider, + name=self.application_slug, + slug=self.application_slug, + provider=provider, ) negative_policy = ExpressionPolicy.objects.create( diff --git a/e2e/test_provider_saml.py b/e2e/test_provider_saml.py index 4ea12c948..6645e66f4 100644 --- a/e2e/test_provider_saml.py +++ b/e2e/test_provider_saml.py @@ -84,7 +84,9 @@ class TestProviderSAML(SeleniumTestCase): provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.save() Application.objects.create( - name="SAML", slug="passbook-saml", provider=provider, + name="SAML", + slug="passbook-saml", + provider=provider, ) self.container = self.setup_client(provider) self.driver.get("http://localhost:9009") @@ -121,7 +123,9 @@ class TestProviderSAML(SeleniumTestCase): provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.save() app = Application.objects.create( - name="SAML", slug="passbook-saml", provider=provider, + name="SAML", + slug="passbook-saml", + provider=provider, ) self.container = self.setup_client(provider) self.driver.get("http://localhost:9009") @@ -131,7 +135,8 @@ class TestProviderSAML(SeleniumTestCase): self.driver.find_element(By.ID, "id_password").send_keys(USER().username) self.driver.find_element(By.ID, "id_password").send_keys(Keys.ENTER) self.assertEqual( - app.name, self.driver.find_element(By.ID, "application-name").text, + app.name, + self.driver.find_element(By.ID, "application-name").text, ) sleep(1) self.driver.find_element(By.CSS_SELECTOR, "[type=submit]").click() @@ -163,7 +168,9 @@ class TestProviderSAML(SeleniumTestCase): provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.save() Application.objects.create( - name="SAML", slug="passbook-saml", provider=provider, + name="SAML", + slug="passbook-saml", + provider=provider, ) self.container = self.setup_client(provider) self.driver.get( @@ -209,7 +216,9 @@ class TestProviderSAML(SeleniumTestCase): provider.property_mappings.set(SAMLPropertyMapping.objects.all()) provider.save() app = Application.objects.create( - name="SAML", slug="passbook-saml", provider=provider, + name="SAML", + slug="passbook-saml", + provider=provider, ) PolicyBinding.objects.create(target=app, policy=negative_policy, order=0) self.container = self.setup_client(provider) diff --git a/e2e/test_source_oauth.py b/e2e/test_source_oauth.py index 0b278e954..abececf88 100644 --- a/e2e/test_source_oauth.py +++ b/e2e/test_source_oauth.py @@ -144,13 +144,15 @@ class TestSourceOAuth2(SeleniumTestCase): self.driver.get(self.url("passbook_core:user-settings")) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, "foo", + self.driver.find_element(By.ID, "user-settings").text, + "foo", ) self.assertEqual( self.driver.find_element(By.ID, "id_username").get_attribute("value"), "foo" ) self.assertEqual( - self.driver.find_element(By.ID, "id_name").get_attribute("value"), "admin", + self.driver.find_element(By.ID, "id_name").get_attribute("value"), + "admin", ) self.assertEqual( self.driver.find_element(By.ID, "id_email").get_attribute("value"), @@ -225,13 +227,15 @@ class TestSourceOAuth2(SeleniumTestCase): self.driver.get(self.url("passbook_core:user-settings")) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, "foo", + self.driver.find_element(By.ID, "user-settings").text, + "foo", ) self.assertEqual( self.driver.find_element(By.ID, "id_username").get_attribute("value"), "foo" ) self.assertEqual( - self.driver.find_element(By.ID, "id_name").get_attribute("value"), "admin", + self.driver.find_element(By.ID, "id_name").get_attribute("value"), + "admin", ) self.assertEqual( self.driver.find_element(By.ID, "id_email").get_attribute("value"), @@ -317,7 +321,8 @@ class TestSourceOAuth1(SeleniumTestCase): self.driver.get(self.url("passbook_core:user-settings")) self.assertEqual( - self.driver.find_element(By.ID, "user-settings").text, "example-user", + self.driver.find_element(By.ID, "user-settings").text, + "example-user", ) self.assertEqual( self.driver.find_element(By.ID, "id_username").get_attribute("value"), diff --git a/e2e/test_source_saml.py b/e2e/test_source_saml.py index e5c0e96bc..03425f9d0 100644 --- a/e2e/test_source_saml.py +++ b/e2e/test_source_saml.py @@ -98,7 +98,9 @@ class TestSourceSAML(SeleniumTestCase): authentication_flow = Flow.objects.get(slug="default-source-authentication") enrollment_flow = Flow.objects.get(slug="default-source-enrollment") keypair = CertificateKeyPair.objects.create( - name="test-idp-cert", certificate_data=IDP_CERT, key_data=IDP_KEY, + name="test-idp-cert", + certificate_data=IDP_CERT, + key_data=IDP_KEY, ) SAMLSource.objects.create( @@ -145,7 +147,9 @@ class TestSourceSAML(SeleniumTestCase): authentication_flow = Flow.objects.get(slug="default-source-authentication") enrollment_flow = Flow.objects.get(slug="default-source-enrollment") keypair = CertificateKeyPair.objects.create( - name="test-idp-cert", certificate_data=IDP_CERT, key_data=IDP_KEY, + name="test-idp-cert", + certificate_data=IDP_CERT, + key_data=IDP_KEY, ) SAMLSource.objects.create( @@ -194,7 +198,9 @@ class TestSourceSAML(SeleniumTestCase): authentication_flow = Flow.objects.get(slug="default-source-authentication") enrollment_flow = Flow.objects.get(slug="default-source-enrollment") keypair = CertificateKeyPair.objects.create( - name="test-idp-cert", certificate_data=IDP_CERT, key_data=IDP_KEY, + name="test-idp-cert", + certificate_data=IDP_CERT, + key_data=IDP_KEY, ) SAMLSource.objects.create( diff --git a/passbook/admin/fields.py b/passbook/admin/fields.py index e25cdd0cf..b7c952f7c 100644 --- a/passbook/admin/fields.py +++ b/passbook/admin/fields.py @@ -49,7 +49,9 @@ class YAMLField(forms.JSONField): converted = yaml.safe_load(value) except yaml.YAMLError: raise forms.ValidationError( - self.error_messages["invalid"], code="invalid", params={"value": value}, + self.error_messages["invalid"], + code="invalid", + params={"value": value}, ) if isinstance(converted, str): return YAMLString(converted) diff --git a/passbook/admin/urls.py b/passbook/admin/urls.py index 09d90d062..b4221586e 100644 --- a/passbook/admin/urls.py +++ b/passbook/admin/urls.py @@ -191,10 +191,20 @@ urlpatterns = [ ), # Flows path("flows/", flows.FlowListView.as_view(), name="flows"), - path("flows/create/", flows.FlowCreateView.as_view(), name="flow-create",), - path("flows/import/", flows.FlowImportView.as_view(), name="flow-import",), path( - "flows//update/", flows.FlowUpdateView.as_view(), name="flow-update", + "flows/create/", + flows.FlowCreateView.as_view(), + name="flow-create", + ), + path( + "flows/import/", + flows.FlowImportView.as_view(), + name="flow-import", + ), + path( + "flows//update/", + flows.FlowUpdateView.as_view(), + name="flow-update", ), path( "flows//execute/", @@ -202,10 +212,14 @@ urlpatterns = [ name="flow-execute", ), path( - "flows//export/", flows.FlowExportView.as_view(), name="flow-export", + "flows//export/", + flows.FlowExportView.as_view(), + name="flow-export", ), path( - "flows//delete/", flows.FlowDeleteView.as_view(), name="flow-delete", + "flows//delete/", + flows.FlowDeleteView.as_view(), + name="flow-delete", ), # Property Mappings path( @@ -273,9 +287,15 @@ urlpatterns = [ name="certificatekeypair-delete", ), # Outposts - path("outposts/", outposts.OutpostListView.as_view(), name="outposts",), path( - "outposts/create/", outposts.OutpostCreateView.as_view(), name="outpost-create", + "outposts/", + outposts.OutpostListView.as_view(), + name="outposts", + ), + path( + "outposts/create/", + outposts.OutpostCreateView.as_view(), + name="outpost-create", ), path( "outposts//update/", diff --git a/passbook/admin/views/flows.py b/passbook/admin/views/flows.py index 99ca054f1..48cd779ea 100644 --- a/passbook/admin/views/flows.py +++ b/passbook/admin/views/flows.py @@ -100,7 +100,9 @@ class FlowDebugExecuteView(LoginRequiredMixin, PermissionRequiredMixin, DetailVi plan = planner.plan(self.request, {PLAN_CONTEXT_PENDING_USER: request.user}) self.request.session[SESSION_KEY_PLAN] = plan return redirect_with_qs( - "passbook_flows:flow-executor-shell", self.request.GET, flow_slug=flow.slug, + "passbook_flows:flow-executor-shell", + self.request.GET, + flow_slug=flow.slug, ) diff --git a/passbook/api/v2/urls.py b/passbook/api/v2/urls.py index a6afa49ae..bc23fff29 100644 --- a/passbook/api/v2/urls.py +++ b/passbook/api/v2/urls.py @@ -114,7 +114,9 @@ info = openapi.Info( license=openapi.License(name="MIT License"), ) SchemaView = get_schema_view( - info, public=True, permission_classes=(CustomObjectPermissions,), + info, + public=True, + permission_classes=(CustomObjectPermissions,), ) urlpatterns = [ diff --git a/passbook/audit/migrations/0001_initial.py b/passbook/audit/migrations/0001_initial.py index 79987c37b..8d09ae314 100644 --- a/passbook/audit/migrations/0001_initial.py +++ b/passbook/audit/migrations/0001_initial.py @@ -47,7 +47,10 @@ class Migration(migrations.Migration): ), ("date", models.DateTimeField(auto_now_add=True)), ("app", models.TextField()), - ("context", models.JSONField(blank=True, default=dict),), + ( + "context", + models.JSONField(blank=True, default=dict), + ), ("client_ip", models.GenericIPAddressField(null=True)), ("created", models.DateTimeField(auto_now_add=True)), ( diff --git a/passbook/audit/migrations/0003_auto_20200917_1155.py b/passbook/audit/migrations/0003_auto_20200917_1155.py index 6fa60f1da..d36cee597 100644 --- a/passbook/audit/migrations/0003_auto_20200917_1155.py +++ b/passbook/audit/migrations/0003_auto_20200917_1155.py @@ -49,10 +49,15 @@ class Migration(migrations.Migration): ), ), migrations.AddField( - model_name="event", name="user_json", field=models.JSONField(default=dict), + model_name="event", + name="user_json", + field=models.JSONField(default=dict), ), migrations.RunPython(convert_user_to_json), - migrations.RemoveField(model_name="event", name="user",), + migrations.RemoveField( + model_name="event", + name="user", + ), migrations.RenameField( model_name="event", old_name="user_json", new_name="user" ), diff --git a/passbook/core/migrations/0001_initial.py b/passbook/core/migrations/0001_initial.py index ed3b31165..f46601d14 100644 --- a/passbook/core/migrations/0001_initial.py +++ b/passbook/core/migrations/0001_initial.py @@ -108,11 +108,18 @@ class Migration(migrations.Migration): ("uuid", models.UUIDField(default=uuid.uuid4, editable=False)), ("name", models.TextField(help_text="User's display name.")), ("password_change_date", models.DateTimeField(auto_now_add=True)), - ("attributes", models.JSONField(blank=True, default=dict),), + ( + "attributes", + models.JSONField(blank=True, default=dict), + ), ], - options={"permissions": (("reset_user_password", "Reset Password"),),}, + options={ + "permissions": (("reset_user_password", "Reset Password"),), + }, bases=(guardian.mixins.GuardianUserMixin, models.Model), - managers=[("objects", django.contrib.auth.models.UserManager()),], + managers=[ + ("objects", django.contrib.auth.models.UserManager()), + ], ), migrations.CreateModel( name="PropertyMapping", @@ -192,7 +199,9 @@ class Migration(migrations.Migration): ), ), ], - options={"unique_together": {("user", "source")},}, + options={ + "unique_together": {("user", "source")}, + }, ), migrations.CreateModel( name="Token", @@ -223,7 +232,10 @@ class Migration(migrations.Migration): ), ), ], - options={"verbose_name": "Token", "verbose_name_plural": "Tokens",}, + options={ + "verbose_name": "Token", + "verbose_name_plural": "Tokens", + }, ), migrations.CreateModel( name="Provider", @@ -258,7 +270,10 @@ class Migration(migrations.Migration): ), ), ("name", models.CharField(max_length=80, verbose_name="name")), - ("attributes", models.JSONField(blank=True, default=dict),), + ( + "attributes", + models.JSONField(blank=True, default=dict), + ), ( "parent", models.ForeignKey( @@ -270,7 +285,9 @@ class Migration(migrations.Migration): ), ), ], - options={"unique_together": {("name", "parent")},}, + options={ + "unique_together": {("name", "parent")}, + }, ), migrations.CreateModel( name="Application", diff --git a/passbook/core/migrations/0002_auto_20200523_1133.py b/passbook/core/migrations/0002_auto_20200523_1133.py index 393a9be75..79855d62f 100644 --- a/passbook/core/migrations/0002_auto_20200523_1133.py +++ b/passbook/core/migrations/0002_auto_20200523_1133.py @@ -12,7 +12,10 @@ class Migration(migrations.Migration): ] operations = [ - migrations.RemoveField(model_name="application", name="skip_authorization",), + migrations.RemoveField( + model_name="application", + name="skip_authorization", + ), migrations.AddField( model_name="source", name="authentication_flow", diff --git a/passbook/core/migrations/0003_default_user.py b/passbook/core/migrations/0003_default_user.py index 7265ce87d..c043038e3 100644 --- a/passbook/core/migrations/0003_default_user.py +++ b/passbook/core/migrations/0003_default_user.py @@ -25,8 +25,14 @@ class Migration(migrations.Migration): ] operations = [ - migrations.RemoveField(model_name="user", name="is_superuser",), - migrations.RemoveField(model_name="user", name="is_staff",), + migrations.RemoveField( + model_name="user", + name="is_superuser", + ), + migrations.RemoveField( + model_name="user", + name="is_staff", + ), migrations.RunPython(create_default_user), migrations.AddField( model_name="user", diff --git a/passbook/core/migrations/0009_group_is_superuser.py b/passbook/core/migrations/0009_group_is_superuser.py index cc7fcc497..3efe597a4 100644 --- a/passbook/core/migrations/0009_group_is_superuser.py +++ b/passbook/core/migrations/0009_group_is_superuser.py @@ -13,7 +13,10 @@ def create_default_admin_group(apps: Apps, schema_editor: BaseDatabaseSchemaEdit # Creates a default admin group group, _ = Group.objects.using(db_alias).get_or_create( - is_superuser=True, defaults={"name": "passbook Admins",} + is_superuser=True, + defaults={ + "name": "passbook Admins", + }, ) group.users.set(User.objects.filter(username="pbadmin")) group.save() @@ -26,8 +29,14 @@ class Migration(migrations.Migration): ] operations = [ - migrations.RemoveField(model_name="user", name="is_superuser",), - migrations.RemoveField(model_name="user", name="is_staff",), + migrations.RemoveField( + model_name="user", + name="is_superuser", + ), + migrations.RemoveField( + model_name="user", + name="is_staff", + ), migrations.AlterField( model_name="user", name="pb_groups", @@ -44,6 +53,9 @@ class Migration(migrations.Migration): ), migrations.RunPython(create_default_admin_group), migrations.AlterModelManagers( - name="user", managers=[("objects", passbook.core.models.UserManager()),], + name="user", + managers=[ + ("objects", passbook.core.models.UserManager()), + ], ), ] diff --git a/passbook/core/models.py b/passbook/core/models.py index e910ef43d..866c80539 100644 --- a/passbook/core/models.py +++ b/passbook/core/models.py @@ -56,7 +56,12 @@ class Group(models.Model): class Meta: - unique_together = (("name", "parent",),) + unique_together = ( + ( + "name", + "parent", + ), + ) class UserManager(DjangoUserManager): diff --git a/passbook/core/templatetags/passbook_user_settings.py b/passbook/core/templatetags/passbook_user_settings.py index c04860627..09f4d5323 100644 --- a/passbook/core/templatetags/passbook_user_settings.py +++ b/passbook/core/templatetags/passbook_user_settings.py @@ -30,9 +30,9 @@ def user_stages(context: RequestContext) -> List[UIUserSettings]: def user_sources(context: RequestContext) -> List[UIUserSettings]: """Return a list of all sources which are enabled for the user""" user = context.get("request").user - _all_sources: Iterable[Source] = ( - Source.objects.filter(enabled=True).select_subclasses() - ) + _all_sources: Iterable[Source] = Source.objects.filter( + enabled=True + ).select_subclasses() matching_sources: List[UIUserSettings] = [] for source in _all_sources: user_settings = source.ui_user_settings diff --git a/passbook/crypto/builder.py b/passbook/crypto/builder.py index 47722a463..3fcc5a2ca 100644 --- a/passbook/crypto/builder.py +++ b/passbook/crypto/builder.py @@ -36,7 +36,8 @@ class CertificateBuilder: x509.Name( [ x509.NameAttribute( - NameOID.COMMON_NAME, "passbook Self-signed Certificate", + NameOID.COMMON_NAME, + "passbook Self-signed Certificate", ), x509.NameAttribute(NameOID.ORGANIZATION_NAME, "passbook"), x509.NameAttribute( @@ -49,7 +50,8 @@ class CertificateBuilder: x509.Name( [ x509.NameAttribute( - NameOID.COMMON_NAME, "passbook Self-signed Certificate", + NameOID.COMMON_NAME, + "passbook Self-signed Certificate", ), ] ) diff --git a/passbook/flows/management/commands/benchmark.py b/passbook/flows/management/commands/benchmark.py index 3d41e75af..4fce763f9 100644 --- a/passbook/flows/management/commands/benchmark.py +++ b/passbook/flows/management/commands/benchmark.py @@ -58,7 +58,9 @@ class Command(BaseCommand): # pragma: no cover help="How many processes should be started.", ) parser.add_argument( - "--csv", action="store_true", help="Output results as CSV", + "--csv", + action="store_true", + help="Output results as CSV", ) def benchmark_flows(self, proc_count) -> str: diff --git a/passbook/flows/migrations/0001_initial.py b/passbook/flows/migrations/0001_initial.py index 62f58cc84..13984d11a 100644 --- a/passbook/flows/migrations/0001_initial.py +++ b/passbook/flows/migrations/0001_initial.py @@ -53,7 +53,10 @@ class Migration(migrations.Migration): ), ), ], - options={"verbose_name": "Flow", "verbose_name_plural": "Flows",}, + options={ + "verbose_name": "Flow", + "verbose_name_plural": "Flows", + }, bases=("passbook_policies.policybindingmodel",), ), migrations.CreateModel( diff --git a/passbook/flows/migrations/0007_auto_20200703_2059.py b/passbook/flows/migrations/0007_auto_20200703_2059.py index de86d302d..64bcc0a6c 100644 --- a/passbook/flows/migrations/0007_auto_20200703_2059.py +++ b/passbook/flows/migrations/0007_auto_20200703_2059.py @@ -21,13 +21,18 @@ class Migration(migrations.Migration): }, ), migrations.RenameField( - model_name="flowstagebinding", old_name="flow", new_name="target", + model_name="flowstagebinding", + old_name="flow", + new_name="target", ), migrations.RenameField( - model_name="flow", old_name="pbm", new_name="policybindingmodel_ptr", + model_name="flow", + old_name="pbm", + new_name="policybindingmodel_ptr", ), migrations.AlterUniqueTogether( - name="flowstagebinding", unique_together={("target", "stage", "order")}, + name="flowstagebinding", + unique_together={("target", "stage", "order")}, ), migrations.AlterField( model_name="flow", diff --git a/passbook/flows/migrations/0008_default_flows.py b/passbook/flows/migrations/0008_default_flows.py index 6494d0cc8..c9cd4e841 100644 --- a/passbook/flows/migrations/0008_default_flows.py +++ b/passbook/flows/migrations/0008_default_flows.py @@ -42,16 +42,30 @@ def create_default_authentication_flow( flow, _ = Flow.objects.using(db_alias).update_or_create( slug="default-authentication-flow", designation=FlowDesignation.AUTHENTICATION, - defaults={"name": "Welcome to passbook!",}, + defaults={ + "name": "Welcome to passbook!", + }, ) FlowStageBinding.objects.using(db_alias).update_or_create( - target=flow, stage=identification_stage, defaults={"order": 0,}, + target=flow, + stage=identification_stage, + defaults={ + "order": 0, + }, ) FlowStageBinding.objects.using(db_alias).update_or_create( - target=flow, stage=password_stage, defaults={"order": 1,}, + target=flow, + stage=password_stage, + defaults={ + "order": 1, + }, ) FlowStageBinding.objects.using(db_alias).update_or_create( - target=flow, stage=login_stage, defaults={"order": 2,}, + target=flow, + stage=login_stage, + defaults={ + "order": 2, + }, ) @@ -70,12 +84,16 @@ def create_default_invalidation_flow( flow, _ = Flow.objects.using(db_alias).update_or_create( slug="default-invalidation-flow", designation=FlowDesignation.INVALIDATION, - defaults={"name": "Logout",}, + defaults={ + "name": "Logout", + }, ) FlowStageBinding.objects.using(db_alias).update_or_create( target=flow, stage=UserLogoutStage.objects.using(db_alias).first(), - defaults={"order": 0,}, + defaults={ + "order": 0, + }, ) diff --git a/passbook/flows/migrations/0009_source_flows.py b/passbook/flows/migrations/0009_source_flows.py index a4a60a5ed..778aab9b7 100644 --- a/passbook/flows/migrations/0009_source_flows.py +++ b/passbook/flows/migrations/0009_source_flows.py @@ -44,7 +44,9 @@ def create_default_source_enrollment_flow( flow, _ = Flow.objects.using(db_alias).update_or_create( slug="default-source-enrollment", designation=FlowDesignation.ENROLLMENT, - defaults={"name": "Welcome to passbook!",}, + defaults={ + "name": "Welcome to passbook!", + }, ) PolicyBinding.objects.using(db_alias).update_or_create( policy=flow_policy, target=flow, defaults={"order": 0} @@ -114,14 +116,18 @@ def create_default_source_authentication_flow( # Create a policy that only allows this flow when doing an SSO Request flow_policy, _ = ExpressionPolicy.objects.using(db_alias).update_or_create( name="default-source-authentication-if-sso", - defaults={"expression": FLOW_POLICY_EXPRESSION,}, + defaults={ + "expression": FLOW_POLICY_EXPRESSION, + }, ) # This creates a Flow used by sources to authenticate users flow, _ = Flow.objects.using(db_alias).update_or_create( slug="default-source-authentication", designation=FlowDesignation.AUTHENTICATION, - defaults={"name": "Welcome to passbook!",}, + defaults={ + "name": "Welcome to passbook!", + }, ) PolicyBinding.objects.using(db_alias).update_or_create( policy=flow_policy, target=flow, defaults={"order": 0} diff --git a/passbook/flows/migrations/0011_flow_title.py b/passbook/flows/migrations/0011_flow_title.py index 3cd88e465..7a0cd540c 100644 --- a/passbook/flows/migrations/0011_flow_title.py +++ b/passbook/flows/migrations/0011_flow_title.py @@ -47,6 +47,8 @@ class Migration(migrations.Migration): ), migrations.RunPython(add_title_for_defaults), migrations.AlterField( - model_name="flow", name="title", field=models.TextField(), + model_name="flow", + name="title", + field=models.TextField(), ), ] diff --git a/passbook/flows/migrations/0012_auto_20200908_1542.py b/passbook/flows/migrations/0012_auto_20200908_1542.py index 2bc7fb8fb..7fad02047 100644 --- a/passbook/flows/migrations/0012_auto_20200908_1542.py +++ b/passbook/flows/migrations/0012_auto_20200908_1542.py @@ -21,6 +21,8 @@ class Migration(migrations.Migration): ), ), migrations.AlterField( - model_name="stage", name="name", field=models.TextField(unique=True), + model_name="stage", + name="name", + field=models.TextField(unique=True), ), ] diff --git a/passbook/flows/planner.py b/passbook/flows/planner.py index a732cf9ad..20bb02e7d 100644 --- a/passbook/flows/planner.py +++ b/passbook/flows/planner.py @@ -177,6 +177,7 @@ class FlowPlanner: marker = ReevaluateMarker(binding=binding, user=user) plan.markers.append(marker) LOGGER.debug( - "f(plan): Finished building", flow=self.flow, + "f(plan): Finished building", + flow=self.flow, ) return plan diff --git a/passbook/flows/tests/test_planner.py b/passbook/flows/tests/test_planner.py index 4ad47ecf9..eaa5f3864 100644 --- a/passbook/flows/tests/test_planner.py +++ b/passbook/flows/tests/test_planner.py @@ -52,7 +52,8 @@ class TestFlowPlanner(TestCase): planner.plan(request) @patch( - "passbook.policies.engine.PolicyEngine.result", POLICY_RETURN_FALSE, + "passbook.policies.engine.PolicyEngine.result", + POLICY_RETURN_FALSE, ) def test_non_applicable_plan(self): """Test that empty plan raises exception""" diff --git a/passbook/flows/tests/test_transfer.py b/passbook/flows/tests/test_transfer.py index f0945e016..0808c96ed 100644 --- a/passbook/flows/tests/test_transfer.py +++ b/passbook/flows/tests/test_transfer.py @@ -39,7 +39,9 @@ class TestFlowTransfer(TransactionTestCase): title=generate_client_id(), ) FlowStageBinding.objects.update_or_create( - target=flow, stage=login_stage, order=0, + target=flow, + stage=login_stage, + order=0, ) exporter = FlowExporter(flow) @@ -59,7 +61,8 @@ class TestFlowTransfer(TransactionTestCase): stage_name = generate_client_id() with transaction_rollback(): flow_policy = ExpressionPolicy.objects.create( - name=generate_client_id(), expression="return True", + name=generate_client_id(), + expression="return True", ) flow = Flow.objects.create( slug=flow_slug, diff --git a/passbook/flows/tests/test_views.py b/passbook/flows/tests/test_views.py index 03cc36ed7..7471d17ca 100644 --- a/passbook/flows/tests/test_views.py +++ b/passbook/flows/tests/test_views.py @@ -63,10 +63,12 @@ class TestFlowExecutor(TestCase): self.assertEqual(cancel_mock.call_count, 2) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) @patch( - "passbook.policies.engine.PolicyEngine.result", POLICY_RETURN_FALSE, + "passbook.policies.engine.PolicyEngine.result", + POLICY_RETURN_FALSE, ) def test_invalid_non_applicable_flow(self): """Tests that a non-applicable flow returns the correct error message""" @@ -85,7 +87,8 @@ class TestFlowExecutor(TestCase): self.assertInHTML(FlowNonApplicableException.__doc__, response.rendered_content) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) def test_invalid_empty_flow(self): """Tests that an empty flow returns the correct error message""" @@ -117,7 +120,8 @@ class TestFlowExecutor(TestCase): response = self.client.get(url + f"?{NEXT_ARG_NAME}={dest}") self.assertEqual(response.status_code, 200) self.assertJSONEqual( - force_str(response.content), {"type": "redirect", "to": dest}, + force_str(response.content), + {"type": "redirect", "to": dest}, ) def test_multi_stage_flow(self): diff --git a/passbook/flows/tests/test_views_helper.py b/passbook/flows/tests/test_views_helper.py index 435146f5b..a9749d817 100644 --- a/passbook/flows/tests/test_views_helper.py +++ b/passbook/flows/tests/test_views_helper.py @@ -15,8 +15,12 @@ class TestHelperView(TestCase): def test_default_view(self): """Test that ToDefaultFlow returns the expected URL""" - flow = Flow.objects.filter(designation=FlowDesignation.INVALIDATION,).first() - response = self.client.get(reverse("passbook_flows:default-invalidation"),) + flow = Flow.objects.filter( + designation=FlowDesignation.INVALIDATION, + ).first() + response = self.client.get( + reverse("passbook_flows:default-invalidation"), + ) expected_url = reverse( "passbook_flows:flow-executor-shell", kwargs={"flow_slug": flow.slug} ) @@ -25,13 +29,17 @@ class TestHelperView(TestCase): def test_default_view_invalid_plan(self): """Test that ToDefaultFlow returns the expected URL (with an invalid plan)""" - flow = Flow.objects.filter(designation=FlowDesignation.INVALIDATION,).first() + flow = Flow.objects.filter( + designation=FlowDesignation.INVALIDATION, + ).first() plan = FlowPlan(flow_pk=flow.pk.hex + "aa") session = self.client.session session[SESSION_KEY_PLAN] = plan session.save() - response = self.client.get(reverse("passbook_flows:default-invalidation"),) + response = self.client.get( + reverse("passbook_flows:default-invalidation"), + ) expected_url = reverse( "passbook_flows:flow-executor-shell", kwargs={"flow_slug": flow.slug} ) diff --git a/passbook/lib/expression/evaluator.py b/passbook/lib/expression/evaluator.py index a106c22cd..03f847aa1 100644 --- a/passbook/lib/expression/evaluator.py +++ b/passbook/lib/expression/evaluator.py @@ -103,7 +103,9 @@ class BaseEvaluator: param_keys = self._context.keys() try: compile( - self.wrap_expression(expression, param_keys), self._filename, "exec", + self.wrap_expression(expression, param_keys), + self._filename, + "exec", ) return True except (ValueError, SyntaxError) as exc: diff --git a/passbook/lib/templatetags/passbook_utils.py b/passbook/lib/templatetags/passbook_utils.py index c4e90455d..7a59262cf 100644 --- a/passbook/lib/templatetags/passbook_utils.py +++ b/passbook/lib/templatetags/passbook_utils.py @@ -71,7 +71,14 @@ def gravatar(email, size=None, rating=None): md5(email.encode("utf-8")).hexdigest(), # nosec ) - parameters = [p for p in (("s", size or "158"), ("r", rating or "g"),) if p[1]] + parameters = [ + p + for p in ( + ("s", size or "158"), + ("r", rating or "g"), + ) + if p[1] + ] if parameters: gravatar_url += "?" + urlencode(parameters, doseq=True) diff --git a/passbook/lib/views.py b/passbook/lib/views.py index 2fe5281e2..69472b857 100644 --- a/passbook/lib/views.py +++ b/passbook/lib/views.py @@ -34,5 +34,8 @@ def bad_request_message( ) -> TemplateResponse: """Return generic error page with message, with status code set to 400""" return TemplateResponse( - request, template, {"message": message, "card_title": _(title)}, status=400, + request, + template, + {"message": message, "card_title": _(title)}, + status=400, ) diff --git a/passbook/outposts/views.py b/passbook/outposts/views.py index fd9d233bc..32e18a495 100644 --- a/passbook/outposts/views.py +++ b/passbook/outposts/views.py @@ -29,7 +29,9 @@ class DockerComposeView(LoginRequiredMixin, View): def get(self, request: HttpRequest, outpost_pk: str) -> HttpResponse: """Render docker-compose file""" outpost: Outpost = get_object_for_user_or_404( - request.user, "passbook_outposts.view_outpost", pk=outpost_pk, + request.user, + "passbook_outposts.view_outpost", + pk=outpost_pk, ) manifest = "" if outpost.type == OutpostType.PROXY: @@ -45,7 +47,9 @@ class KubernetesManifestView(LoginRequiredMixin, View): def get(self, request: HttpRequest, outpost_pk: str) -> HttpResponse: """Render deployment template""" outpost: Outpost = get_object_for_user_or_404( - request.user, "passbook_outposts.view_outpost", pk=outpost_pk, + request.user, + "passbook_outposts.view_outpost", + pk=outpost_pk, ) manifest = "" if outpost.type == OutpostType.PROXY: diff --git a/passbook/policies/api.py b/passbook/policies/api.py index d7c648283..6a47cd8de 100644 --- a/passbook/policies/api.py +++ b/passbook/policies/api.py @@ -47,7 +47,8 @@ class PolicyBindingSerializer(ModelSerializer): # Because we're not interested in the PolicyBindingModel's PK but rather the subclasses PK, # we have to manually declare this field target = PolicyBindingModelForeignKey( - queryset=PolicyBindingModel.objects.select_subclasses(), required=True, + queryset=PolicyBindingModel.objects.select_subclasses(), + required=True, ) class Meta: diff --git a/passbook/policies/forms.py b/passbook/policies/forms.py index 6a961ac86..e38955eaa 100644 --- a/passbook/policies/forms.py +++ b/passbook/policies/forms.py @@ -16,7 +16,9 @@ class PolicyBindingForm(forms.ModelForm): queryset=PolicyBindingModel.objects.all().select_subclasses(), to_field_name="pbm_uuid", ) - policy = GroupedModelChoiceField(queryset=Policy.objects.all().select_subclasses(),) + policy = GroupedModelChoiceField( + queryset=Policy.objects.all().select_subclasses(), + ) class Meta: diff --git a/passbook/policies/hibp/tests.py b/passbook/policies/hibp/tests.py index 0e79ac3fe..4254b7bb0 100644 --- a/passbook/policies/hibp/tests.py +++ b/passbook/policies/hibp/tests.py @@ -12,7 +12,9 @@ class TestHIBPPolicy(TestCase): def test_false(self): """Failing password case""" - policy = HaveIBeenPwendPolicy.objects.create(name="test_false",) + policy = HaveIBeenPwendPolicy.objects.create( + name="test_false", + ) request = PolicyRequest(get_anonymous_user()) request.context["password"] = "password" result: PolicyResult = policy.passes(request) @@ -21,7 +23,9 @@ class TestHIBPPolicy(TestCase): def test_true(self): """Positive password case""" - policy = HaveIBeenPwendPolicy.objects.create(name="test_true",) + policy = HaveIBeenPwendPolicy.objects.create( + name="test_true", + ) request = PolicyRequest(get_anonymous_user()) request.context["password"] = generate_client_secret() result: PolicyResult = policy.passes(request) diff --git a/passbook/policies/migrations/0001_initial.py b/passbook/policies/migrations/0001_initial.py index 809159aa7..050577051 100644 --- a/passbook/policies/migrations/0001_initial.py +++ b/passbook/policies/migrations/0001_initial.py @@ -32,7 +32,9 @@ class Migration(migrations.Migration): ("order", models.IntegerField(default=0)), ("timeout", models.IntegerField(default=30)), ], - options={"abstract": False,}, + options={ + "abstract": False, + }, ), migrations.CreateModel( name="PolicyBinding", diff --git a/passbook/policies/migrations/0002_auto_20200528_1647.py b/passbook/policies/migrations/0002_auto_20200528_1647.py index b43a2f732..2d0f5479b 100644 --- a/passbook/policies/migrations/0002_auto_20200528_1647.py +++ b/passbook/policies/migrations/0002_auto_20200528_1647.py @@ -21,9 +21,18 @@ class Migration(migrations.Migration): "verbose_name_plural": "Policies", }, ), - migrations.RemoveField(model_name="policy", name="negate",), - migrations.RemoveField(model_name="policy", name="order",), - migrations.RemoveField(model_name="policy", name="timeout",), + migrations.RemoveField( + model_name="policy", + name="negate", + ), + migrations.RemoveField( + model_name="policy", + name="order", + ), + migrations.RemoveField( + model_name="policy", + name="timeout", + ), migrations.AddField( model_name="policybinding", name="negate", @@ -41,7 +50,9 @@ class Migration(migrations.Migration): ), ), migrations.AlterField( - model_name="policybinding", name="order", field=models.IntegerField(), + model_name="policybinding", + name="order", + field=models.IntegerField(), ), migrations.AlterField( model_name="policybinding", @@ -53,6 +64,7 @@ class Migration(migrations.Migration): ), ), migrations.AlterUniqueTogether( - name="policybinding", unique_together={("policy", "target", "order")}, + name="policybinding", + unique_together={("policy", "target", "order")}, ), ] diff --git a/passbook/policies/mixins.py b/passbook/policies/mixins.py index 755e7fb87..8de3d1bba 100644 --- a/passbook/policies/mixins.py +++ b/passbook/policies/mixins.py @@ -73,7 +73,10 @@ class PolicyAccessMixin(BaseMixin, AccessMixin): policy_engine.build() result = policy_engine.result LOGGER.debug( - "AccessMixin user_has_access", user=user, app=application, result=result, + "AccessMixin user_has_access", + user=user, + app=application, + result=result, ) if not result.passing: for message in result.messages: diff --git a/passbook/policies/process.py b/passbook/policies/process.py index 54b6e16b2..f252f3f44 100644 --- a/passbook/policies/process.py +++ b/passbook/policies/process.py @@ -48,7 +48,9 @@ class PolicyProcess(Process): def execute(self) -> PolicyResult: """Run actual policy, returns result""" - with Hub.current.start_span(op="policy.process.execute",) as span: + with Hub.current.start_span( + op="policy.process.execute", + ) as span: span: Span span.set_data("policy", self.binding.policy) span.set_data("request", self.request) diff --git a/passbook/providers/oauth2/migrations/0001_initial.py b/passbook/providers/oauth2/migrations/0001_initial.py index 0fca333d9..3015aa46b 100644 --- a/passbook/providers/oauth2/migrations/0001_initial.py +++ b/passbook/providers/oauth2/migrations/0001_initial.py @@ -283,7 +283,10 @@ class Migration(migrations.Migration): ), ), ], - options={"verbose_name": "Token", "verbose_name_plural": "Tokens",}, + options={ + "verbose_name": "Token", + "verbose_name_plural": "Tokens", + }, ), migrations.CreateModel( name="AuthorizationCode", diff --git a/passbook/providers/oauth2/migrations/0004_remove_oauth2provider_post_logout_redirect_uris.py b/passbook/providers/oauth2/migrations/0004_remove_oauth2provider_post_logout_redirect_uris.py index 5f0a06ba7..5d99c61cd 100644 --- a/passbook/providers/oauth2/migrations/0004_remove_oauth2provider_post_logout_redirect_uris.py +++ b/passbook/providers/oauth2/migrations/0004_remove_oauth2provider_post_logout_redirect_uris.py @@ -11,6 +11,7 @@ class Migration(migrations.Migration): operations = [ migrations.RemoveField( - model_name="oauth2provider", name="post_logout_redirect_uris", + model_name="oauth2provider", + name="post_logout_redirect_uris", ), ] diff --git a/passbook/providers/oauth2/models.py b/passbook/providers/oauth2/models.py index 86d934e89..3078dcf0e 100644 --- a/passbook/providers/oauth2/models.py +++ b/passbook/providers/oauth2/models.py @@ -292,13 +292,19 @@ class OAuth2Provider(Provider): "provider": self, "issuer": self.get_issuer(request), "authorize": request.build_absolute_uri( - reverse("passbook_providers_oauth2:authorize",) + reverse( + "passbook_providers_oauth2:authorize", + ) ), "token": request.build_absolute_uri( - reverse("passbook_providers_oauth2:token",) + reverse( + "passbook_providers_oauth2:token", + ) ), "userinfo": request.build_absolute_uri( - reverse("passbook_providers_oauth2:userinfo",) + reverse( + "passbook_providers_oauth2:userinfo", + ) ), "provider_info": request.build_absolute_uri( reverse( diff --git a/passbook/providers/oauth2/urls.py b/passbook/providers/oauth2/urls.py index 725f26a35..1a0a1a93b 100644 --- a/passbook/providers/oauth2/urls.py +++ b/passbook/providers/oauth2/urls.py @@ -13,7 +13,11 @@ from passbook.providers.oauth2.views.token import TokenView from passbook.providers.oauth2.views.userinfo import UserInfoView urlpatterns = [ - path("authorize/", AuthorizationFlowInitView.as_view(), name="authorize",), + path( + "authorize/", + AuthorizationFlowInitView.as_view(), + name="authorize", + ), path("token/", csrf_exempt(TokenView.as_view()), name="token"), path( "userinfo/", diff --git a/passbook/providers/oauth2/views/authorize.py b/passbook/providers/oauth2/views/authorize.py index 4fef195c1..42fa5653d 100644 --- a/passbook/providers/oauth2/views/authorize.py +++ b/passbook/providers/oauth2/views/authorize.py @@ -257,7 +257,8 @@ class OAuthFulfillmentStage(StageView): ] elif self.params.grant_type in [GrantTypes.IMPLICIT, GrantTypes.HYBRID]: token = self.provider.create_refresh_token( - user=self.request.user, scope=self.params.scope, + user=self.request.user, + scope=self.params.scope, ) # Check if response_type must include access_token in the response. @@ -272,7 +273,8 @@ class OAuthFulfillmentStage(StageView): # We don't need id_token if it's an OAuth2 request. if SCOPE_OPENID in self.params.scope: id_token = token.create_id_token( - user=self.request.user, request=self.request, + user=self.request.user, + request=self.request, ) id_token.nonce = self.params.nonce diff --git a/passbook/providers/oauth2/views/introspection.py b/passbook/providers/oauth2/views/introspection.py index 7673d4adf..514853848 100644 --- a/passbook/providers/oauth2/views/introspection.py +++ b/passbook/providers/oauth2/views/introspection.py @@ -35,7 +35,8 @@ class TokenIntrospectionParams: if not self.token.id_token: LOGGER.debug( - "token not an authentication token", token=self.token, + "token not an authentication token", + token=self.token, ) raise TokenIntrospectionError() diff --git a/passbook/providers/oauth2/views/token.py b/passbook/providers/oauth2/views/token.py index 7067f55fb..2710291db 100644 --- a/passbook/providers/oauth2/views/token.py +++ b/passbook/providers/oauth2/views/token.py @@ -96,7 +96,8 @@ class TokenParams: except RefreshToken.DoesNotExist: LOGGER.warning( - "Refresh token does not exist", token=raw_token, + "Refresh token does not exist", + token=raw_token, ) raise TokenError("invalid_grant") @@ -178,7 +179,8 @@ class TokenView(View): if self.params.authorization_code.is_open_id: id_token = refresh_token.create_id_token( - user=self.params.authorization_code.user, request=self.request, + user=self.params.authorization_code.user, + request=self.request, ) id_token.nonce = self.params.authorization_code.nonce id_token.at_hash = refresh_token.at_hash @@ -221,13 +223,15 @@ class TokenView(View): provider: OAuth2Provider = self.params.refresh_token.provider refresh_token: RefreshToken = provider.create_refresh_token( - user=self.params.refresh_token.user, scope=self.params.scope, + user=self.params.refresh_token.user, + scope=self.params.scope, ) # If the Token has an id_token it's an Authentication request. if self.params.refresh_token.id_token: refresh_token.id_token = refresh_token.create_id_token( - user=self.params.refresh_token.user, request=self.request, + user=self.params.refresh_token.user, + request=self.request, ) refresh_token.id_token.at_hash = refresh_token.at_hash diff --git a/passbook/providers/proxy/models.py b/passbook/providers/proxy/models.py index cd68694c1..7bb1b2ab2 100644 --- a/passbook/providers/proxy/models.py +++ b/passbook/providers/proxy/models.py @@ -92,7 +92,10 @@ class ProxyProvider(OutpostModel, OAuth2Provider): ) certificate = models.ForeignKey( - CertificateKeyPair, on_delete=models.SET_NULL, null=True, blank=True, + CertificateKeyPair, + on_delete=models.SET_NULL, + null=True, + blank=True, ) cookie_secret = models.TextField(default=get_cookie_secret) diff --git a/passbook/providers/saml/migrations/0005_remove_samlprovider_processor_path.py b/passbook/providers/saml/migrations/0005_remove_samlprovider_processor_path.py index 556a189d1..b51e1e427 100644 --- a/passbook/providers/saml/migrations/0005_remove_samlprovider_processor_path.py +++ b/passbook/providers/saml/migrations/0005_remove_samlprovider_processor_path.py @@ -10,5 +10,8 @@ class Migration(migrations.Migration): ] operations = [ - migrations.RemoveField(model_name="samlprovider", name="processor_path",), + migrations.RemoveField( + model_name="samlprovider", + name="processor_path", + ), ] diff --git a/passbook/providers/saml/models.py b/passbook/providers/saml/models.py index 5f824961d..4ab9e204f 100644 --- a/passbook/providers/saml/models.py +++ b/passbook/providers/saml/models.py @@ -72,7 +72,10 @@ class SAMLProvider(Provider): digest_algorithm = models.CharField( max_length=50, - choices=(("sha1", _("SHA1")), ("sha256", _("SHA256")),), + choices=( + ("sha1", _("SHA1")), + ("sha256", _("SHA256")), + ), default="sha256", ) signature_algorithm = models.CharField( diff --git a/passbook/providers/saml/views.py b/passbook/providers/saml/views.py index 53630374c..37450b623 100644 --- a/passbook/providers/saml/views.py +++ b/passbook/providers/saml/views.py @@ -47,7 +47,7 @@ SESSION_KEY_AUTH_N_REQUEST = "authn_request" class SAMLSSOView(PolicyAccessMixin, View): - """"SAML SSO Base View, which plans a flow and injects our final stage. + """ "SAML SSO Base View, which plans a flow and injects our final stage. Calls get/post handler.""" application: Application diff --git a/passbook/root/urls.py b/passbook/root/urls.py index c77f5a3b7..a04469824 100644 --- a/passbook/root/urls.py +++ b/passbook/root/urls.py @@ -38,7 +38,11 @@ for _passbook_app in get_apps(): for module, mountpoint in mountpoints.items(): namespace = _passbook_app.label + module.replace(base_url_module, "") _path = path( - mountpoint, include((module, _passbook_app.label), namespace=namespace,), + mountpoint, + include( + (module, _passbook_app.label), + namespace=namespace, + ), ) urlpatterns.append(_path) LOGGER.debug( diff --git a/passbook/sources/ldap/sync.py b/passbook/sources/ldap/sync.py index 0d0f024da..fc63160f4 100644 --- a/passbook/sources/ldap/sync.py +++ b/passbook/sources/ldap/sync.py @@ -91,7 +91,8 @@ class LDAPSynchronizer: try: defaults = self._build_object_properties(attributes) user, created = User.objects.update_or_create( - attributes__ldap_uniq=uniq, defaults=defaults, + attributes__ldap_uniq=uniq, + defaults=defaults, ) except IntegrityError as exc: LOGGER.warning("Failed to create user", exc=exc) diff --git a/passbook/sources/oauth/models.py b/passbook/sources/oauth/models.py index 8279b3331..72b7e2165 100644 --- a/passbook/sources/oauth/models.py +++ b/passbook/sources/oauth/models.py @@ -69,7 +69,8 @@ class OAuthSource(Source): def ui_user_settings(self) -> Optional[UIUserSettings]: view_name = "passbook_sources_oauth:oauth-client-user" return UIUserSettings( - name=self.name, url=reverse(view_name, kwargs={"source_slug": self.slug}), + name=self.name, + url=reverse(view_name, kwargs={"source_slug": self.slug}), ) def __str__(self) -> str: diff --git a/passbook/sources/oauth/views/callback.py b/passbook/sources/oauth/views/callback.py index 43945c52c..567cdb5ad 100644 --- a/passbook/sources/oauth/views/callback.py +++ b/passbook/sources/oauth/views/callback.py @@ -147,7 +147,9 @@ class OAuthCallback(OAuthClientMixin, View): plan = planner.plan(self.request, kwargs) self.request.session[SESSION_KEY_PLAN] = plan return redirect_with_qs( - "passbook_flows:flow-executor-shell", self.request.GET, flow_slug=flow.slug, + "passbook_flows:flow-executor-shell", + self.request.GET, + flow_slug=flow.slug, ) # pylint: disable=unused-argument diff --git a/passbook/sources/saml/forms.py b/passbook/sources/saml/forms.py index 9bf2101d8..1ba94074d 100644 --- a/passbook/sources/saml/forms.py +++ b/passbook/sources/saml/forms.py @@ -21,7 +21,8 @@ class SAMLSourceForm(forms.ModelForm): designation=FlowDesignation.ENROLLMENT ) self.fields["signing_kp"].queryset = CertificateKeyPair.objects.filter( - certificate_data__isnull=False, key_data__isnull=False, + certificate_data__isnull=False, + key_data__isnull=False, ) class Meta: diff --git a/passbook/sources/saml/migrations/0003_auto_20200624_1957.py b/passbook/sources/saml/migrations/0003_auto_20200624_1957.py index 9f9f0fc90..ce5b71854 100644 --- a/passbook/sources/saml/migrations/0003_auto_20200624_1957.py +++ b/passbook/sources/saml/migrations/0003_auto_20200624_1957.py @@ -14,12 +14,19 @@ class Migration(migrations.Migration): ] operations = [ - migrations.RemoveField(model_name="samlsource", name="auto_logout",), - migrations.RenameField( - model_name="samlsource", old_name="idp_url", new_name="sso_url", + migrations.RemoveField( + model_name="samlsource", + name="auto_logout", ), migrations.RenameField( - model_name="samlsource", old_name="idp_logout_url", new_name="slo_url", + model_name="samlsource", + old_name="idp_url", + new_name="sso_url", + ), + migrations.RenameField( + model_name="samlsource", + old_name="idp_logout_url", + new_name="slo_url", ), migrations.AddField( model_name="samlsource", diff --git a/passbook/sources/saml/processors/response.py b/passbook/sources/saml/processors/response.py index d1b2d98c8..8aac5c1d0 100644 --- a/passbook/sources/saml/processors/response.py +++ b/passbook/sources/saml/processors/response.py @@ -191,5 +191,7 @@ class ResponseProcessor: kwargs[PLAN_CONTEXT_SSO] = True request.session[SESSION_KEY_PLAN] = FlowPlanner(flow).plan(request, kwargs) return redirect_with_qs( - "passbook_flows:flow-executor-shell", request.GET, flow_slug=flow.slug, + "passbook_flows:flow-executor-shell", + request.GET, + flow_slug=flow.slug, ) diff --git a/passbook/stages/consent/tests.py b/passbook/stages/consent/tests.py index 2521c7f1c..d262dab1a 100644 --- a/passbook/stages/consent/tests.py +++ b/passbook/stages/consent/tests.py @@ -23,7 +23,8 @@ class TestConsentStage(TestCase): username="unittest", email="test@beryju.org" ) self.application = Application.objects.create( - name="test-application", slug="test-application", + name="test-application", + slug="test-application", ) self.client = Client() diff --git a/passbook/stages/dummy/tests.py b/passbook/stages/dummy/tests.py index ddc6f7550..e1f9e6668 100644 --- a/passbook/stages/dummy/tests.py +++ b/passbook/stages/dummy/tests.py @@ -22,9 +22,13 @@ class TestDummyStage(TestCase): slug="test-dummy", designation=FlowDesignation.AUTHENTICATION, ) - self.stage = DummyStage.objects.create(name="dummy",) + self.stage = DummyStage.objects.create( + name="dummy", + ) FlowStageBinding.objects.create( - target=self.flow, stage=self.stage, order=0, + target=self.flow, + stage=self.stage, + order=0, ) def test_valid_render(self): diff --git a/passbook/stages/email/tasks.py b/passbook/stages/email/tasks.py index 846df7c55..d2a10b482 100644 --- a/passbook/stages/email/tasks.py +++ b/passbook/stages/email/tasks.py @@ -23,7 +23,12 @@ def send_mails(stage: EmailStage, *messages: List[EmailMultiAlternatives]): @CELERY_APP.task( - bind=True, autoretry_for=(SMTPException, ConnectionError,), retry_backoff=True + bind=True, + autoretry_for=( + SMTPException, + ConnectionError, + ), + retry_backoff=True, ) # pylint: disable=unused-argument def _send_mail_task(self, email_stage_pk: int, message: Dict[Any, Any]): diff --git a/passbook/stages/email/tests.py b/passbook/stages/email/tests.py index 110dedeeb..27b668bc3 100644 --- a/passbook/stages/email/tests.py +++ b/passbook/stages/email/tests.py @@ -30,7 +30,9 @@ class TestEmailStage(TestCase): slug="test-email", designation=FlowDesignation.AUTHENTICATION, ) - self.stage = EmailStage.objects.create(name="email",) + self.stage = EmailStage.objects.create( + name="email", + ) FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2) def test_rendering(self): diff --git a/passbook/stages/identification/tests.py b/passbook/stages/identification/tests.py index d4ff8a4b9..ff0712f76 100644 --- a/passbook/stages/identification/tests.py +++ b/passbook/stages/identification/tests.py @@ -32,7 +32,9 @@ class TestIdentificationStage(TestCase): template=Templates.DEFAULT_LOGIN, ) FlowStageBinding.objects.create( - target=self.flow, stage=self.stage, order=0, + target=self.flow, + stage=self.stage, + order=0, ) # OAuthSource for the login view @@ -92,7 +94,9 @@ class TestIdentificationStage(TestCase): self.stage.enrollment_flow = flow self.stage.save() FlowStageBinding.objects.create( - target=flow, stage=self.stage, order=0, + target=flow, + stage=self.stage, + order=0, ) response = self.client.get( @@ -113,7 +117,9 @@ class TestIdentificationStage(TestCase): self.stage.recovery_flow = flow self.stage.save() FlowStageBinding.objects.create( - target=flow, stage=self.stage, order=0, + target=flow, + stage=self.stage, + order=0, ) response = self.client.get( diff --git a/passbook/stages/invitation/migrations/0001_initial.py b/passbook/stages/invitation/migrations/0001_initial.py index b1d8061cf..83784d932 100644 --- a/passbook/stages/invitation/migrations/0001_initial.py +++ b/passbook/stages/invitation/migrations/0001_initial.py @@ -58,7 +58,10 @@ class Migration(migrations.Migration): ), ), ("expires", models.DateTimeField(blank=True, default=None, null=True)), - ("fixed_data", models.JSONField(default=dict),), + ( + "fixed_data", + models.JSONField(default=dict), + ), ( "created_by", models.ForeignKey( diff --git a/passbook/stages/invitation/tests.py b/passbook/stages/invitation/tests.py index 39407e974..150f3dc7c 100644 --- a/passbook/stages/invitation/tests.py +++ b/passbook/stages/invitation/tests.py @@ -41,7 +41,8 @@ class TestUserLoginStage(TestCase): self.assertEqual(InvitationStageForm(data).is_valid(), True) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) def test_without_invitation_fail(self): """Test without any invitation, continue_flow_without_invitation not set.""" diff --git a/passbook/stages/password/forms.py b/passbook/stages/password/forms.py index a2cda931c..99586ef44 100644 --- a/passbook/stages/password/forms.py +++ b/passbook/stages/password/forms.py @@ -14,7 +14,10 @@ def get_authentication_backends(): "django.contrib.auth.backends.ModelBackend", _("passbook-internal Userdatabase"), ), - ("passbook.sources.ldap.auth.LDAPBackend", _("passbook LDAP"),), + ( + "passbook.sources.ldap.auth.LDAPBackend", + _("passbook LDAP"), + ), ] diff --git a/passbook/stages/password/migrations/0002_passwordstage_change_flow.py b/passbook/stages/password/migrations/0002_passwordstage_change_flow.py index d946e8e51..55269ce63 100644 --- a/passbook/stages/password/migrations/0002_passwordstage_change_flow.py +++ b/passbook/stages/password/migrations/0002_passwordstage_change_flow.py @@ -71,7 +71,8 @@ def update_default_stage_change(apps: Apps, schema_editor: BaseDatabaseSchemaEdi Flow = apps.get_model("passbook_flows", "Flow") flow = Flow.objects.get( - slug="default-password-change", designation=FlowDesignation.STAGE_CONFIGURATION, + slug="default-password-change", + designation=FlowDesignation.STAGE_CONFIGURATION, ) stages = PasswordStage.objects.filter(name="default-authentication-password") diff --git a/passbook/stages/password/tests.py b/passbook/stages/password/tests.py index 62808f14f..6eccc03c1 100644 --- a/passbook/stages/password/tests.py +++ b/passbook/stages/password/tests.py @@ -45,7 +45,8 @@ class TestPasswordStage(TestCase): FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) def test_without_user(self): """Test without user""" @@ -163,7 +164,8 @@ class TestPasswordStage(TestCase): self.assertNotIn(SESSION_KEY_PLAN, self.client.session) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) @patch( "django.contrib.auth.backends.ModelBackend.authenticate", diff --git a/passbook/stages/prompt/forms.py b/passbook/stages/prompt/forms.py index 34b0196d6..11f2a44da 100644 --- a/passbook/stages/prompt/forms.py +++ b/passbook/stages/prompt/forms.py @@ -65,7 +65,9 @@ class ListPolicyEngine(PolicyEngine): def _iter_bindings(self) -> Iterator[PolicyBinding]: for policy in self.__list: - yield PolicyBinding(policy=policy,) + yield PolicyBinding( + policy=policy, + ) class PromptForm(forms.Form): diff --git a/passbook/stages/prompt/migrations/0001_initial.py b/passbook/stages/prompt/migrations/0001_initial.py index 7324bcf17..9f4a56a33 100644 --- a/passbook/stages/prompt/migrations/0001_initial.py +++ b/passbook/stages/prompt/migrations/0001_initial.py @@ -64,7 +64,10 @@ class Migration(migrations.Migration): ("placeholder", models.TextField(blank=True)), ("order", models.IntegerField(default=0)), ], - options={"verbose_name": "Prompt", "verbose_name_plural": "Prompts",}, + options={ + "verbose_name": "Prompt", + "verbose_name_plural": "Prompts", + }, ), migrations.CreateModel( name="PromptStage", diff --git a/passbook/stages/user_delete/tests.py b/passbook/stages/user_delete/tests.py index b5f53a061..6762ea627 100644 --- a/passbook/stages/user_delete/tests.py +++ b/passbook/stages/user_delete/tests.py @@ -33,7 +33,8 @@ class TestUserDeleteStage(TestCase): FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) def test_no_user(self): """Test without user set""" diff --git a/passbook/stages/user_login/tests.py b/passbook/stages/user_login/tests.py index 2385826d8..199bca512 100644 --- a/passbook/stages/user_login/tests.py +++ b/passbook/stages/user_login/tests.py @@ -59,7 +59,8 @@ class TestUserLoginStage(TestCase): ) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) def test_without_user(self): """Test a plan without any pending user, resulting in a denied""" @@ -80,7 +81,8 @@ class TestUserLoginStage(TestCase): self.assertIsInstance(response, AccessDeniedResponse) @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) def test_without_backend(self): """Test a plan with pending user, without backend, resulting in a denied""" diff --git a/passbook/stages/user_logout/stage.py b/passbook/stages/user_logout/stage.py index cda6b7300..cb111e76f 100644 --- a/passbook/stages/user_logout/stage.py +++ b/passbook/stages/user_logout/stage.py @@ -13,7 +13,9 @@ class UserLogoutStageView(StageView): def get(self, request: HttpRequest) -> HttpResponse: LOGGER.debug( - "Logged out", user=request.user, flow_slug=self.executor.flow.slug, + "Logged out", + user=request.user, + flow_slug=self.executor.flow.slug, ) logout(self.request) return self.executor.stage_ok() diff --git a/passbook/stages/user_write/stage.py b/passbook/stages/user_write/stage.py index 53ded9e1a..5e25297a8 100644 --- a/passbook/stages/user_write/stage.py +++ b/passbook/stages/user_write/stage.py @@ -33,7 +33,8 @@ class UserWriteStageView(StageView): PLAN_CONTEXT_AUTHENTICATION_BACKEND ] = class_to_path(ModelBackend) LOGGER.debug( - "Created new user", flow_slug=self.executor.flow.slug, + "Created new user", + flow_slug=self.executor.flow.slug, ) user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER] # Before we change anything, check if the user is the same as in the request @@ -68,6 +69,8 @@ class UserWriteStageView(StageView): update_session_auth_hash(self.request, user) LOGGER.debug("Updated session hash", user=user) LOGGER.debug( - "Updated existing user", user=user, flow_slug=self.executor.flow.slug, + "Updated existing user", + user=user, + flow_slug=self.executor.flow.slug, ) return self.executor.stage_ok() diff --git a/passbook/stages/user_write/tests.py b/passbook/stages/user_write/tests.py index 44deca530..c82c0755a 100644 --- a/passbook/stages/user_write/tests.py +++ b/passbook/stages/user_write/tests.py @@ -111,7 +111,8 @@ class TestUserWriteStage(TestCase): self.assertEqual(user_qs.first().attributes["some-custom-attribute"], "test") @patch( - "passbook.flows.views.to_stage_response", TO_STAGE_RESPONSE_MOCK, + "passbook.flows.views.to_stage_response", + TO_STAGE_RESPONSE_MOCK, ) def test_without_data(self): """Test without data results in error"""