Re: State of Flask-OIDC
On Wed, Jan 11, 2023 at 1:37 PM David Kirwan wrote: > Merged the changes in the PyJWT PR into the fedora-infra fork, tagged a > release 1.5.0, and sent in a PR against the RPM to now point at this fork + > new version: > https://src.fedoraproject.org/rpms/python-flask-oidc/pull-request/2 > Great, thanks a ton for your work on this! I'd confirmed it unbreaks the flask-oidc in rawhide. I guess it isn't easily possible to also bump the version on pypy? > > > > On Mon, 19 Dec 2022 at 11:19, David Kirwan wrote: > >> >> >> On Thu, 15 Dec 2022 at 08:30, Frantisek Zatloukal >> wrote: >> >>> >>> >>> On Wed, Dec 7, 2022 at 3:25 AM David Kirwan wrote: >>> Thanks for the update, David! >>> >>> Would it be possible to cut a new release with the pyJWT PR included at >>> least once you have time/mood to re-focus? Or would that be wasted effort >>> before porting to authlib? >>> >> >> I think it might be wasted effort, as this functionality is >> replaced/handled in authlib iirc, but then again, I don't think this >> authlib implementation is ready either so if we do cut a release of the >> pyJWT PR at least we'll have a working version flask-oidc! >> >> If upstream is too busy to review, should we use our fork: >> https://github.com/fedora-infra/flask-oidc ? Maybe get the pyJWT code PR >> merged there, and then point our RPM at this fork? Will take urgency off >> then, I can take more time then to focus on the authlib implementation? >> >> cheers, >> David >> >> >> >>> >>> Thanks a lot! >>> >>> >> > > -- > David Kirwan > Senior Software Engineer > > Community Platform Engineering @ Red Hat > > T: +(353) 86-8624108 > ___ > infrastructure mailing list -- infrastructure@lists.fedoraproject.org > To unsubscribe send an email to > infrastructure-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > -- Best regards / S pozdravem, František Zatloukal Senior Quality Engineer Red Hat ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: State of Flask-OIDC
Merged the changes in the PyJWT PR into the fedora-infra fork, tagged a release 1.5.0, and sent in a PR against the RPM to now point at this fork + new version: https://src.fedoraproject.org/rpms/python-flask-oidc/pull-request/2 On Mon, 19 Dec 2022 at 11:19, David Kirwan wrote: > > > On Thu, 15 Dec 2022 at 08:30, Frantisek Zatloukal > wrote: > >> >> >> On Wed, Dec 7, 2022 at 3:25 AM David Kirwan wrote: >> >>> >>> >>> Thanks for the update, David! >> >> Would it be possible to cut a new release with the pyJWT PR included at >> least once you have time/mood to re-focus? Or would that be wasted effort >> before porting to authlib? >> > > I think it might be wasted effort, as this functionality is > replaced/handled in authlib iirc, but then again, I don't think this > authlib implementation is ready either so if we do cut a release of the > pyJWT PR at least we'll have a working version flask-oidc! > > If upstream is too busy to review, should we use our fork: > https://github.com/fedora-infra/flask-oidc ? Maybe get the pyJWT code PR > merged there, and then point our RPM at this fork? Will take urgency off > then, I can take more time then to focus on the authlib implementation? > > cheers, > David > > > >> >> Thanks a lot! >> >> > -- David Kirwan Senior Software Engineer Community Platform Engineering @ Red Hat T: +(353) 86-8624108 ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: State of Flask-OIDC
On Thu, 15 Dec 2022 at 08:30, Frantisek Zatloukal wrote: > > > On Wed, Dec 7, 2022 at 3:25 AM David Kirwan wrote: > >> >> >> Thanks for the update, David! > > Would it be possible to cut a new release with the pyJWT PR included at > least once you have time/mood to re-focus? Or would that be wasted effort > before porting to authlib? > I think it might be wasted effort, as this functionality is replaced/handled in authlib iirc, but then again, I don't think this authlib implementation is ready either so if we do cut a release of the pyJWT PR at least we'll have a working version flask-oidc! If upstream is too busy to review, should we use our fork: https://github.com/fedora-infra/flask-oidc ? Maybe get the pyJWT code PR merged there, and then point our RPM at this fork? Will take urgency off then, I can take more time then to focus on the authlib implementation? cheers, David > > Thanks a lot! > > ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: State of Flask-OIDC
On Wed, Dec 7, 2022 at 3:25 AM David Kirwan wrote: > > > On Tue, 6 Dec 2022 at 03:05, Neal Gompa wrote: > >> On Mon, Dec 5, 2022 at 12:48 PM Frantisek Zatloukal >> wrote: >> > >> > \o/, >> > >> > I'd like to ask if there is anybody familiar with the state of >> flask-oidc? It's been long-time broken with the latest itsdangerous, which >> was recently bumped in Rawhide, which broke all the applications using >> flask-oidc from Fedora repositories ( >> https://bugzilla.redhat.com/show_bug.cgi?id=2150955 ). >> > >> > There is an upstream PR against flask-oidc changing itsdangerous to >> pyJWT: https://github.com/puiterwijk/flask-oidc/pull/144 (which, >> according to my previous testing, makes the trouble go away). Can somebody >> take a look at it, and merge/release a new fixed version? I can handle >> pyJWT packaging in Fedora if this is the way forward. >> > >> > On a similar note, is the flask-oidc library the way to connect to FAS >> login for python applications? I had an impression that apps should migrate >> to this from plain openid (and I am planning to handle the transition of >> remaining Fedora QA apps). It seems abandoned upstream, so should the devs >> of python/flask apps use some other lib/way? >> > >> > Thanks a lot upfront! >> > >> >> There was an attempt to do something about this: >> https://github.com/fedora-infra/flask-oidc >> >> But it also seemingly died. >> > > Not dead yet, just on life support! Hit a few issues as this is an attempt > at replacing oauth2client behind the scenes with authlib. Let me share > how far I've gotten with this.. > > - I've a somewhat functional POC which has implemented enough of the > original functionality to get a basic login flow working, but it doesn't > quite have every feature in the current released version of flask-oidc, may > require further functionality be developed, I need to examine some of the > locations where we currently use it, and see if this new version offers > enough functionality to replace. > - Currently hit blocker updating the tests, having to upskill as I know > next to nothing about ipsilon, so having to go learn to figure out what I'm > trying to mock out to test, slow progress here! > > authlib implementation PR: > https://github.com/fedora-infra/flask-oidc/pull/8 > Testing App focusing only on the OIDC login etc: > https://github.com/fedora-infra/test-auth/tree/authlib_dev > > I should get time to re-focus on this over the next few weeks. > Thanks for the update, David! Would it be possible to cut a new release with the pyJWT PR included at least once you have time/mood to re-focus? Or would that be wasted effort before porting to authlib? Thanks a lot! > > >> >> >> -- >> 真実はいつも一つ!/ Always, there's only one truth! >> ___ >> infrastructure mailing list -- infrastructure@lists.fedoraproject.org >> To unsubscribe send an email to >> infrastructure-le...@lists.fedoraproject.org >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org >> Do not reply to spam, report it: >> https://pagure.io/fedora-infrastructure/new_issue >> > > > -- > David Kirwan > Senior Software Engineer > > Community Platform Engineering @ Red Hat > > T: +(353) 86-8624108 > ___ > infrastructure mailing list -- infrastructure@lists.fedoraproject.org > To unsubscribe send an email to > infrastructure-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > -- Best regards / S pozdravem, František Zatloukal Senior Quality Engineer Red Hat ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: State of Flask-OIDC
On Tue, 6 Dec 2022 at 03:05, Neal Gompa wrote: > On Mon, Dec 5, 2022 at 12:48 PM Frantisek Zatloukal > wrote: > > > > \o/, > > > > I'd like to ask if there is anybody familiar with the state of > flask-oidc? It's been long-time broken with the latest itsdangerous, which > was recently bumped in Rawhide, which broke all the applications using > flask-oidc from Fedora repositories ( > https://bugzilla.redhat.com/show_bug.cgi?id=2150955 ). > > > > There is an upstream PR against flask-oidc changing itsdangerous to > pyJWT: https://github.com/puiterwijk/flask-oidc/pull/144 (which, > according to my previous testing, makes the trouble go away). Can somebody > take a look at it, and merge/release a new fixed version? I can handle > pyJWT packaging in Fedora if this is the way forward. > > > > On a similar note, is the flask-oidc library the way to connect to FAS > login for python applications? I had an impression that apps should migrate > to this from plain openid (and I am planning to handle the transition of > remaining Fedora QA apps). It seems abandoned upstream, so should the devs > of python/flask apps use some other lib/way? > > > > Thanks a lot upfront! > > > > There was an attempt to do something about this: > https://github.com/fedora-infra/flask-oidc > > But it also seemingly died. > Not dead yet, just on life support! Hit a few issues as this is an attempt at replacing oauth2client behind the scenes with authlib. Let me share how far I've gotten with this.. - I've a somewhat functional POC which has implemented enough of the original functionality to get a basic login flow working, but it doesn't quite have every feature in the current released version of flask-oidc, may require further functionality be developed, I need to examine some of the locations where we currently use it, and see if this new version offers enough functionality to replace. - Currently hit blocker updating the tests, having to upskill as I know next to nothing about ipsilon, so having to go learn to figure out what I'm trying to mock out to test, slow progress here! authlib implementation PR: https://github.com/fedora-infra/flask-oidc/pull/8 Testing App focusing only on the OIDC login etc: https://github.com/fedora-infra/test-auth/tree/authlib_dev I should get time to re-focus on this over the next few weeks. > > > -- > 真実はいつも一つ!/ Always, there's only one truth! > ___ > infrastructure mailing list -- infrastructure@lists.fedoraproject.org > To unsubscribe send an email to > infrastructure-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > -- David Kirwan Senior Software Engineer Community Platform Engineering @ Red Hat T: +(353) 86-8624108 ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Re: State of Flask-OIDC
On Mon, Dec 5, 2022 at 12:48 PM Frantisek Zatloukal wrote: > > \o/, > > I'd like to ask if there is anybody familiar with the state of flask-oidc? > It's been long-time broken with the latest itsdangerous, which was recently > bumped in Rawhide, which broke all the applications using flask-oidc from > Fedora repositories ( https://bugzilla.redhat.com/show_bug.cgi?id=2150955 ). > > There is an upstream PR against flask-oidc changing itsdangerous to pyJWT: > https://github.com/puiterwijk/flask-oidc/pull/144 (which, according to my > previous testing, makes the trouble go away). Can somebody take a look at it, > and merge/release a new fixed version? I can handle pyJWT packaging in Fedora > if this is the way forward. > > On a similar note, is the flask-oidc library the way to connect to FAS login > for python applications? I had an impression that apps should migrate to this > from plain openid (and I am planning to handle the transition of remaining > Fedora QA apps). It seems abandoned upstream, so should the devs of > python/flask apps use some other lib/way? > > Thanks a lot upfront! > There was an attempt to do something about this: https://github.com/fedora-infra/flask-oidc But it also seemingly died. -- 真実はいつも一つ!/ Always, there's only one truth! ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
State of Flask-OIDC
\o/, I'd like to ask if there is anybody familiar with the state of flask-oidc? It's been long-time broken with the latest itsdangerous, which was recently bumped in Rawhide, which broke all the applications using flask-oidc from Fedora repositories ( https://bugzilla.redhat.com/show_bug.cgi?id=2150955 ). There is an upstream PR against flask-oidc changing itsdangerous to pyJWT: https://github.com/puiterwijk/flask-oidc/pull/144 (which, according to my previous testing, makes the trouble go away). Can somebody take a look at it, and merge/release a new fixed version? I can handle pyJWT packaging in Fedora if this is the way forward. On a similar note, is the flask-oidc library the way to connect to FAS login for python applications? I had an impression that apps should migrate to this from plain openid (and I am planning to handle the transition of remaining Fedora QA apps). It seems abandoned upstream, so should the devs of python/flask apps use some other lib/way? Thanks a lot upfront! -- Best regards / S pozdravem, František Zatloukal Senior Quality Engineer Red Hat ___ infrastructure mailing list -- infrastructure@lists.fedoraproject.org To unsubscribe send an email to infrastructure-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue