apigatewayauth/tests/test_permissions_spec.py

 from unittest.mock import patch
-from django.test import TestCase
+
 from django.conf import settings
 from django.core.cache import cache
+from django.test import TestCase
 from identitylib.identifiers import Identifier, IdentifierSchemes
 
 from apigatewayauth.permissions_spec import (
-    get_permission_spec, get_principals_with_permission, get_groups_with_permission
+    get_groups_with_permission,
+    get_permission_spec,
+    get_principals_with_permission,
 )
 
 
 class PermissionSpecTestCase(TestCase):
-
     def setUp(self):
         super().setUp()
         cache.clear()  # clear the cache between tests
 
-    @patch('apigatewayauth.permissions_spec.geddit')
+    @patch("apigatewayauth.permissions_spec.geddit")
     def test_will_return_parsed_permissions_spec_with_cache(self, geddit_mock):
         geddit_mock.return_value = """
             CARD_DATA_READERS:
@@ -29,11 +31,11 @@ class PermissionSpecTestCase(TestCase):
         expected_permission_spec = {
             "CARD_DATA_READERS": {
                 "principals": [
-                    str(Identifier('abc123', IdentifierSchemes.CRSID)),
-                    str(Identifier('1234', IdentifierSchemes.API_GATEWAY_APPLICATION)),
+                    str(Identifier("abc123", IdentifierSchemes.CRSID)),
+                    str(Identifier("1234", IdentifierSchemes.API_GATEWAY_APPLICATION)),
                 ],
                 "groups": [
-                    str(Identifier('1001', IdentifierSchemes.LOOKUP_GROUP)),
+                    str(Identifier("1001", IdentifierSchemes.LOOKUP_GROUP)),
                 ],
             }
         }
@@ -47,7 +49,7 @@ class PermissionSpecTestCase(TestCase):
         self.assertEqual(get_permission_spec(), expected_permission_spec)
         geddit_mock.assert_not_called()
 
-    @patch('apigatewayauth.permissions_spec.geddit')
+    @patch("apigatewayauth.permissions_spec.geddit")
     def test_can_query_specific_permission(self, geddit_mock):
         geddit_mock.return_value = """
             CARD_DATA_READERS:
@@ -62,29 +64,28 @@ class PermissionSpecTestCase(TestCase):
         """
 
         self.assertEqual(
-            get_principals_with_permission('CARD_DATA_READERS'), {
-                Identifier('1234', IdentifierSchemes.API_GATEWAY_APPLICATION),
-                Identifier('abc123', IdentifierSchemes.CRSID)
-            }
+            get_principals_with_permission("CARD_DATA_READERS"),
+            {
+                Identifier("1234", IdentifierSchemes.API_GATEWAY_APPLICATION),
+                Identifier("abc123", IdentifierSchemes.CRSID),
+            },
         )
         geddit_mock.assert_called_with(settings.PERMISSIONS_SPECIFICATION_URL)
         geddit_mock.reset_mock()
 
         self.assertEqual(
-            get_groups_with_permission('CARD_DATA_READERS'), {
-                Identifier('1001', IdentifierSchemes.LOOKUP_GROUP)
-            }
+            get_groups_with_permission("CARD_DATA_READERS"),
+            {Identifier("1001", IdentifierSchemes.LOOKUP_GROUP)},
         )
         # should not be called as we have cached the spec
         geddit_mock.assert_not_called()
 
         self.assertEqual(
-            get_principals_with_permission('CARD_DATA_WRITERS'), {
-                Identifier('abc234', IdentifierSchemes.CRSID)
-            }
+            get_principals_with_permission("CARD_DATA_WRITERS"),
+            {Identifier("abc234", IdentifierSchemes.CRSID)},
         )
 
-        self.assertEqual(get_groups_with_permission('CARD_DATA_WRITERS'), set())
+        self.assertEqual(get_groups_with_permission("CARD_DATA_WRITERS"), set())
 
-        self.assertEqual(get_groups_with_permission('CARD_DATA_ADMINS'), set())
-        self.assertEqual(get_principals_with_permission('CARD_DATA_ADMINS'), set())
+        self.assertEqual(get_groups_with_permission("CARD_DATA_ADMINS"), set())
+        self.assertEqual(get_principals_with_permission("CARD_DATA_ADMINS"), set())

pyproject.toml

+[tool.poetry]
+name = "django-ucam-apigatewayauth"
+version = "0.0.4"
+description = "A Django module allow auth based on the headers passed from the API Gateway"
+authors = ["DevOps Division, University Information Services, University of Cambridge <devops@uis.cam.ac.uk>"]
+license = "MIT"
+readme = "README.md"
+packages = [{include = "apigatewayauth"}]
+classifiers=[
+  "Development Status :: 3 - Alpha",
+  "Environment :: Web Environment",
+  "Framework :: Django",
+  "Intended Audience :: Developers",
+  "License :: OSI Approved :: MIT License",
+  "Operating System :: OS Independent",
+  "Programming Language :: Python",
+]
+
+[tool.poetry.dependencies]
+python = "^3.10"
+django = ">=3.2.7,<4.3.0"
+djangorestframework = "^3.14.0"
+pyyaml = "^6.0.1"
+ucam-identitylib = "^3.0.0"
+django-ucamlookup = ">=3.0.5,<3.1.0"
+geddit = {version = "^1.0.1", source = "uis-devops"}
+
+
+[[tool.poetry.source]]
+name = "uis-devops"
+url = "https://gitlab.developers.cam.ac.uk/api/v4/groups/5/-/packages/pypi/simple"
+priority = "explicit"
+
+
+[tool.poetry.group.dev.dependencies]
+mock = "^5.1.0"
+coverage = "^7.3.1"
+pre-commit = "^3.4.0"
+
+[build-system]
+requires = ["poetry-core"]
+build-backend = "poetry.core.masonry.api"
+
+[tool.black]
+line-length = 99
+
+[tool.isort]
+profile = "black"
+
+[tool.mypy]
+ignore_missing_imports = true

requirements.txt

-django>=3.2.7,<4.3.0
-djangorestframework
-geddit
-PyYAML
-ucam-identitylib>=0.1.7
-django-ucamlookup~=3.0.5

runtests.py

 import logging
 import os
 import sys
+
 import django
 from django.conf import settings
-from django.test.runner import DiscoverRunner
 from django.db import DEFAULT_DB_ALIAS
-
+from django.test.runner import DiscoverRunner
 
 DIRNAME = os.path.dirname(os.path.realpath(__file__))
 
 settings.configure(
     DEBUG=False,
-    SECRET_KEY='placeholder',
-    DATABASES={DEFAULT_DB_ALIAS: {'ENGINE': 'django.db.backends.sqlite3', 'NAME': '/tmp/test.db'}},
-    TIME_ZONE='Europe/London',
+    SECRET_KEY="placeholder",
+    DATABASES={
+        DEFAULT_DB_ALIAS: {
+            "ENGINE": "django.db.backends.sqlite3",
+            "NAME": "/tmp/test.db",
+        }
+    },
+    TIME_ZONE="Europe/London",
     USE_TZ=True,
-    INSTALLED_APPS=('apigatewayauth', 'apigatewayauth.tests.mocks'),
+    INSTALLED_APPS=("apigatewayauth", "apigatewayauth.tests.mocks"),
     MIDDLEWARE_CLASSES=(),
     MIDDLEWARE=(),
     TEMPLATES=[],
     # point to our mock permissions spec
     PERMISSIONS_SPECIFICATION_URL=(
-      os.path.join(DIRNAME, 'apigatewayauth/tests/mocks/permissions_spec.yml')
-    )
+        os.path.join(DIRNAME, "apigatewayauth/tests/mocks/permissions_spec.yml")
+    ),
 )
 
 django.setup()
@@ -30,6 +35,6 @@ django.setup()
 logging.basicConfig()
 test_runner = DiscoverRunner()
 
-failures = test_runner.run_tests(['apigatewayauth'])
+failures = test_runner.run_tests(["apigatewayauth"])
 if failures:
     sys.exit(1)

setup.py

-import os
-from setuptools import setup, find_packages
-
-
-def load_requirements(file: str):
-    """
-    Load requirements file and return non-empty, non-comment lines with leading and trailing
-    whitespace stripped.
-    """
-    with open(os.path.join(os.path.dirname(__file__), file)) as f:
-        return [
-            line.strip() for line in f
-            if line.strip() != '' and not line.strip().startswith('#')
-        ]
-
-
-setup(
-    name='django-ucam-apigatewayauth',
-    description='A Django module allow auth based on the headers passed from the API Gateway',
-    long_description=open('README.md').read(),
-    long_description_content_type='text/markdown',
-    url='https://gitlab.developers.cam.ac.uk/uis/devops/django/api-gateway-auth',
-    version='0.0.3',
-    license='MIT',
-    author='DevOps Division, University Information Services, University of Cambridge',
-    author_email='devops@uis.cam.ac.uk',
-    packages=find_packages(),
-    include_package_data=True,
-    install_requires=load_requirements('requirements.txt'),
-    classifiers=[
-        'Development Status :: 3 - Alpha ',
-        'Environment :: Web Environment',
-        'Framework :: Django',
-        'Intended Audience :: Developers',
-        'License :: OSI Approved :: MIT License',
-        'Operating System :: OS Independent',
-        'Programming Language :: Python',
-    ],
-)

test.sh

+#!/bin/sh
 #
 # Wrapper script to run tox. Arguments are passed directly to tox.
 
@@ -9,4 +10,4 @@ cd "$( dirname "${BASH_SOURCE[0]}")"
 
 # Execute tox runner, logging command used
 set -x
-exec docker-compose run --rm tox $@
\ No newline at end of file
+exec docker-compose run --rm tox $@

tox.ini

@@ -25,21 +25,22 @@ skipsdist=true
 build_root={env:TOXINI_ARTEFACT_DIR:{toxinidir}/build}
 
 [testenv]
+allowlist_externals=poetry
 setenv=
 #   Override the coverage dtaa file location since the application root is
 #   mounted read-only.
     COVERAGE_FILE={env:TOXINI_COVERAGE_FILE:{toxinidir}/.coverage}
 # Additional dependencies
 deps=
+    # The package itself
     .
-    mock
-    coverage
-    -rrequirements.txt
-
     # Specific django versions
     django3.2: Django~=3.2.0
     django4.1: Django~=4.1.0
     django4.2: Django~=4.2.0
+commands_pre=
+    poetry install --only=dev
+    pip show Django
 # Specify the default environment.
 commands=
     coverage run --source={toxinidir} ./runtests.py {posargs}
@@ -49,17 +50,3 @@ commands=
 
 [testenv:py3]
 basepython=python3
-
-# Check for PEP8 violations
-[testenv:flake8]
-basepython=python3
-deps=
-    -rrequirements.txt
-#   We specify a specific version of flake8 to avoid introducing "false"
-#   regressions when new checks are introduced. The version of flake8 used may
-#   be overridden via the TOXINI_FLAKE8_VERSION environment variable.
-    mock
-    flake8=={env:TOXINI_FLAKE8_VERSION:4.0.1}
-commands=
-    flake8 --version
-    flake8 --tee --output-file={[_vars]build_root}/{envname}/report.txt .