diff --git a/credentials/apps/verifiable_credentials/rest_api/v1/views.py b/credentials/apps/verifiable_credentials/rest_api/v1/views.py index 0923aba7b..1c4056aed 100644 --- a/credentials/apps/verifiable_credentials/rest_api/v1/views.py +++ b/credentials/apps/verifiable_credentials/rest_api/v1/views.py @@ -6,6 +6,7 @@ from django.contrib.auth import get_user_model from django.utils.translation import gettext as _ from edx_rest_framework_extensions.auth.jwt.authentication import JwtAuthentication +from oauth2_provider.contrib.rest_framework import OAuth2Authentication, TokenHasScope from rest_framework import mixins, status, viewsets from rest_framework.authentication import SessionAuthentication from rest_framework.exceptions import NotFound, ValidationError @@ -155,11 +156,14 @@ class IssueCredentialView(APIView): """ authentication_classes = ( - JwtAuthentication, SessionAuthentication, + OAuth2Authentication, ) - - permission_classes = (IsAuthenticated,) + permission_classes = ( + IsAuthenticated, + TokenHasScope, + ) + required_scopes = ("verifiable_credentials",) def post(self, request, *args, **kwargs): credential_issuer = CredentialIssuer(request_data=request.data, issuance_uuid=kwargs.get("issuance_line_uuid")) diff --git a/credentials/settings/base.py b/credentials/settings/base.py index fa0668580..1e9a0c8e8 100644 --- a/credentials/settings/base.py +++ b/credentials/settings/base.py @@ -64,6 +64,7 @@ "hijack", "xss_utils", "config_models", + "oauth2_provider", ] PROJECT_APPS = [ @@ -560,3 +561,12 @@ # Plugin Django Apps INSTALLED_APPS.extend(get_plugin_apps(PROJECT_TYPE)) add_plugins(__name__, PROJECT_TYPE, SettingsType.BASE) + +# DJANGO OAUTH TOOLKIT +OAUTH2_PROVIDER = { + "SCOPES": { + "introspection": "Introspect token scope", + }, + "RESOURCE_SERVER_INTROSPECTION_URL": "SET-ME-PLEASE", + "RESOURCE_SERVER_AUTH_TOKEN": "SET-ME-PLEASE", +} diff --git a/requirements/all.txt b/requirements/all.txt index f5ed44b02..6da4870b4 100644 --- a/requirements/all.txt +++ b/requirements/all.txt @@ -13,7 +13,7 @@ asgiref==3.6.0 # -r requirements/dev.txt # -r requirements/production.txt # django -astroid==2.14.2 +astroid==2.15.0 # via # -r requirements/dev.txt # pylint @@ -42,11 +42,11 @@ bleach==6.0.0 # -r requirements/production.txt bok-choy==1.1.1 # via -r requirements/dev.txt -boto3==1.26.79 +boto3==1.26.92 # via # -r requirements/production.txt # django-ses -botocore==1.29.79 +botocore==1.29.92 # via # -r requirements/production.txt # boto3 @@ -62,7 +62,7 @@ cffi==1.15.1 # -r requirements/production.txt # cryptography # pynacl -charset-normalizer==3.0.1 +charset-normalizer==3.1.0 # via # -r requirements/dev.txt # -r requirements/production.txt @@ -101,10 +101,11 @@ coreschema==0.0.4 # drf-yasg coverage==7.2.1 # via -r requirements/dev.txt -cryptography==39.0.1 +cryptography==39.0.2 # via # -r requirements/dev.txt # -r requirements/production.txt + # jwcrypto # paramiko # pyjwt # social-auth-core @@ -116,7 +117,12 @@ defusedxml==0.7.1 # -r requirements/production.txt # python3-openid # social-auth-core -didkit==0.3.1 +deprecated==1.2.13 + # via + # -r requirements/dev.txt + # -r requirements/production.txt + # jwcrypto +didkit==0.3.2 # via # -r requirements/dev.txt # -r requirements/production.txt @@ -146,6 +152,7 @@ django==3.2.18 # django-extensions # django-filter # django-hijack + # django-oauth-toolkit # django-ses # django-statici18n # django-storages @@ -196,6 +203,10 @@ django-hijack==2.3.0 # -c requirements/constraints.txt # -r requirements/dev.txt # -r requirements/production.txt +django-oauth-toolkit==2.2.0 + # via + # -r requirements/dev.txt + # -r requirements/production.txt django-ratelimit==3.0.1 # via # -c requirements/constraints.txt @@ -304,7 +315,7 @@ edx-i18n-tools==0.9.2 # -r requirements/dev.txt # -r requirements/production.txt # edx-credentials-themes -edx-lint==5.3.2 +edx-lint==5.3.4 # via -r requirements/dev.txt edx-opaque-keys==2.3.0 # via @@ -319,17 +330,17 @@ edx-toggles==5.0.0 # via # -r requirements/dev.txt # -r requirements/production.txt -exceptiongroup==1.1.0 +exceptiongroup==1.1.1 # via # -r requirements/dev.txt # pytest factory-boy==3.2.1 # via -r requirements/dev.txt -faker==17.3.0 +faker==17.6.0 # via # -r requirements/dev.txt # factory-boy -filelock==3.9.0 +filelock==3.10.0 # via # -r requirements/dev.txt # tox @@ -392,6 +403,11 @@ jsonschema==3.2.0 # via # -r requirements/dev.txt # docker-compose +jwcrypto==1.4.2 + # via + # -r requirements/dev.txt + # -r requirements/production.txt + # django-oauth-toolkit lazy==1.5 # via # -r requirements/dev.txt @@ -437,6 +453,7 @@ oauthlib==3.2.2 # via # -r requirements/dev.txt # -r requirements/production.txt + # django-oauth-toolkit # requests-oauthlib # social-auth-core openapi-codec==1.3.2 @@ -453,7 +470,7 @@ packaging==23.0 # drf-yasg # pytest # tox -paramiko==3.0.0 +paramiko==3.1.0 # via # -r requirements/dev.txt # docker @@ -462,7 +479,7 @@ path==16.6.0 # -r requirements/dev.txt # -r requirements/production.txt # edx-i18n-tools -pathspec==0.11.0 +pathspec==0.11.1 # via # -r requirements/dev.txt # black @@ -475,7 +492,7 @@ pillow==9.4.0 # via # -r requirements/dev.txt # -r requirements/production.txt -platformdirs==3.0.0 +platformdirs==3.1.1 # via # -r requirements/dev.txt # black @@ -528,7 +545,7 @@ pyjwt[crypto]==2.6.0 # edx-drf-extensions # edx-rest-api-client # social-auth-core -pylint==2.16.2 +pylint==2.17.0 # via # -r requirements/dev.txt # edx-lint @@ -568,7 +585,7 @@ pyrsistent==0.19.3 # via # -r requirements/dev.txt # jsonschema -pytest==7.2.1 +pytest==7.2.2 # via # -r requirements/dev.txt # pytest-django @@ -620,6 +637,7 @@ pyyaml==5.4.1 # docker-compose # edx-django-release-util # edx-i18n-tools + # responses qrcode==7.4.2 # via # -r requirements/dev.txt @@ -630,6 +648,7 @@ requests==2.28.2 # -r requirements/production.txt # analytics-python # coreapi + # django-oauth-toolkit # docker # docker-compose # edx-drf-extensions @@ -645,7 +664,7 @@ requests-oauthlib==1.3.1 # -r requirements/dev.txt # -r requirements/production.txt # social-auth-core -responses==0.22.0 +responses==0.23.1 # via -r requirements/dev.txt ruamel-yaml==0.17.21 # via @@ -675,7 +694,7 @@ semantic-version==2.10.0 # -r requirements/dev.txt # -r requirements/production.txt # edx-drf-extensions -simplejson==3.18.3 +simplejson==3.18.4 # via # -r requirements/dev.txt # -r requirements/production.txt @@ -705,12 +724,12 @@ slumber==0.7.1 # -r requirements/dev.txt # -r requirements/production.txt # edx-rest-api-client -social-auth-app-django==5.0.0 +social-auth-app-django==5.1.0 # via # -r requirements/dev.txt # -r requirements/production.txt # edx-auth-backends -social-auth-core==4.3.0 +social-auth-core==4.4.0 # via # -r requirements/dev.txt # -r requirements/production.txt @@ -741,10 +760,6 @@ texttable==1.6.7 # via # -r requirements/dev.txt # docker-compose -toml==0.10.2 - # via - # -r requirements/dev.txt - # responses tomli==2.0.1 # via # -r requirements/dev.txt @@ -760,7 +775,7 @@ tox==3.28.0 # via # -c requirements/common_constraints.txt # -r requirements/dev.txt -types-toml==0.10.8.5 +types-pyyaml==6.0.12.8 # via # -r requirements/dev.txt # responses @@ -778,7 +793,7 @@ uritemplate==4.1.1 # -r requirements/production.txt # coreapi # drf-yasg -urllib3==1.26.14 +urllib3==1.26.15 # via # -r requirements/dev.txt # -r requirements/production.txt @@ -787,7 +802,7 @@ urllib3==1.26.14 # requests # responses # selenium -virtualenv==20.19.0 +virtualenv==20.21.0 # via # -r requirements/dev.txt # tox @@ -804,7 +819,9 @@ websocket-client==0.59.0 wrapt==1.15.0 # via # -r requirements/dev.txt + # -r requirements/production.txt # astroid + # deprecated xss-utils==0.4.0 # via # -r requirements/dev.txt diff --git a/requirements/base.in b/requirements/base.in index f9e76c69e..90b906baf 100644 --- a/requirements/base.in +++ b/requirements/base.in @@ -21,6 +21,7 @@ django-extensions django-filter django-ratelimit django-rest-swagger +django-oauth-toolkit django-simple-history django-sortedm2m django-statici18n diff --git a/requirements/base.txt b/requirements/base.txt index d8f8ae26c..829ac212c 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -12,7 +12,6 @@ attrs==22.2.0 # via edx-ace backoff==1.10.0 # via analytics-python -bleach==6.0.0 bleach==6.0.0 # via -r requirements/base.in certifi==2022.12.7 @@ -21,8 +20,7 @@ cffi==1.15.1 # via # cryptography # pynacl -charset-normalizer==3.0.1 -charset-normalizer==3.0.1 +charset-normalizer==3.1.0 # via requests click==8.1.3 # via @@ -40,15 +38,18 @@ coreschema==0.0.4 # via # coreapi # drf-yasg -cryptography==39.0.1 +cryptography==39.0.2 # via + # jwcrypto # pyjwt # social-auth-core defusedxml==0.7.1 # via # python3-openid # social-auth-core -didkit==0.3.1 +deprecated==1.2.13 + # via jwcrypto +didkit==0.3.2 # via -r requirements/base.in django==3.2.18 # via @@ -62,6 +63,7 @@ django==3.2.18 # django-extensions # django-filter # django-hijack + # django-oauth-toolkit # django-statici18n # django-storages # djangorestframework @@ -95,6 +97,8 @@ django-hijack==2.3.0 # via # -c requirements/constraints.txt # -r requirements/base.in +django-oauth-toolkit==2.2.0 + # via -r requirements/base.in django-ratelimit==3.0.1 # via # -c requirements/constraints.txt @@ -117,7 +121,6 @@ django-waffle==3.0.0 # edx-django-utils # edx-drf-extensions # edx-toggles -django-webpack-loader==1.8.1 django-webpack-loader==1.8.1 # via -r requirements/base.in djangorestframework==3.14.0 @@ -149,7 +152,6 @@ edx-django-utils==5.2.0 # edx-drf-extensions # edx-rest-api-client # edx-toggles -edx-drf-extensions==8.4.1 edx-drf-extensions==8.4.1 # via -r requirements/base.in edx-i18n-tools==0.9.2 @@ -162,7 +164,6 @@ edx-rest-api-client==5.5.0 # via -r requirements/base.in edx-toggles==5.0.0 # via -r requirements/base.in -future==0.18.3 future==0.18.3 # via pyjwkest idna==3.4 @@ -177,9 +178,10 @@ jinja2==3.1.2 # via # code-annotations # coreschema +jwcrypto==1.4.2 + # via django-oauth-toolkit markdown==3.4.1 # via -r requirements/base.in -markupsafe==2.1.2 markupsafe==2.1.2 # via jinja2 monotonic==1.6 @@ -192,16 +194,15 @@ newrelic==8.7.0 # edx-django-utils oauthlib==3.2.2 # via + # django-oauth-toolkit # requests-oauthlib # social-auth-core openapi-codec==1.3.2 # via django-rest-swagger -packaging==23.0 packaging==23.0 # via drf-yasg path==16.6.0 # via edx-i18n-tools -pbr==5.11.1 pbr==5.11.1 # via stevedore pillow==9.4.0 @@ -212,7 +213,6 @@ psutil==5.9.4 # via edx-django-utils pycparser==2.21 # via cffi -pycryptodomex==3.17 pycryptodomex==3.17 # via pyjwkest pygments==2.14.0 @@ -243,7 +243,6 @@ python-slugify==8.0.1 # via code-annotations python3-openid==3.2.0 # via social-auth-core -pytz==2022.7.1 pytz==2022.7.1 # via # -r requirements/base.in @@ -263,6 +262,7 @@ requests==2.28.2 # -r requirements/base.in # analytics-python # coreapi + # django-oauth-toolkit # edx-drf-extensions # edx-rest-api-client # pyjwkest @@ -280,8 +280,7 @@ sailthru-client==2.2.3 # via edx-ace semantic-version==2.10.0 # via edx-drf-extensions -simplejson==3.18.3 -simplejson==3.18.3 +simplejson==3.18.4 # via # django-rest-swagger # sailthru-client @@ -298,11 +297,11 @@ six==1.16.0 # python-memcached slumber==0.7.1 # via edx-rest-api-client -social-auth-app-django==5.0.0 +social-auth-app-django==5.1.0 # via # -r requirements/base.in # edx-auth-backends -social-auth-core==4.3.0 +social-auth-core==4.4.0 # via # edx-auth-backends # social-auth-app-django @@ -322,11 +321,12 @@ uritemplate==4.1.1 # via # coreapi # drf-yasg -urllib3==1.26.14 -urllib3==1.26.14 +urllib3==1.26.15 # via requests webencodings==0.5.1 # via bleach +wrapt==1.15.0 + # via deprecated xss-utils==0.4.0 # via -r requirements/base.in zipp==3.15.0 diff --git a/requirements/common_constraints.txt b/requirements/common_constraints.txt index 8375a3848..42caed3c9 100644 --- a/requirements/common_constraints.txt +++ b/requirements/common_constraints.txt @@ -28,6 +28,11 @@ # See BOM-2721 for more details. # Below is the copied and edited version of common_constraints +# This is a temporary solution to override the real common_constraints.txt +# In edx-lint, until the pyjwt constraint in edx-lint has been removed. +# See BOM-2721 for more details. +# Below is the copied and edited version of common_constraints + # A central location for most common version constraints # (across edx repos) for pip-installation. # diff --git a/requirements/dev.txt b/requirements/dev.txt index 3114df2f4..3cc2f35a9 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -10,7 +10,7 @@ asgiref==3.6.0 # via # -r requirements/test.txt # django -astroid==2.14.2 +astroid==2.15.0 # via # -r requirements/test.txt # pylint @@ -27,10 +27,8 @@ backoff==1.10.0 # analytics-python bcrypt==4.0.1 # via paramiko -black==23.1.0 black==23.1.0 # via -r requirements/test.txt -bleach==6.0.0 bleach==6.0.0 # via -r requirements/test.txt bok-choy==1.1.1 @@ -44,8 +42,7 @@ cffi==1.15.1 # -r requirements/test.txt # cryptography # pynacl -charset-normalizer==3.0.1 -charset-normalizer==3.0.1 +charset-normalizer==3.1.0 # via # -r requirements/test.txt # requests @@ -79,9 +76,10 @@ coreschema==0.0.4 # drf-yasg coverage==7.2.1 # via -r requirements/test.txt -cryptography==39.0.1 +cryptography==39.0.2 # via # -r requirements/test.txt + # jwcrypto # paramiko # pyjwt # social-auth-core @@ -92,7 +90,11 @@ defusedxml==0.7.1 # -r requirements/test.txt # python3-openid # social-auth-core -didkit==0.3.1 +deprecated==1.2.13 + # via + # -r requirements/test.txt + # jwcrypto +didkit==0.3.2 # via -r requirements/test.txt dill==0.3.6 # via @@ -117,6 +119,7 @@ django==3.2.18 # django-extensions # django-filter # django-hijack + # django-oauth-toolkit # django-statici18n # django-storages # djangorestframework @@ -155,6 +158,8 @@ django-hijack==2.3.0 # via # -c requirements/constraints.txt # -r requirements/test.txt +django-oauth-toolkit==2.2.0 + # via -r requirements/test.txt django-ratelimit==3.0.1 # via # -c requirements/constraints.txt @@ -177,7 +182,6 @@ django-waffle==3.0.0 # edx-django-utils # edx-drf-extensions # edx-toggles -django-webpack-loader==1.8.1 django-webpack-loader==1.8.1 # via -r requirements/test.txt djangorestframework==3.14.0 @@ -219,7 +223,6 @@ edx-django-utils==5.2.0 # edx-drf-extensions # edx-rest-api-client # edx-toggles -edx-drf-extensions==8.4.1 edx-drf-extensions==8.4.1 # via -r requirements/test.txt edx-i18n-tools==0.9.2 @@ -227,7 +230,7 @@ edx-i18n-tools==0.9.2 # -r requirements/dev.in # -r requirements/test.txt # edx-credentials-themes -edx-lint==5.3.2 +edx-lint==5.3.4 # via -r requirements/test.txt edx-opaque-keys==2.3.0 # via @@ -237,22 +240,21 @@ edx-rest-api-client==5.5.0 # via -r requirements/test.txt edx-toggles==5.0.0 # via -r requirements/test.txt -exceptiongroup==1.1.0 +exceptiongroup==1.1.1 # via # -r requirements/test.txt # pytest factory-boy==3.2.1 # via -r requirements/test.txt -faker==17.3.0 +faker==17.6.0 # via # -r requirements/test.txt # factory-boy -filelock==3.9.0 +filelock==3.10.0 # via # -r requirements/test.txt # tox # virtualenv -future==0.18.3 future==0.18.3 # via # -r requirements/test.txt @@ -271,12 +273,10 @@ inflection==0.5.1 # via # -r requirements/test.txt # drf-yasg -iniconfig==2.0.0 iniconfig==2.0.0 # via # -r requirements/test.txt # pytest -isort==5.12.0 isort==5.12.0 # via # -r requirements/test.txt @@ -292,6 +292,10 @@ jinja2==3.1.2 # coreschema jsonschema==3.2.0 # via docker-compose +jwcrypto==1.4.2 + # via + # -r requirements/test.txt + # django-oauth-toolkit lazy==1.5 # via # -r requirements/test.txt @@ -302,7 +306,6 @@ lazy-object-proxy==1.9.0 # astroid markdown==3.4.1 # via -r requirements/test.txt -markupsafe==2.1.2 markupsafe==2.1.2 # via # -r requirements/test.txt @@ -315,7 +318,6 @@ monotonic==1.6 # via # -r requirements/test.txt # analytics-python -mypy-extensions==1.0.0 mypy-extensions==1.0.0 # via # -r requirements/test.txt @@ -329,42 +331,38 @@ newrelic==8.7.0 oauthlib==3.2.2 # via # -r requirements/test.txt + # django-oauth-toolkit # requests-oauthlib # social-auth-core openapi-codec==1.3.2 # via # -r requirements/test.txt # django-rest-swagger -packaging==23.0 packaging==23.0 # via # -r requirements/test.txt # black - # black # docker # drf-yasg # pytest # tox -paramiko==3.0.0 -paramiko==3.0.0 +paramiko==3.1.0 # via docker path==16.6.0 # via # -r requirements/test.txt # edx-i18n-tools -pathspec==0.11.0 -pathspec==0.11.0 +pathspec==0.11.1 # via # -r requirements/test.txt # black -pbr==5.11.1 pbr==5.11.1 # via # -r requirements/test.txt # stevedore pillow==9.4.0 # via -r requirements/test.txt -platformdirs==3.0.0 +platformdirs==3.1.1 # via # -r requirements/test.txt # black @@ -391,7 +389,6 @@ pycparser==2.21 # via # -r requirements/test.txt # cffi -pycryptodomex==3.17 pycryptodomex==3.17 # via # -r requirements/test.txt @@ -410,7 +407,7 @@ pyjwt[crypto]==2.6.0 # edx-drf-extensions # edx-rest-api-client # social-auth-core -pylint==2.16.2 +pylint==2.17.0 # via # -r requirements/test.txt # edx-lint @@ -445,8 +442,7 @@ pypng==0.20220715.0 # qrcode pyrsistent==0.19.3 # via jsonschema -pytest==7.2.1 -pytest==7.2.1 +pytest==7.2.2 # via # -r requirements/test.txt # pytest-django @@ -459,7 +455,6 @@ python-dateutil==2.8.2 # edx-ace # edx-drf-extensions # faker -python-dotenv==0.21.1 python-dotenv==0.21.1 # via docker-compose python-memcached==1.59 @@ -472,7 +467,6 @@ python3-openid==3.2.0 # via # -r requirements/test.txt # social-auth-core -pytz==2022.7.1 pytz==2022.7.1 # via # -r requirements/test.txt @@ -489,6 +483,7 @@ pyyaml==5.4.1 # docker-compose # edx-django-release-util # edx-i18n-tools + # responses qrcode==7.4.2 # via -r requirements/test.txt requests==2.28.2 @@ -496,6 +491,7 @@ requests==2.28.2 # -r requirements/test.txt # analytics-python # coreapi + # django-oauth-toolkit # docker # docker-compose # edx-drf-extensions @@ -510,7 +506,7 @@ requests-oauthlib==1.3.1 # via # -r requirements/test.txt # social-auth-core -responses==0.22.0 +responses==0.23.1 # via -r requirements/test.txt ruamel-yaml==0.17.21 # via @@ -532,8 +528,7 @@ semantic-version==2.10.0 # via # -r requirements/test.txt # edx-drf-extensions -simplejson==3.18.3 -simplejson==3.18.3 +simplejson==3.18.4 # via # -r requirements/test.txt # django-rest-swagger @@ -560,11 +555,11 @@ slumber==0.7.1 # via # -r requirements/test.txt # edx-rest-api-client -social-auth-app-django==5.0.0 +social-auth-app-django==5.1.0 # via # -r requirements/test.txt # edx-auth-backends -social-auth-core==4.3.0 +social-auth-core==4.4.0 # via # -r requirements/test.txt # edx-auth-backends @@ -589,10 +584,6 @@ text-unidecode==1.3 # python-slugify texttable==1.6.7 # via docker-compose -toml==0.10.2 - # via - # -r requirements/test.txt - # responses tomli==2.0.1 # via # -r requirements/test.txt @@ -608,7 +599,7 @@ tox==3.28.0 # via # -c requirements/common_constraints.txt # -r requirements/test.txt -types-toml==0.10.8.5 +types-pyyaml==6.0.12.8 # via # -r requirements/test.txt # responses @@ -624,15 +615,14 @@ uritemplate==4.1.1 # -r requirements/test.txt # coreapi # drf-yasg -urllib3==1.26.14 -urllib3==1.26.14 +urllib3==1.26.15 # via # -r requirements/test.txt # docker # requests # responses # selenium -virtualenv==20.19.0 +virtualenv==20.21.0 # via # -r requirements/test.txt # tox @@ -648,6 +638,7 @@ wrapt==1.15.0 # via # -r requirements/test.txt # astroid + # deprecated xss-utils==0.4.0 # via -r requirements/test.txt zipp==3.15.0 diff --git a/requirements/docs.txt b/requirements/docs.txt index f6cbeb4b6..f9fdfef46 100644 --- a/requirements/docs.txt +++ b/requirements/docs.txt @@ -6,11 +6,11 @@ # alabaster==0.7.13 # via sphinx -babel==2.11.0 +babel==2.12.1 # via sphinx certifi==2022.12.7 # via requests -charset-normalizer==3.0.1 +charset-normalizer==3.1.0 # via requests docutils==0.19 # via sphinx @@ -60,7 +60,7 @@ sphinxcontrib-qthelp==1.0.3 # via sphinx sphinxcontrib-serializinghtml==1.1.5 # via sphinx -urllib3==1.26.14 +urllib3==1.26.15 # via requests zipp==3.15.0 # via importlib-metadata diff --git a/requirements/pip.txt b/requirements/pip.txt index e02b49aff..45fb600be 100644 --- a/requirements/pip.txt +++ b/requirements/pip.txt @@ -4,13 +4,11 @@ # # make upgrade # -wheel==0.38.4 +wheel==0.40.0 # via -r requirements/pip.in # The following packages are considered to be unsafe in a requirements file: pip==23.0.1 # via -r requirements/pip.in -setuptools==59.8.0 - # via - # -c requirements/common_constraints.txt - # -r requirements/pip.in +setuptools==67.6.0 + # via -r requirements/pip.in diff --git a/requirements/pip_tools.txt b/requirements/pip_tools.txt index 97ec2157e..1570d1d5a 100644 --- a/requirements/pip_tools.txt +++ b/requirements/pip_tools.txt @@ -10,13 +10,13 @@ click==8.1.3 # via pip-tools packaging==23.0 # via build -pip-tools==6.12.2 +pip-tools==6.12.3 # via -r requirements/pip_tools.in pyproject-hooks==1.0.0 # via build tomli==2.0.1 # via build -wheel==0.38.4 +wheel==0.40.0 # via pip-tools # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/production.txt b/requirements/production.txt index f53e3ca02..8a11bae20 100644 --- a/requirements/production.txt +++ b/requirements/production.txt @@ -18,12 +18,11 @@ backoff==1.10.0 # via # -r requirements/base.txt # analytics-python -bleach==6.0.0 bleach==6.0.0 # via -r requirements/base.txt -boto3==1.26.79 +boto3==1.26.92 # via django-ses -botocore==1.29.79 +botocore==1.29.92 # via # boto3 # s3transfer @@ -36,8 +35,7 @@ cffi==1.15.1 # -r requirements/base.txt # cryptography # pynacl -charset-normalizer==3.0.1 -charset-normalizer==3.0.1 +charset-normalizer==3.1.0 # via # -r requirements/base.txt # requests @@ -61,9 +59,10 @@ coreschema==0.0.4 # -r requirements/base.txt # coreapi # drf-yasg -cryptography==39.0.1 +cryptography==39.0.2 # via # -r requirements/base.txt + # jwcrypto # pyjwt # social-auth-core defusedxml==0.7.1 @@ -71,7 +70,11 @@ defusedxml==0.7.1 # -r requirements/base.txt # python3-openid # social-auth-core -didkit==0.3.1 +deprecated==1.2.13 + # via + # -r requirements/base.txt + # jwcrypto +didkit==0.3.2 # via -r requirements/base.txt django==3.2.18 # via @@ -85,6 +88,7 @@ django==3.2.18 # django-extensions # django-filter # django-hijack + # django-oauth-toolkit # django-ses # django-statici18n # django-storages @@ -122,6 +126,8 @@ django-hijack==2.3.0 # via # -c requirements/constraints.txt # -r requirements/base.txt +django-oauth-toolkit==2.2.0 + # via -r requirements/base.txt django-ratelimit==3.0.1 # via # -c requirements/constraints.txt @@ -146,7 +152,6 @@ django-waffle==3.0.0 # edx-django-utils # edx-drf-extensions # edx-toggles -django-webpack-loader==1.8.1 django-webpack-loader==1.8.1 # via -r requirements/base.txt djangorestframework==3.14.0 @@ -180,7 +185,6 @@ edx-django-utils==5.2.0 # edx-drf-extensions # edx-rest-api-client # edx-toggles -edx-drf-extensions==8.4.1 edx-drf-extensions==8.4.1 # via -r requirements/base.txt edx-i18n-tools==0.9.2 @@ -195,14 +199,12 @@ edx-rest-api-client==5.5.0 # via -r requirements/base.txt edx-toggles==5.0.0 # via -r requirements/base.txt -future==0.18.3 future==0.18.3 # via # -r requirements/base.txt # pyjwkest gevent==22.10.2 # via -r requirements/production.in -greenlet==2.0.2 greenlet==2.0.2 # via gevent gunicorn==20.1.0 @@ -232,9 +234,12 @@ jmespath==1.0.1 # via # boto3 # botocore +jwcrypto==1.4.2 + # via + # -r requirements/base.txt + # django-oauth-toolkit markdown==3.4.1 # via -r requirements/base.txt -markupsafe==2.1.2 markupsafe==2.1.2 # via # -r requirements/base.txt @@ -255,13 +260,13 @@ nodeenv==1.7.0 oauthlib==3.2.2 # via # -r requirements/base.txt + # django-oauth-toolkit # requests-oauthlib # social-auth-core openapi-codec==1.3.2 # via # -r requirements/base.txt # django-rest-swagger -packaging==23.0 packaging==23.0 # via # -r requirements/base.txt @@ -270,7 +275,6 @@ path==16.6.0 # via # -r requirements/base.txt # edx-i18n-tools -pbr==5.11.1 pbr==5.11.1 # via # -r requirements/base.txt @@ -289,7 +293,6 @@ pycparser==2.21 # via # -r requirements/base.txt # cffi -pycryptodomex==3.17 pycryptodomex==3.17 # via # -r requirements/base.txt @@ -337,7 +340,6 @@ python3-openid==3.2.0 # via # -r requirements/base.txt # social-auth-core -pytz==2022.7.1 pytz==2022.7.1 # via # -r requirements/base.txt @@ -360,6 +362,7 @@ requests==2.28.2 # -r requirements/base.txt # analytics-python # coreapi + # django-oauth-toolkit # edx-drf-extensions # edx-rest-api-client # pyjwkest @@ -389,8 +392,7 @@ semantic-version==2.10.0 # via # -r requirements/base.txt # edx-drf-extensions -simplejson==3.18.3 -simplejson==3.18.3 +simplejson==3.18.4 # via # -r requirements/base.txt # django-rest-swagger @@ -411,11 +413,11 @@ slumber==0.7.1 # via # -r requirements/base.txt # edx-rest-api-client -social-auth-app-django==5.0.0 +social-auth-app-django==5.1.0 # via # -r requirements/base.txt # edx-auth-backends -social-auth-core==4.3.0 +social-auth-core==4.4.0 # via # -r requirements/base.txt # edx-auth-backends @@ -444,8 +446,7 @@ uritemplate==4.1.1 # -r requirements/base.txt # coreapi # drf-yasg -urllib3==1.26.14 -urllib3==1.26.14 +urllib3==1.26.15 # via # -r requirements/base.txt # botocore @@ -454,6 +455,10 @@ webencodings==0.5.1 # via # -r requirements/base.txt # bleach +wrapt==1.15.0 + # via + # -r requirements/base.txt + # deprecated xss-utils==0.4.0 # via -r requirements/base.txt zipp==3.15.0 diff --git a/requirements/test.txt b/requirements/test.txt index a8d5329bb..8086f1d7c 100644 --- a/requirements/test.txt +++ b/requirements/test.txt @@ -10,7 +10,7 @@ asgiref==3.6.0 # via # -r requirements/base.txt # django -astroid==2.14.2 +astroid==2.15.0 # via # pylint # pylint-celery @@ -23,10 +23,8 @@ backoff==1.10.0 # via # -r requirements/base.txt # analytics-python -black==23.1.0 black==23.1.0 # via -r requirements/test.in -bleach==6.0.0 bleach==6.0.0 # via -r requirements/base.txt bok-choy==1.1.1 @@ -40,8 +38,7 @@ cffi==1.15.1 # -r requirements/base.txt # cryptography # pynacl -charset-normalizer==3.0.1 -charset-normalizer==3.0.1 +charset-normalizer==3.1.0 # via # -r requirements/base.txt # requests @@ -74,9 +71,10 @@ coreschema==0.0.4 # drf-yasg coverage==7.2.1 # via -r requirements/test.in -cryptography==39.0.1 +cryptography==39.0.2 # via # -r requirements/base.txt + # jwcrypto # pyjwt # social-auth-core ddt==1.6.0 @@ -86,7 +84,11 @@ defusedxml==0.7.1 # -r requirements/base.txt # python3-openid # social-auth-core -didkit==0.3.1 +deprecated==1.2.13 + # via + # -r requirements/base.txt + # jwcrypto +didkit==0.3.2 # via -r requirements/base.txt dill==0.3.6 # via pylint @@ -103,6 +105,7 @@ distlib==0.3.6 # django-extensions # django-filter # django-hijack + # django-oauth-toolkit # django-statici18n # django-storages # djangorestframework @@ -139,6 +142,8 @@ django-hijack==2.3.0 # via # -c requirements/constraints.txt # -r requirements/base.txt +django-oauth-toolkit==2.2.0 + # via -r requirements/base.txt django-ratelimit==3.0.1 # via # -c requirements/constraints.txt @@ -161,7 +166,6 @@ django-waffle==3.0.0 # edx-django-utils # edx-drf-extensions # edx-toggles -django-webpack-loader==1.8.1 django-webpack-loader==1.8.1 # via -r requirements/base.txt djangorestframework==3.14.0 @@ -195,14 +199,13 @@ edx-django-utils==5.2.0 # edx-drf-extensions # edx-rest-api-client # edx-toggles -edx-drf-extensions==8.4.1 edx-drf-extensions==8.4.1 # via -r requirements/base.txt edx-i18n-tools==0.9.2 # via # -r requirements/base.txt # edx-credentials-themes -edx-lint==5.3.2 +edx-lint==5.3.4 # via -r requirements/test.in edx-opaque-keys==2.3.0 # via @@ -212,17 +215,16 @@ edx-rest-api-client==5.5.0 # via -r requirements/base.txt edx-toggles==5.0.0 # via -r requirements/base.txt -exceptiongroup==1.1.0 +exceptiongroup==1.1.1 # via pytest factory-boy==3.2.1 # via -r requirements/test.in -faker==17.3.0 +faker==17.6.0 # via factory-boy -filelock==3.9.0 +filelock==3.10.0 # via # tox # virtualenv -future==0.18.3 future==0.18.3 # via # -r requirements/base.txt @@ -241,10 +243,8 @@ inflection==0.5.1 # via # -r requirements/base.txt # drf-yasg -iniconfig==2.0.0 iniconfig==2.0.0 # via pytest -isort==5.12.0 isort==5.12.0 # via # -r requirements/test.in @@ -258,13 +258,16 @@ jinja2==3.1.2 # -r requirements/base.txt # code-annotations # coreschema +jwcrypto==1.4.2 + # via + # -r requirements/base.txt + # django-oauth-toolkit lazy==1.5 # via bok-choy lazy-object-proxy==1.9.0 # via astroid markdown==3.4.1 # via -r requirements/base.txt -markupsafe==2.1.2 markupsafe==2.1.2 # via # -r requirements/base.txt @@ -275,7 +278,6 @@ monotonic==1.6 # via # -r requirements/base.txt # analytics-python -mypy-extensions==1.0.0 mypy-extensions==1.0.0 # via black mysqlclient==2.1.1 @@ -287,18 +289,17 @@ newrelic==8.7.0 oauthlib==3.2.2 # via # -r requirements/base.txt + # django-oauth-toolkit # requests-oauthlib # social-auth-core openapi-codec==1.3.2 # via # -r requirements/base.txt # django-rest-swagger -packaging==23.0 packaging==23.0 # via # -r requirements/base.txt # black - # black # drf-yasg # pytest # tox @@ -306,17 +307,15 @@ path==16.6.0 # via # -r requirements/base.txt # edx-i18n-tools -pathspec==0.11.0 -pathspec==0.11.0 +pathspec==0.11.1 # via black -pbr==5.11.1 pbr==5.11.1 # via # -r requirements/base.txt # stevedore pillow==9.4.0 # via -r requirements/base.txt -platformdirs==3.0.0 +platformdirs==3.1.1 # via # black # pylint @@ -339,7 +338,6 @@ pycparser==2.21 # via # -r requirements/base.txt # cffi -pycryptodomex==3.17 pycryptodomex==3.17 # via # -r requirements/base.txt @@ -358,7 +356,7 @@ pyjwt[crypto]==2.6.0 # edx-drf-extensions # edx-rest-api-client # social-auth-core -pylint==2.16.2 +pylint==2.17.0 # via # edx-lint # pylint-celery @@ -384,7 +382,7 @@ pypng==0.20220715.0 # via # -r requirements/base.txt # qrcode -pytest==7.2.1 +pytest==7.2.2 # via # -r requirements/test.in # pytest-django @@ -407,7 +405,6 @@ python3-openid==3.2.0 # via # -r requirements/base.txt # social-auth-core -pytz==2022.7.1 pytz==2022.7.1 # via # -r requirements/base.txt @@ -421,6 +418,7 @@ pyyaml==5.4.1 # code-annotations # edx-django-release-util # edx-i18n-tools + # responses qrcode==7.4.2 # via -r requirements/base.txt requests==2.28.2 @@ -428,6 +426,7 @@ requests==2.28.2 # -r requirements/base.txt # analytics-python # coreapi + # django-oauth-toolkit # edx-drf-extensions # edx-rest-api-client # pyjwkest @@ -440,7 +439,7 @@ requests-oauthlib==1.3.1 # via # -r requirements/base.txt # social-auth-core -responses==0.22.0 +responses==0.23.1 # via -r requirements/test.in ruamel-yaml==0.17.21 # via @@ -460,8 +459,7 @@ semantic-version==2.10.0 # via # -r requirements/base.txt # edx-drf-extensions -simplejson==3.18.3 -simplejson==3.18.3 +simplejson==3.18.4 # via # -r requirements/base.txt # django-rest-swagger @@ -485,11 +483,11 @@ slumber==0.7.1 # via # -r requirements/base.txt # edx-rest-api-client -social-auth-app-django==5.0.0 +social-auth-app-django==5.1.0 # via # -r requirements/base.txt # edx-auth-backends -social-auth-core==4.3.0 +social-auth-core==4.4.0 # via # -r requirements/base.txt # edx-auth-backends @@ -511,8 +509,6 @@ text-unidecode==1.3 # via # -r requirements/base.txt # python-slugify -toml==0.10.2 - # via responses tomli==2.0.1 # via # black @@ -525,7 +521,7 @@ tox==3.28.0 # via # -c requirements/common_constraints.txt # -r requirements/test.in -types-toml==0.10.8.5 +types-pyyaml==6.0.12.8 # via responses typing-extensions==4.5.0 # via @@ -539,21 +535,23 @@ uritemplate==4.1.1 # -r requirements/base.txt # coreapi # drf-yasg -urllib3==1.26.14 -urllib3==1.26.14 +urllib3==1.26.15 # via # -r requirements/base.txt # requests # responses # selenium -virtualenv==20.19.0 +virtualenv==20.21.0 # via tox webencodings==0.5.1 # via # -r requirements/base.txt # bleach wrapt==1.15.0 - # via astroid + # via + # -r requirements/base.txt + # astroid + # deprecated xss-utils==0.4.0 # via -r requirements/base.txt zipp==3.15.0