Merge pull request #16 from lalithkota/15.0-develop

Moved vci modules to vci repo. Auth_oauth: temporarily switching to auth_oauth dependency, till replacement found.
OpenG2P · Mar 26, 2024 · bcdda9c · bcdda9c
2 parents 120466b + 7dd83aa
commit bcdda9c
Show file tree

Hide file tree

Showing 63 changed files with 129 additions and 2,962 deletions.
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
@@ -1,13 +1,17 @@
 name: pre-commit
 
-on: push
+on:
+  pull_request:
+  push:
 
 jobs:
   pre-commit:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - uses: actions/setup-python@v2
+        with:
+          python-version: "3.11"
       - name: Get python version
         run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV
       - uses: actions/cache@v1

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -4,19 +4,20 @@ on:
   pull_request:
     branches:
       - "15.0*"
+      - "17.0*"
   push:
     branches:
       - "15.0*"
-      - "15.0-ocabot-*"
+      - "17.0*"
 env:
   OCA_GIT_USER_NAME: openg2p
   OCA_GIT_USER_EMAIL: bot@openg2p.org
 jobs:
   unreleased-deps:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     name: Detect unreleased dependencies
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - run: |
           for reqfile in requirements.txt test-requirements.txt ; do
               if [ -f ${reqfile} ] ; then
@@ -29,32 +30,55 @@ jobs:
                   fi
               fi
           done
+  matrix_prep:
+    runs-on: ubuntu-22.04
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+    - id: set-matrix
+      run: |
+        BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')
+        if [[ $BRANCH_NAME = 15.0* ]] ; then
+          matrix='{"include": [{
+              "container": "ghcr.io/oca/oca-ci/py3.8-odoo15.0:latest",
+              "makepot": "true",
+              "name": "test with Odoo 15"
+            },{
+              "container": "ghcr.io/oca/oca-ci/py3.8-ocb15.0:latest",
+              "name": "test with OCB 15"
+            }]}'
+        elif [[ $BRANCH_NAME = 17.0* ]] ; then
+          matrix='{"include": [{
+              "container": "ghcr.io/oca/oca-ci/py3.10-odoo17.0:latest",
+              "makepot": "true",
+              "name": "test with Odoo 17"
+            },{
+              "container": "ghcr.io/oca/oca-ci/py3.10-ocb17.0:latest",
+              "name": "test with OCB 17"
+            }]}'
+        fi
+        echo "matrix<<EOF"$'\n'"$matrix"$'\n'EOF >> $GITHUB_OUTPUT
   test:
-    runs-on: ubuntu-latest
+    needs: matrix_prep
+    runs-on: ubuntu-22.04
     container: ${{ matrix.container }}
     name: ${{ matrix.name }}
     permissions:
       contents: write
     strategy:
       fail-fast: false
-      matrix:
-        include:
-          - container: ghcr.io/oca/oca-ci/py3.8-odoo15.0:latest
-            makepot: "true"
-            name: test with Odoo
-          - container: ghcr.io/oca/oca-ci/py3.8-ocb15.0:latest
-            name: test with OCB
+      matrix: ${{fromJson(needs.matrix_prep.outputs.matrix)}}
     services:
       postgres:
-        image: postgres:9.6
+        image: postgres:12.0
         env:
           POSTGRES_USER: odoo
           POSTGRES_PASSWORD: odoo
           POSTGRES_DB: odoo
         ports:
           - 5432:5432
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           persist-credentials: false
       - name: Install addons and dependencies
@@ -69,6 +93,7 @@ jobs:
         run: oca_init_test_database
       - name: Run tests
         run: oca_run_tests
+      - uses: codecov/codecov-action@v1
       - name: Update .pot files
         run: oca_export_and_push_pot https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}
         if: ${{ matrix.makepot == 'true' && github.event_name == 'push' && github.repository_owner == 'openg2p' }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -28,12 +28,21 @@ repos:
         language: fail
         files: "\\.rej$"
   - repo: https://github.com/oca/maintainer-tools
-    rev: dfba427ba03900b69e0a7f2c65890dc48921d36a
+    rev: 9a170331575a265c092ee6b24b845ec508e8ef75
     hooks:
       # update the NOT INSTALLABLE ADDONS section above
       - id: oca-update-pre-commit-excluded-addons
       - id: oca-fix-manifest-website
         args: ["https://openg2p.org"]
+      - id: oca-gen-addon-readme
+        args:
+          - --addons-dir=.
+          - --branch=15.0-develop
+          - --org-name=OpenG2P
+          - --repo-name=openg2p-auth
+          - --if-source-changed
+          - --keep-source-digest
+      - id: oca-gen-external-dependencies
   - repo: https://github.com/myint/autoflake
     rev: v1.4
     hooks:
@@ -49,6 +58,8 @@ repos:
     rev: 22.3.0
     hooks:
       - id: black
+        args:
+          - --line-length=110
   - repo: https://github.com/pre-commit/mirrors-prettier
     rev: v2.4.1
     hooks:
@@ -107,12 +118,6 @@ repos:
     rev: 3.0.3
     hooks:
       - id: setuptools-odoo-make-default
-      - id: setuptools-odoo-get-requirements
-        args:
-          - --output
-          - requirements.txt
-          - --header
-          - "# generated from manifests external_dependencies"
   - repo: https://github.com/PyCQA/flake8
     rev: 3.9.2
     hooks:

diff --git a/README.md b/README.md
@@ -21,9 +21,6 @@ Available addons
 addon | version | maintainers | summary
 --- | --- | --- | ---
 [g2p_auth_id_oidc](g2p_auth_id_oidc/) | 15.0.1.2.0 |  | G2P Auth: OIDC - Reg ID
-[g2p_openid_vci](g2p_openid_vci/) | 15.0.1.2.0 |  | G2P OpenID VCI: Base
-[g2p_openid_vci_programs](g2p_openid_vci_programs/) | 15.0.1.2.0 |  | G2P OpenID VCI: Program Beneficiaries
-[g2p_openid_vci_rest_api](g2p_openid_vci_rest_api/) | 15.0.1.2.0 |  | G2P OpenID VCI: Rest API
 [g2p_portal_auth](g2p_portal_auth/) | 15.0.1.2.0 |  | G2P Portal Auth
 
 [//]: # (end addons)

diff --git a/g2p_auth_id_oidc/__manifest__.py b/g2p_auth_id_oidc/__manifest__.py
@@ -8,10 +8,11 @@
     "website": "https://openg2p.org",
     "license": "Other OSI approved licence",
     "development_status": "Alpha",
-    "depends": ["g2p_registry_base"],
+    # TODO: Find a replacement for auth_oidc module.
+    # Temporarily using auth_oauth.
+    "depends": ["auth_oauth", "g2p_registry_base"],
     "data": [
-        # "views/g2p_auth_id_oidc_provider.xml",
-        # TODO: The 'auth_oidc' module was removed; a replacement is needed in the code
+        "views/g2p_auth_id_oidc_provider.xml",
     ],
     "assets": {
         "web.assets_backend": [],

diff --git a/g2p_auth_id_oidc/models/__init__.py b/g2p_auth_id_oidc/models/__init__.py
@@ -1,4 +1,2 @@
-# from . import g2p_auth_id_oidc_provider
-# from . import res_users
-
-# TODO: The 'auth_oidc' module was removed; a replacement is needed in the code
+from . import g2p_auth_id_oidc_provider
+from . import res_users
diff --git a/g2p_auth_id_oidc/models/g2p_auth_id_oidc_provider.py b/g2p_auth_id_oidc/models/g2p_auth_id_oidc_provider.py
@@ -5,16 +5,22 @@ class G2PAuthIDOidcProvider(models.Model):
     _inherit = "auth.oauth.provider"
 
     g2p_oidc_id_to_use = fields.Boolean("Use G2P Reg ID", default=False)
-    g2p_id_type = fields.Many2one(
-        "g2p.id.type", "G2P Registrant ID Type", required=False
-    )
+    g2p_id_type = fields.Many2one("g2p.id.type", "G2P Registrant ID Type", required=False)
     partner_creation_call_validate_url = fields.Boolean(
         help="Whether to call Validation Url for data during Partner Creation",
         default=False,
     )
     partner_creation_validate_response_mapping = fields.Char(
         help="Map Fields from Validation_url response while Partner Creation",
-        default="name:name email:email phone_number:phone_number birthdate:birthdate gender:gender address:address",
+        default=(
+            "name:name "
+            "email:email "
+            "phone_number:phone "
+            "birthdate:birthdate "
+            "gender:gender "
+            "address:address "
+            "picture:picture "
+        ),
     )
     partner_creation_date_format = fields.Char(
         help="Format of date to be used while Partner Creation",
@@ -35,6 +41,6 @@ def map_validation_response_partner_creation(self, req):
         res = {}
         if self.partner_creation_validate_response_mapping:
             for pair in self.partner_creation_validate_response_mapping.split(" "):
-                from_key, to_key = [k.strip() for k in pair.split(":", 1)]
+                from_key, to_key = (k.strip() for k in pair.split(":", 1))
                 res[to_key] = req.get(from_key, "")
         return res
diff --git a/g2p_auth_id_oidc/models/res_users.py b/g2p_auth_id_oidc/models/res_users.py
@@ -48,17 +48,11 @@ def _auth_oauth_signin(self, provider, validation, params):
                 return oauth_user.login
             except AccessDenied:
                 json.loads(params["state"])
-                partner = self.generate_partner_signup(
-                    oauth_provider, validation, params
-                )
-                new_user = self.generate_partner_user_signup(
-                    partner, oauth_provider, validation, params
-                )
+                partner = self.generate_partner_signup(oauth_provider, validation, params)
+                new_user = self.generate_partner_user_signup(partner, oauth_provider, validation, params)
                 return new_user.login
         else:
-            return super(ResUsers, self)._auth_oauth_signin(
-                provider, validation, params
-            )
+            return super()._auth_oauth_signin(provider, validation, params)
 
     def generate_partner_user_signup(self, partner, oauth_provider, validation, params):
         oauth_uid = validation["user_id"]
@@ -83,23 +77,15 @@ def generate_partner_user_signup(self, partner, oauth_provider, validation, para
 
     def generate_partner_signup(self, oauth_provider, validation, params):
         if oauth_provider.partner_creation_call_validate_url:
-            userinfo_dict = self._auth_oauth_rpc(
-                oauth_provider.validation_endpoint, params["access_token"]
-            )
-            update_dict = oauth_provider.map_validation_response_partner_creation(
-                userinfo_dict
-            )
+            userinfo_dict = self._auth_oauth_rpc(oauth_provider.validation_endpoint, params["access_token"])
+            update_dict = oauth_provider.map_validation_response_partner_creation(userinfo_dict)
             validation.update(update_dict)
             _logger.debug(
                 "Userinfo JWT payload after validation call. %s",
                 json.dumps(userinfo_dict),
             )
-            _logger.debug(
-                "Update dict after validation call. %s", json.dumps(update_dict)
-            )
-            _logger.debug(
-                "Validation Dict after validation call. %s", json.dumps(validation)
-            )
+            _logger.debug("Update dict after validation call. %s", json.dumps(update_dict))
+            _logger.debug("Validation Dict after validation call. %s", json.dumps(validation))
         try:
             g2p_reg_id = self.env["g2p.reg.id"].search(
                 [
@@ -123,7 +109,7 @@ def generate_partner_signup(self, oauth_provider, validation, params):
                 "addl_name": " ".join(name.split(" ")[1:-1]),
                 "email": validation.pop(
                     "email",
-                    "provider_%s_user_%s" % (oauth_provider.id, validation["user_id"]),
+                    f"provider_{oauth_provider.id}_user_{validation['user_id']}",
                 ),
                 "is_registrant": True,
                 "is_group": False,
@@ -138,20 +124,14 @@ def generate_partner_signup(self, oauth_provider, validation, params):
                 validation.pop("birthdate", None),
                 date_format=oauth_provider.partner_creation_date_format,
             )
-            partner_dict["reg_ids"] = self.process_ids(
-                oauth_provider.g2p_id_type, validation
-            )
-            phone_numbers, primary_phone = self.process_phones(
-                validation.pop("phone", "")
-            )
+            partner_dict["reg_ids"] = self.process_ids(oauth_provider.g2p_id_type, validation)
+            phone_numbers, primary_phone = self.process_phones(validation.pop("phone", ""))
             if primary_phone:
                 partner_dict["phone"] = primary_phone
             if phone_numbers:
                 partner_dict["phone_number_ids"] = phone_numbers
 
-            partner_dict["image_1920"] = self.process_picture(
-                validation.pop("picture", None)
-            )
+            partner_dict["image_1920"] = self.process_picture(validation.pop("picture", None))
 
             partner_dict.update(
                 self.process_other_fields(
@@ -164,20 +144,14 @@ def generate_partner_signup(self, oauth_provider, validation, params):
 
     def _auth_oauth_rpc(self, endpoint, access_token):
         # This is recreated to suit that application/jwt response type
-        if (
-            self.env["ir.config_parameter"]
-            .sudo()
-            .get_param("auth_oauth.authorization_header")
-        ):
+        if self.env["ir.config_parameter"].sudo().get_param("auth_oauth.authorization_header"):
             response = requests.get(
                 endpoint,
                 headers={"Authorization": "Bearer %s" % access_token},
                 timeout=10,
             )
         else:
-            response = requests.get(
-                endpoint, params={"access_token": access_token}, timeout=10
-            )
+            response = requests.get(endpoint, params={"access_token": access_token}, timeout=10)
 
         if response.ok:  # nb: could be a successful failure
             if response.headers.get("content-type"):
@@ -186,9 +160,7 @@ def _auth_oauth_rpc(self, endpoint, access_token):
                     return jwt.get_unverified_claims(response.text)
                 if "application/json" in response.headers["content-type"]:
                     return response.json()
-        auth_challenge = werkzeug.http.parse_www_authenticate_header(
-            response.headers.get("WWW-Authenticate")
-        )
+        auth_challenge = werkzeug.http.parse_www_authenticate_header(response.headers.get("WWW-Authenticate"))
         if auth_challenge.type == "bearer" and "error" in auth_challenge:
             return dict(auth_challenge)
 
@@ -223,9 +195,7 @@ def process_ids(self, id_type, validation_dict, expiry_date=None):
                     try:
                         id_type_id = int(id_type_id)
                     except Exception:
-                        _logger.exception(
-                            "Invalid Id type mapping. Has to end with `user_id<int>`"
-                        )
+                        _logger.exception("Invalid Id type mapping. Has to end with `user_id<int>`")
                         continue
                 reg_ids.append(
                     (
@@ -257,7 +227,7 @@ def process_phones(self, phone):
     def process_picture(self, picture):
         image_parsed = None
         if picture:
-            with urlopen(picture) as response:
+            with urlopen(picture, timeout=20) as response:
                 image_parsed = base64.b64encode(response.read())
         return image_parsed