From db461112c70d5f2bf93c7a6ac27eeb665c232dd0 Mon Sep 17 00:00:00 2001
From: David Lord <davidism@gmail.com>
Date: Sun, 7 Apr 2024 11:30:30 -0700
Subject: [PATCH] access sha1 lazily

---
 CHANGES.rst           |  4 ++++
 src/flask/sessions.py | 10 +++++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/CHANGES.rst b/CHANGES.rst
index 3c04b2f4a2..0908a02d24 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -3,6 +3,10 @@ Version 3.0.3
 
 Unreleased
 
+-   The default ``hashlib.sha1`` may not be available in FIPS builds. Don't
+    access it at import time so the developer has time to change the default.
+    :issue:`5448`
+
 
 Version 3.0.2
 -------------
diff --git a/src/flask/sessions.py b/src/flask/sessions.py
index bb753eb814..ee19ad6387 100644
--- a/src/flask/sessions.py
+++ b/src/flask/sessions.py
@@ -277,6 +277,14 @@ def save_session(
 session_json_serializer = TaggedJSONSerializer()
 
 
+def _lazy_sha1(string: bytes = b"") -> t.Any:
+    """Don't access ``hashlib.sha1`` until runtime. FIPS builds may not include
+    SHA-1, in which case the import and use as a default would fail before the
+    developer can configure something else.
+    """
+    return hashlib.sha1(string)
+
+
 class SecureCookieSessionInterface(SessionInterface):
     """The default session interface that stores sessions in signed cookies
     through the :mod:`itsdangerous` module.
@@ -286,7 +294,7 @@ class SecureCookieSessionInterface(SessionInterface):
     #: signing of cookie based sessions.
     salt = "cookie-session"
     #: the hash function to use for the signature.  The default is sha1
-    digest_method = staticmethod(hashlib.sha1)
+    digest_method = staticmethod(_lazy_sha1)
     #: the name of the itsdangerous supported key derivation.  The default
     #: is hmac.
     key_derivation = "hmac"