Use Python 3.7 compatible dependencies and flask-session fix

stripe-archive · Feb 5, 2020 · c23cd8e · c23cd8e
1 parent 39823f3
commit c23cd8e
Show file tree

Hide file tree

Showing 6 changed files with 19 additions and 11 deletions.
diff --git a/confidant/app.py b/confidant/app.py
@@ -24,7 +24,7 @@
 
 if app.config.get('REDIS_URL'):
     import redis
-    from flask.ext.session import Session
+    from flask_session import Session
     app.config['SESSION_REDIS'] = redis.Redis.from_url(
         app.config['REDIS_URL']
     )

diff --git a/confidant/public/modules/resources/controllers/CredentialDetailsCtrl.js b/confidant/public/modules/resources/controllers/CredentialDetailsCtrl.js
@@ -79,9 +79,9 @@
                 $scope.shown = true;
             }
 
-	    $scope.groups = function(usergroups) {
-		return [""].concat(usergroups);
-	    }
+            $scope.groups = function(usergroups) {
+                return [""].concat(usergroups);
+            }
 
             $scope.showValue = function(credentialPair) {
                 if (credentialPair.shown) {

diff --git a/confidant/routes/v1.py b/confidant/routes/v1.py
@@ -669,6 +669,10 @@ def _pair_key_conflicts_for_services(_id, credential_keys, services):
     return conflicts
 
 
+def _lowercase_credential_pairs(credential_pairs):
+    return {i.lower(): j for i, j in credential_pairs.items()}
+
+
 @app.route('/v1/credentials', methods=['POST'])
 @authnz.require_auth
 @authnz.require_csrf_token
@@ -688,7 +692,8 @@ def create_credential():
     if app.config.get('USE_GROUPS'):
         if data.get('group') and not authnz.user_is_member(data.get('group')):
             return jsonify({'error': 'Must be a member of the destination group'}), 400
-    credential_pairs = data['credential_pairs']
+    # Ensure credential pair keys are lowercase
+    credential_pairs = _lowercase_credential_pairs(data['credential_pairs'])
     _check, ret = _check_credential_pair_values(credential_pairs)
     if not _check:
         return jsonify(ret), 400
@@ -789,7 +794,10 @@ def update_credential(id):
         return jsonify({'error': 'metadata must be a dict'}), 400
     services = _get_services_for_credential(id)
     if 'credential_pairs' in data:
-        credential_pairs = data['credential_pairs']
+        # Ensure credential pair keys are lowercase
+        credential_pairs = _lowercase_credential_pairs(
+            data['credential_pairs']
+        )
         _check, ret = _check_credential_pair_values(credential_pairs)
         if not _check:
             return jsonify(ret), 400

diff --git a/requirements.in b/requirements.in
@@ -48,7 +48,7 @@ cffi>1.10.0
 # License: BSD
 # Upstream url: https://github.com/fengsp/flask-session
 # Use: For shared sessions
-Flask-Session==0.2.1
+Flask-Session==0.2.3
 
 # Redis
 # License: MIT

diff --git a/requirements.txt b/requirements.txt
@@ -18,7 +18,7 @@ entrypoints==0.3          # via flake8
 enum34==1.1.6
 flake8==3.7.8
 flask-script==2.0.5
-flask-session==0.2.1
+flask-session==0.2.3
 flask-sslify==0.1.5
 flask==1.1.1
 funcsigs==1.0.2           # via mock

diff --git a/requirements3.txt b/requirements3.txt
@@ -16,11 +16,11 @@ docutils==0.15.2          # via botocore
 entrypoints==0.3          # via flake8
 flake8==3.7.8
 flask-script==2.0.5
-flask-session==0.2.1
+flask-session==0.2.3
 flask-sslify==0.1.5
 flask==1.1.1
-gevent==1.2.1
-greenlet==0.4.12
+gevent==1.4.0             # force this version for py3.7
+greenlet==0.4.15          # force this version for py3.7
 guard==1.0.1
 gunicorn==19.9.0
 idna==2.8                 # via requests