diff --git a/Pipfile.lock b/Pipfile.lock index 0ce58d0c5..c40a0562a 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1417,11 +1417,11 @@ }, "astroid": { "hashes": [ - "sha256:3975a0bd5373bdce166e60c851cfcbaf21ee96de80ec518c1f4cb3e94c3fb334", - "sha256:ab7f36e8a78b8e54a62028ba6beef7561db4cdb6f2a5009ecc44a6f42b5697ef" + "sha256:b6c2d75cd7c2982d09e7d41d70213e863b3ba34d3bd4014e08f167cee966e99e", + "sha256:ecc50f9b3803ebf8ea19aa2c6df5622d8a5c31456a53c741d3be044d96ff0948" ], "markers": "python_version ~= '3.6'", - "version": "==2.6.6" + "version": "==2.7.2" }, "attrs": { "hashes": [ @@ -1579,7 +1579,7 @@ "sha256:9c2ea1e62d871267b78307fe511c0838ba0da28698c5732d54e2790bf3ba9899", "sha256:e17d6e2b81095c9db0a03a8025a957f334d6ea30b26f9ec70805411e5c7c81f2" ], - "markers": "python_version < '4' and python_full_version >= '3.6.1'", + "markers": "python_version < '4.0' and python_full_version >= '3.6.1'", "version": "==5.9.3" }, "lazy-object-proxy": { @@ -1647,6 +1647,14 @@ "markers": "python_version >= '2.6'", "version": "==5.6.0" }, + "platformdirs": { + "hashes": [ + "sha256:4666d822218db6a262bdfdc9c39d21f23b4cfdb08af331a81e92751daf6c866c", + "sha256:632daad3ab546bd8e6af0537d09805cec458dce201bccfe23012df73332e181e" + ], + "markers": "python_version >= '3.6'", + "version": "==2.2.0" + }, "pluggy": { "hashes": [ "sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0", @@ -1665,11 +1673,11 @@ }, "pylint": { "hashes": [ - "sha256:2e1a0eb2e8ab41d6b5dbada87f066492bb1557b12b76c47c2ee8aa8a11186594", - "sha256:8b838c8983ee1904b2de66cce9d0b96649a91901350e956d78f289c3bc87b48e" + "sha256:6758cce3ddbab60c52b57dcc07f0c5d779e5daf0cf50f6faacbef1d3ea62d2a1", + "sha256:e178e96b6ba171f8ef51fbce9ca30931e6acbea4a155074d80cc081596c9e852" ], "index": "pypi", - "version": "==2.9.6" + "version": "==2.10.2" }, "pylint-django": { "hashes": [ diff --git a/authentik/flows/management/commands/apply_flow.py b/authentik/flows/management/commands/apply_flow.py index 349686a39..0081df0c8 100644 --- a/authentik/flows/management/commands/apply_flow.py +++ b/authentik/flows/management/commands/apply_flow.py @@ -11,7 +11,7 @@ class Command(BaseCommand): # pragma: no cover def handle(self, *args, **options): """Apply all flows in order, abort when one fails to import""" for flow_path in options.get("flows", []): - with open(flow_path, "r") as flow_file: + with open(flow_path, "r", encoding="utf8") as flow_file: importer = FlowImporter(flow_file.read()) valid = importer.validate() if not valid: diff --git a/authentik/flows/tests/test_transfer_docs.py b/authentik/flows/tests/test_transfer_docs.py index 8fc4ecdb7..9148bc5e1 100644 --- a/authentik/flows/tests/test_transfer_docs.py +++ b/authentik/flows/tests/test_transfer_docs.py @@ -16,7 +16,7 @@ def pbflow_tester(file_name: str) -> Callable: """This is used instead of subTest for better visibility""" def tester(self: TestTransferDocs): - with open(file_name, "r") as flow_json: + with open(file_name, "r", encoding="utf8") as flow_json: importer = FlowImporter(flow_json.read()) self.assertTrue(importer.validate()) self.assertTrue(importer.apply()) diff --git a/authentik/lib/config.py b/authentik/lib/config.py index b5ef28aa4..7bc86b16e 100644 --- a/authentik/lib/config.py +++ b/authentik/lib/config.py @@ -79,7 +79,7 @@ class ConfigLoader: value = os.getenv(url.netloc, url.query) if url.scheme == "file": try: - with open(url.path, "r") as _file: + with open(url.path, "r", encoding="utf8") as _file: value = _file.read() except OSError: self._log("error", f"Failed to read config value from {url.path}") @@ -89,7 +89,7 @@ class ConfigLoader: def update_from_file(self, path: str): """Update config from file contents""" try: - with open(path) as file: + with open(path, encoding="utf8") as file: try: self.update(self.__config, yaml.safe_load(file)) self._log("debug", "Loaded config", file=path) diff --git a/authentik/outposts/controllers/k8s/utils.py b/authentik/outposts/controllers/k8s/utils.py index c4e446a25..ed9663064 100644 --- a/authentik/outposts/controllers/k8s/utils.py +++ b/authentik/outposts/controllers/k8s/utils.py @@ -1,11 +1,13 @@ """k8s utils""" from pathlib import Path +from kubernetes.config.incluster_config import SERVICE_TOKEN_FILENAME + def get_namespace() -> str: """Get the namespace if we're running in a pod, otherwise default to default""" - path = Path("/var/run/secrets/kubernetes.io/serviceaccount/namespace") + path = Path(SERVICE_TOKEN_FILENAME.replace("token", "namespace")) if path.exists(): - with open(path, "r") as _namespace_file: + with open(path, "r", encoding="utf8") as _namespace_file: return _namespace_file.read() return "default" diff --git a/authentik/outposts/docker_tls.py b/authentik/outposts/docker_tls.py index 0ecbc8383..9c61a8ca4 100644 --- a/authentik/outposts/docker_tls.py +++ b/authentik/outposts/docker_tls.py @@ -25,7 +25,7 @@ class DockerInlineTLS: def write_file(self, name: str, contents: str) -> str: """Wrapper for mkstemp that uses fdopen""" path = Path(gettempdir(), name) - with open(path, "w") as _file: + with open(path, "w", encoding="utf8") as _file: _file.write(contents) return str(path) diff --git a/authentik/outposts/tasks.py b/authentik/outposts/tasks.py index eb27d904f..71e9d0828 100644 --- a/authentik/outposts/tasks.py +++ b/authentik/outposts/tasks.py @@ -227,7 +227,7 @@ def outpost_local_connection(): kubeconfig_local_name = f"k8s-{gethostname()}" if not KubernetesServiceConnection.objects.filter(name=kubeconfig_local_name).exists(): LOGGER.debug("Creating kubeconfig Service Connection") - with open(kubeconfig_path, "r") as _kubeconfig: + with open(kubeconfig_path, "r", encoding="utf8") as _kubeconfig: KubernetesServiceConnection.objects.create( name=kubeconfig_local_name, kubeconfig=yaml.safe_load(_kubeconfig), diff --git a/authentik/stages/email/templatetags/authentik_stages_email.py b/authentik/stages/email/templatetags/authentik_stages_email.py index 1f9948434..7623c6c71 100644 --- a/authentik/stages/email/templatetags/authentik_stages_email.py +++ b/authentik/stages/email/templatetags/authentik_stages_email.py @@ -14,7 +14,7 @@ def inline_static_ascii(path: str) -> str: If no file could be found, original path is returned""" result = Path(finders.find(path)) if result: - with open(result) as _file: + with open(result, encoding="utf8") as _file: return _file.read() return path @@ -25,7 +25,7 @@ def inline_static_binary(path: str) -> str: path is returned.""" result = Path(finders.find(path)) if result and result.is_file(): - with open(result) as _file: + with open(result, encoding="utf8") as _file: b64content = b64encode(_file.read().encode()) return f"data:image/{result.suffix};base64,{b64content.decode('utf-8')}" return path diff --git a/tests/e2e/test_source_oauth.py b/tests/e2e/test_source_oauth.py index cd5b15919..e2dba3b27 100644 --- a/tests/e2e/test_source_oauth.py +++ b/tests/e2e/test_source_oauth.py @@ -89,7 +89,7 @@ class TestSourceOAuth2(SeleniumTestCase): "storage": {"config": {"file": "/tmp/dex.db"}, "type": "sqlite3"}, # nosec "web": {"http": "0.0.0.0:5556"}, } - with open(CONFIG_PATH, "w+") as _file: + with open(CONFIG_PATH, "w+", encoding="utf8") as _file: safe_dump(config, _file) def get_container_specs(self) -> Optional[dict[str, Any]]: diff --git a/tests/integration/test_outpost_docker.py b/tests/integration/test_outpost_docker.py index 491172291..0244c8436 100644 --- a/tests/integration/test_outpost_docker.py +++ b/tests/integration/test_outpost_docker.py @@ -63,14 +63,14 @@ class OutpostDockerTests(TestCase): authentication_kp = CertificateKeyPair.objects.create( name="docker-authentication", # pylint: disable=consider-using-with - certificate_data=open(f"{self.ssl_folder}/client/cert.pem").read(), + certificate_data=open(f"{self.ssl_folder}/client/cert.pem", encoding="utf8").read(), # pylint: disable=consider-using-with - key_data=open(f"{self.ssl_folder}/client/key.pem").read(), + key_data=open(f"{self.ssl_folder}/client/key.pem", encoding="utf8").read(), ) verification_kp = CertificateKeyPair.objects.create( name="docker-verification", # pylint: disable=consider-using-with - certificate_data=open(f"{self.ssl_folder}/client/ca.pem").read(), + certificate_data=open(f"{self.ssl_folder}/client/ca.pem", encoding="utf8").read(), ) self.service_connection = DockerServiceConnection.objects.create( url="https://localhost:2376", diff --git a/tests/integration/test_proxy_docker.py b/tests/integration/test_proxy_docker.py index bb30e7a3a..5a608b6ee 100644 --- a/tests/integration/test_proxy_docker.py +++ b/tests/integration/test_proxy_docker.py @@ -63,14 +63,14 @@ class TestProxyDocker(TestCase): authentication_kp = CertificateKeyPair.objects.create( name="docker-authentication", # pylint: disable=consider-using-with - certificate_data=open(f"{self.ssl_folder}/client/cert.pem").read(), + certificate_data=open(f"{self.ssl_folder}/client/cert.pem", encoding="utf8").read(), # pylint: disable=consider-using-with - key_data=open(f"{self.ssl_folder}/client/key.pem").read(), + key_data=open(f"{self.ssl_folder}/client/key.pem", encoding="utf8").read(), ) verification_kp = CertificateKeyPair.objects.create( name="docker-verification", # pylint: disable=consider-using-with - certificate_data=open(f"{self.ssl_folder}/client/ca.pem").read(), + certificate_data=open(f"{self.ssl_folder}/client/ca.pem", encoding="utf8").read(), ) self.service_connection = DockerServiceConnection.objects.create( url="https://localhost:2376",