refactor: use httpx instead of requests

Author: azmeuk

canaille/app/forms.py

@@ -3,7 +3,7 @@
 import math
 import re
 
-import requests
+import httpx
 import wtforms.validators
 from flask import abort
 from flask import current_app
@@ -103,7 +103,7 @@ def compromised_password_validator(form, field):
     )
 
     try:
-        response = requests.api.get(api_url, timeout=10)
+        response = httpx.get(api_url, timeout=10)
     except Exception:
         if not request_is_partial():
             current_app.logger.exception(

canaille/oidc/oauth.py

@@ -1,7 +1,7 @@
 import datetime
 import json
 
-import requests
+import httpx
 from authlib.integrations.flask_oauth2 import AuthorizationServer
 from authlib.integrations.flask_oauth2 import ResourceProtector
 from authlib.jose import JsonWebKey
@@ -209,7 +209,7 @@ def get_client_jwks(client, kid=None):
 
     @cache.cached(timeout=50, key_prefix=f"jwks_{client.client_id}")
     def get_jwks():
-        return requests.get(client.jwks_uri).json()
+        return httpx.get(client.jwks_uri).json()
 
     if client.jwks_uri:
         raw_jwks = get_jwks()

pyproject.toml

@@ -35,7 +35,7 @@ dependencies = [
     "flask-caching>=2.3.0",
     "flask-wtf >= 1.2.1",
     "pydantic-settings >= 2.0.3",
-    "requests>=2.32.3",
+    "httpx>=0.28.1",
     "wtforms >= 3.1.1",
 ]
 
@@ -161,7 +161,7 @@ demo = [
     "faker",
     "honcho",
     "slapd",
-    "requests",
+    "httpx",
     "watchdog >= 4.0.0",
 ]
 release = [

tests/app/test_forms.py

@@ -338,7 +338,7 @@ def __init__(self, data):
         password_too_long_validator(None, Field("a" * 4097))
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator(api_get, testclient):
     current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
 
@@ -370,7 +370,7 @@ def __init__(self, data):
     assert compromised_password_validator(None, Field("password")) is None
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_without_form_validation(
     api_get, testclient, logged_user, caplog
 ):

tests/core/test_profile_settings.py

@@ -166,7 +166,7 @@ def with_different_values(password, length, message):
     )
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_profile_settings_compromised_password(api_get, testclient, logged_user):
     current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
     """Tests if password is compromised."""
@@ -204,7 +204,7 @@ def with_different_values(password, message):
     with_different_values("i'm a little pea", 'data-percent="100"')
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_profile_settings_compromised_password_request_api_failed_but_password_updated(
     api_get, testclient, logged_user, backend, caplog
 ):
@@ -237,7 +237,7 @@ def test_profile_settings_compromised_password_request_api_failed_but_password_u
     assert backend.check_user_password(logged_user, "123456789")[0]
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_and_success_mail_to_admin_from_settings_form(
     api_get, testclient, backend, user, logged_user, caplog, smtpd
 ):
@@ -269,7 +269,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_success_
     assert len(smtpd.messages) == 1
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_send_mail_to_admin_from_settings_form(
     api_get, testclient, backend, user, logged_user, caplog, smtpd
 ):
@@ -303,7 +303,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_
     assert len(smtpd.messages) == 0
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_without_smtp_or_without_admin_email_from_settings_form(
     api_get, testclient, backend, user, logged_user, caplog
 ):

tests/core/test_registration.py

@@ -187,7 +187,7 @@ def test_registration_mail_error(SMTP, testclient, backend, smtpd, foo_group):
     assert len(smtpd.messages) == 0
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_registration_with_compromised_password(api_get, testclient, backend):
     """Tests a nominal registration with compromised password."""
     current_app.config["CANAILLE"]["ENABLE_PASSWORD_COMPROMISSION_CHECK"] = True
@@ -216,7 +216,7 @@ class Response:
     assert user is None
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_registration_with_compromised_password_request_api_failed_but_account_created(
     api_get, testclient, backend, caplog
 ):
@@ -252,7 +252,7 @@ def test_registration_with_compromised_password_request_api_failed_but_account_c
     backend.delete(user)
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_and_success_mail_to_admin_from_register_form(
     api_get, testclient, backend, caplog, smtpd
 ):
@@ -293,7 +293,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_success_
     backend.delete(user)
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_send_mail_to_admin_from_register_form(
     api_get, testclient, backend, caplog
 ):
@@ -336,7 +336,7 @@ def test_compromised_password_validator_with_failure_of_api_request_and_fail_to_
     backend.delete(user)
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_without_smtp_from_register_form(
     api_get, testclient, backend, caplog
 ):
@@ -373,7 +373,7 @@ def test_compromised_password_validator_with_failure_of_api_request_without_smtp
     backend.delete(user)
 
 
-@mock.patch("requests.api.get")
+@mock.patch("httpx.get")
 def test_compromised_password_validator_with_failure_of_api_request_without_admin_email_from_register_form(
     api_get, testclient, backend, caplog
 ):