Flask 3.0, Werkzeug 3.0

pyproject.toml

@@ -31,9 +31,7 @@ cdiserrors = "<2.0.0"
 cdislogging = "^1.0.0"
 cdispyutils = "^2.0.1"
 cryptography = ">=41.0.2"
-flask = ">=2.2.3"
-flask-cors = ">=3.0.3"
-flask-restful = ">=0.3.8"
+flask = ">=3.0.0"
 email_validator = "^1.1.1"
 gen3authz = "^1.5.1"
 gen3cirrus = "^2.0.0"
@@ -57,7 +55,7 @@ retry = "^0.9.2"
 sqlalchemy = "^1.3.3"
 storageclient = {git = "https://github.com/uc-cdis/storage-client", rev = "1.0.2"}
 userdatamodel = ">=2.4.3"
-werkzeug = ">=2.2.3"
+werkzeug = ">=3.0.1"
 cachelib = "^0.2.0"
 azure-storage-blob = "^12.6.0"
 Flask-WTF = "^1.0.0"

tests/link/test_link.py

@@ -177,9 +177,9 @@ def test_google_link_auth_return(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -258,9 +258,9 @@ def test_patch_google_link(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -362,9 +362,9 @@ def test_patch_google_link_account_not_in_token(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -418,9 +418,9 @@ def test_patch_google_link_account_doesnt_exist(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -487,9 +487,9 @@ def test_google_link_g_account_exists(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -566,9 +566,9 @@ def test_google_link_g_account_access_extension(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -653,9 +653,9 @@ def test_google_link_g_account_exists_linked_to_different_user(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -721,9 +721,9 @@ def test_google_link_no_proxy_group(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )
@@ -807,9 +807,9 @@ def test_google_link_when_google_mocked(
 
     # manually set cookie for initial session
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )

tests/login/test_google_login.py

@@ -27,9 +27,9 @@ def test_google_login_http_headers_are_less_than_4k_for_user_with_many_projects(
         },
     )
     client.set_cookie(
-        "localhost",
-        config["SESSION_COOKIE_NAME"],
-        test_session_jwt,
+        domain="localhost",
+        key=config["SESSION_COOKIE_NAME"],
+        value=test_session_jwt,
         httponly=True,
         samesite="Lax",
     )

tests/session/test_session.py

@@ -25,7 +25,7 @@ def test_session_cookie_creation(app):
         with client.session_transaction():
             pass
 
-        client_cookies = [cookie.key for cookie in client.cookie_jar]
+        client_cookies = [cookie.key for cookie in client._cookies.values()]
         assert not client_cookies
 
 
@@ -36,11 +36,11 @@ def test_session_cookie_creation_session_modified(app):
         with client.session_transaction() as session:
             session["username"] = "Captain Janeway"
 
-        client_cookies = [cookie.key for cookie in client.cookie_jar]
+        client_cookies = [cookie.key for cookie in client._cookies.values()]
         assert config["SESSION_COOKIE_NAME"] in client_cookies
         session_cookie = [
             cookie
-            for cookie in client.cookie_jar
+            for cookie in client._cookies.values()
             if cookie.key == config["SESSION_COOKIE_NAME"]
         ]
         assert len(session_cookie) == 1
@@ -59,9 +59,9 @@ def test_valid_session(app):
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
@@ -82,9 +82,9 @@ def test_valid_session_modified(app):
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
@@ -112,9 +112,9 @@ def test_expired_session_lifetime(app):
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
@@ -144,9 +144,9 @@ def test_expired_session_timeout(app):
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
@@ -168,17 +168,17 @@ def test_session_cleared(app):
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
         with client.session_transaction() as session:
             session["username"] = username
             session.clear()
             assert session.get("username") != username
-        client_cookies = [cookie.key for cookie in client.cookie_jar]
+        client_cookies = [cookie.key for cookie in client._cookies.values()]
         assert config["SESSION_COOKIE_NAME"] not in client_cookies
 
 
@@ -190,9 +190,9 @@ def test_invalid_session_cookie(app):
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
@@ -234,16 +234,16 @@ def test_valid_session_valid_access_token(
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
         client.set_cookie(
-            "localhost",
-            config["ACCESS_TOKEN_COOKIE_NAME"],
-            test_access_jwt,
+            domain="localhost",
+            key=config["ACCESS_TOKEN_COOKIE_NAME"],
+            value=test_access_jwt,
             httponly=True,
             samesite="Lax",
         )
@@ -287,16 +287,16 @@ def test_valid_session_valid_access_token_diff_user(
     with app.test_client() as client:
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )
         client.set_cookie(
-            "localhost",
-            config["ACCESS_TOKEN_COOKIE_NAME"],
-            test_access_jwt,
+            domain="localhost",
+            key=config["ACCESS_TOKEN_COOKIE_NAME"],
+            value=test_access_jwt,
             httponly=True,
             samesite="Lax",
         )

tests/test_logout.py

@@ -71,9 +71,9 @@ def test_logout_fence(app, client, user_with_fence_provider, monkeypatch):
     with mock.patch("fence.allowed_login_redirects", return_value={"some_site.com"}):
         # manually set cookie for initial session
         client.set_cookie(
-            "localhost",
-            config["SESSION_COOKIE_NAME"],
-            test_session_jwt,
+            domain="localhost",
+            key=config["SESSION_COOKIE_NAME"],
+            value=test_session_jwt,
             httponly=True,
             samesite="Lax",
         )