| blob | 8ec18a8748637c5f7473b1eef7d4dcffdc159adc |
1 { lib, fetchFromGitHub, cacert, openssl, nixosTests
2 , python39, fetchpatch
3 }:
5 let
6 python3' = python39.override {
7 packageOverrides = self: super: {
8 sqlalchemy = super.sqlalchemy.overridePythonAttrs (oldAttrs: rec {
9 version = "1.3.24";
10 src = oldAttrs.src.override {
11 inherit version;
12 hash = "sha256-67t3fL+TEjWbiXv4G6ANrg9ctp+6KhgmXcwYpvXvdRk=";
13 };
14 doCheck = false;
15 });
16 # fails with `no tests ran in 1.75s`
17 alembic = super.alembic.overridePythonAttrs (lib.const {
18 doCheck = false;
19 });
20 flask_migrate = super.flask_migrate.overridePythonAttrs (oldAttrs: rec {
21 version = "2.7.0";
22 src = self.fetchPypi {
23 pname = "Flask-Migrate";
24 inherit version;
25 sha256 = "ae2f05671588762dd83a21d8b18c51fe355e86783e24594995ff8d7380dffe38";
26 };
27 });
28 # Taken from by https://github.com/NixOS/nixpkgs/pull/173090/commits/d2c0c7eb4cc91beb0a1adbaf13abc0a526a21708
29 werkzeug = super.werkzeug.overridePythonAttrs (old: rec {
30 version = "1.0.1";
31 src = old.src.override {
32 inherit version;
33 sha256 = "6c80b1e5ad3665290ea39320b91e1be1e0d5f60652b964a3070216de83d2e47c";
34 };
35 checkInputs = old.checkInputs ++ (with self; [
36 requests
37 ]);
38 doCheck = false;
39 });
40 # Required by flask-1.1
41 jinja2 = super.jinja2.overridePythonAttrs (old: rec {
42 version = "2.11.3";
43 src = old.src.override {
44 inherit version;
45 sha256 = "sha256-ptWEM94K6AA0fKsfowQ867q+i6qdKeZo8cdoy4ejM8Y=";
46 };
47 });
48 # Required by jinja2-2.11.3
49 markupsafe = super.markupsafe.overridePythonAttrs (old: rec {
50 version = "2.0.1";
51 src = old.src.override {
52 inherit version;
53 sha256 = "sha256-WUxngH+xYjizDES99082wCzfItHIzake+KDtjav1Ygo=";
54 };
55 });
56 itsdangerous = super.itsdangerous.overridePythonAttrs (old: rec {
57 version = "1.1.0";
58 src = old.src.override {
59 inherit version;
60 sha256 = "321b033d07f2a4136d3ec762eac9f16a10ccd60f53c0c91af90217ace7ba1f19";
61 };
62 });
63 flask = super.flask.overridePythonAttrs (old: rec {
64 version = "1.1.4";
65 src = old.src.override {
66 inherit version;
67 sha256 = "0fbeb6180d383a9186d0d6ed954e0042ad9f18e0e8de088b2b419d526927d196";
68 };
69 });
70 sqlsoup = super.sqlsoup.overrideAttrs ({ meta ? {}, ... }: {
71 meta = meta // { broken = false; };
72 });
73 click = super.click.overridePythonAttrs (old: rec {
74 version = "7.1.2";
75 src = old.src.override {
76 inherit version;
77 sha256 = "d2b5255c7c6349bc1bd1e59e08cd12acbbd63ce649f2588755783aa94dfb6b1a";
78 };
79 });
80 # Now requires `lingua` as check input that requires a newer `click`,
81 # however `click-7` is needed by the older flask we need here. Since it's just
82 # for the test-suite apparently, let's skip it for now.
83 Mako = super.Mako.overridePythonAttrs (lib.const {
84 checkInputs = [];
85 doCheck = false;
86 });
87 };
88 };
89 in
90 python3'.pkgs.buildPythonPackage rec {
91 pname = "privacyIDEA";
92 version = "3.7.4";
94 src = fetchFromGitHub {
95 owner = pname;
96 repo = pname;
97 rev = "v${version}";
98 sha256 = "sha256-QoVL6WJjX6+sN5S/iqV3kcfQ5fWTXkTnf6NpZcw3bGo=";
99 fetchSubmodules = true;
100 };
102 propagatedBuildInputs = with python3'.pkgs; [
103 cryptography pyrad pymysql python-dateutil flask-versioned flask_script
104 defusedxml croniter flask_migrate pyjwt configobj sqlsoup pillow
105 python-gnupg passlib pyopenssl beautifulsoup4 smpplib flask-babel
106 ldap3 huey pyyaml qrcode oauth2client requests lxml cbor2 psycopg2
107 pydash ecdsa google-auth importlib-metadata argon2-cffi bcrypt
108 ];
110 patches = [
111 # Apply https://github.com/privacyidea/privacyidea/pull/3304, fixes
112 # `Exceeds the limit (4300) for integer string conversion` in the tests,
113 # see https://hydra.nixos.org/build/192932057
114 (fetchpatch {
115 url = "https://github.com/privacyidea/privacyidea/commit/0e28f36c0b3291a361669f4a3a77c294f4564475.patch";
116 sha256 = "sha256-QqcO8bkt+I2JKce/xk2ZhzEaLZ3E4uZ4x5W9Kk0pMQQ=";
117 })
118 ];
120 passthru.tests = { inherit (nixosTests) privacyidea; };
122 checkInputs = with python3'.pkgs; [ openssl mock pytestCheckHook responses testfixtures ];
123 preCheck = "export HOME=$(mktemp -d)";
124 postCheck = "unset HOME";
125 disabledTests = [
126 # expects `/home/` to exist, fails with `FileNotFoundError: [Errno 2] No such file or directory: '/home/'`.
127 "test_01_loading_scripts"
129 # Tries to connect to `fcm.googleapis.com`.
130 "test_02_api_push_poll"
132 # Timezone info not available in build sandbox
133 "test_14_convert_timestamp_to_utc"
135 # Fails because of different logger configurations
136 "test_01_create_default_app"
137 "test_03_logging_config_file"
138 "test_04_logging_config_yaml"
139 "test_05_logging_config_broken_yaml"
140 ];
142 pythonImportsCheck = [ "privacyidea" ];
144 postPatch = ''
145 patchShebangs tests/testdata/scripts
146 substituteInPlace privacyidea/lib/resolvers/LDAPIdResolver.py --replace \
147 "/etc/privacyidea/ldap-ca.crt" \
148 "${cacert}/etc/ssl/certs/ca-bundle.crt"
149 '';
151 postInstall = ''
152 rm -r $out/${python3'.sitePackages}/tests
153 '';
155 meta = with lib; {
156 description = "Multi factor authentication system (2FA, MFA, OTP Server)";
157 license = licenses.agpl3Plus;
158 homepage = "http://www.privacyidea.org";
159 maintainers = with maintainers; [ globin ma27 ];
160 };
161 }