Pas.plugins.authomatic v2.0 Modernization and Python 3.10+ Upgrade

Plone Support Add-on Development
, ,
1

Summary

This project represents a significant modernization and maintenance upgrade for the authomatic library and pas.plugins.authomatic volto addon, aiming to ensure long-term viability and compatibility with modern Python environments and authentication provider APIs.

The core work includes dropping support for legacy Python and deprecated providers, migrating to modern development tools, and beginning the process of implementing robust, mock-based testing for key providers.

This is based on the work conducted during the Google Summer of Code 2025 period for The Plone Foundation.

Breaking Changes

This release includes the following major breaking changes:

  • Dropped Python 2.7 Support: Python 2.7 support has been fully removed. The library now targets Python 3.10, 3.11, 3.12, and 3.13.

  • Dropped Legacy OAuth1/OpenID Providers: The following providers have been entirely removed due to deprecation or closure of their party authentication services:
    OAuth1 Group: Flickr, Ubuntuone, Xero, Xing.
    OAuth2 Group: Behance (no longer provides 3rd party auth).
    OpenID Section providers.

Dependency Changes: Updates to testing dependencies, including the use of ruff for linting and pytest-httpx for mocking provider responses.

Technical Details

  1. Python Modernization and Linting
    Python 3.10+ Upgrade: Performed initial conversion using pyupgrade, followed by comprehensive cleanup using ruff.
    Linting Fixes: Resolved residual PEP 8 violations, specifically E203 (whitespace errors), across several modules.

  2. Provider Maintenance and Clean-up
    Travis CI Removal: Removed TRAVIS CI configuration, directories, and dependencies.
    Provider Code/Test Clean-up: All tests and associated code for the dropped providers (Flickr, Ubuntuone, Xero, Xing, Behance, OpenID) have been removed.

  3. OAuth1 to OAuth2 Migration
    The update to the following providers that migrated from OAuth1 to OAuth2. are including:

  • Bitbucket

  • Twitter/X (Updated to API v2)

  • Tumblr

  • Vimeo

  • Yahoo

Testing Status

Testing is being migrated to use pytest-httpx to mock server responses, moving away from relying on deprecated secret keys and live server pings.

Tests are created and passing for:

  • Facebook

  • Google

  • GitHub

  • LinkedIn

  • X/Twitter

Completed (Pre-PR Status)

The local pytest suite is passing following the Python 3.10 upgrade fixes.

In-Progress (Work Included in or immediately following this PR)

Changelog using Towncrier is not working correctly ( I also don’t have the correct permissions to fix it), however i will update the readme and followup as required while this issue gets worked out.

– Links –

PR for merging project breaking changes on Github

Authomatic on Github

Thank you

I really cannot thank @jensens enough for his guidance and mentorship throughout the program. It was an honor and pleasure working with him.

I also need to give a humongous Thank You to @ebrehault for his time and generosity with the GSOC program this year. It was a privilege and a pleasure to meet him in person at the conference.

I also can’t thank the Plone Foundation and organizers of Plone Conf 2025 for the opportunity to attend my first Plone Conference in Jyväskylä, Finland. It was an amazing time and it was just so wonderful to meet everyone!

–Andrew Himelstieb @GNUamua

4 Likes