From 413144cc0029cff5b457e78a294b43c64d4d7d3d Mon Sep 17 00:00:00 2001
From: Christoph Ladurner <christoph.ladurner@tugraz.at>
Date: Sat, 30 Nov 2024 16:12:18 +0100
Subject: [PATCH 1/5] setup: bump major dependencies

---
 setup.cfg | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/setup.cfg b/setup.cfg
index 01b1613..8bafce1 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -29,11 +29,11 @@ zip_safe = False
 install_requires =
     blinker>=1.4
     Flask-OAuthlib>=0.9.6
-    invenio-accounts>=5.0.0,<6.0.0
-    invenio-base>=1.3.0,<2.0.0
-    invenio-i18n>=2.0.0,<3.0.0
+    invenio-accounts>=6.0.0,<7.0.0
+    invenio-base>=2.0.0,<3.0.0
+    invenio-i18n>=3.0.0,<4.0.0
     invenio-mail>=1.0.2,<3.0.0
-    invenio-theme>=3.0.0,<4.0.0
+    invenio-theme>=4.0.0,<5.0.0
     oauthlib>=1.1.2
     markupsafe>=2.1.5
     requests-oauthlib>=0.6.2
@@ -46,14 +46,14 @@ tests =
     flask_admin>=1.6.0
     pytest-black-ng>=0.4.0
     httpretty>=0.8.14
-    invenio-userprofiles>=3.0.0,<4.0.0
+    invenio-userprofiles>=4.0.0,<5.0.0
     mock>=1.3.0
-    oauthlib>=1.1.2,<3.0.0
-    pytest-invenio>=1.4.2,<3.0.0
-    requests-oauthlib>=0.6.2,<1.2.0
+    oauthlib>=1.1.2
+    pytest-invenio>=3.0.0,<4.0.0
+    requests-oauthlib>=0.6.2
     simplejson>=3.8
     sphinx>=4.5
-    invenio-db[mysql,postgresql,versioning]>=1.0.9,<2.0.0
+    invenio-db[mysql,postgresql,versioning]>=2.0.0,<3.0.0
 
 # Kept for backwards compatibility
 admin =

From 6e18909b94debc7074b3db4c36fced39b4bbebeb Mon Sep 17 00:00:00 2001
From: Christoph Ladurner <christoph.ladurner@tugraz.at>
Date: Thu, 5 Dec 2024 23:05:02 +0100
Subject: [PATCH 2/5] tests: apply changes for sqlalchemy>=2.0

---
 tests/conftest.py | 12 +++++++-----
 tests/test_app.py | 11 ++++++++---
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/tests/conftest.py b/tests/conftest.py
index e6b55d1..ed2836e 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -154,17 +154,19 @@ def base_app(request):
     InvenioCelery(base_app)
 
     with base_app.app_context():
-        if str(db.engine.url) != "sqlite://" and not database_exists(
-            str(db.engine.url)
+        if str(
+            db.engine.url.render_as_string(hide_password=False)
+        ) != "sqlite://" and not database_exists(
+            str(db.engine.url.render_as_string(hide_password=False))
         ):
-            create_database(str(db.engine.url))
+            create_database(str(db.engine.url.render_as_string(hide_password=False)))
         db.create_all()
 
     def teardown():
         with base_app.app_context():
             db.session.close()
-            if str(db.engine.url) != "sqlite://":
-                drop_database(str(db.engine.url))
+            if str(db.engine.url.render_as_string(hide_password=False)) != "sqlite://":
+                drop_database(str(db.engine.url.render_as_string(hide_password=False)))
             shutil.rmtree(instance_path)
             db.engine.dispose()
 
diff --git a/tests/test_app.py b/tests/test_app.py
index 941ae0a..c142aa5 100644
--- a/tests/test_app.py
+++ b/tests/test_app.py
@@ -2,6 +2,7 @@
 #
 # This file is part of Invenio.
 # Copyright (C) 2015-2018 CERN.
+# Copyright (C) 2024 Graz University of Technology.
 #
 # Invenio is free software; you can redistribute it and/or modify it
 # under the terms of the MIT License; see LICENSE file for more details.
@@ -111,10 +112,14 @@ def teardown():
     request.addfinalizer(teardown)
 
     with app.app_context():
-        is_sqllite = str(db.engine.url) == "sqlite://"
-        db_exists = database_exists(str(db.engine.url))
+        is_sqllite = (
+            str(db.engine.url.render_as_string(hide_password=False)) == "sqlite://"
+        )
+        db_exists = database_exists(
+            str(db.engine.url.render_as_string(hide_password=False))
+        )
         if not is_sqllite and not db_exists:
-            create_database(str(db.engine.url))
+            create_database(str(db.engine.url.render_as_string(hide_password=False)))
         db.create_all()
         tables = list(
             filter(

From e1733a53d18d0364acafe66775ce3d23b05dcabf Mon Sep 17 00:00:00 2001
From: Christoph Ladurner <christoph.ladurner@tugraz.at>
Date: Thu, 5 Dec 2024 23:05:29 +0100
Subject: [PATCH 3/5] global: use invenio_base.jws not itsdangerous

---
 invenio_oauthclient/utils.py | 9 +--------
 tests/test_views.py          | 3 ++-
 tests/test_views_rest.py     | 3 ++-
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/invenio_oauthclient/utils.py b/invenio_oauthclient/utils.py
index b042558..79d6448 100644
--- a/invenio_oauthclient/utils.py
+++ b/invenio_oauthclient/utils.py
@@ -11,6 +11,7 @@
 
 from flask import current_app, request, session
 from flask_principal import RoleNeed
+from invenio_base.jws import TimedJSONWebSignatureSerializer
 from invenio_db.utils import rebuild_encrypted_properties
 from uritools import uricompose, urisplit
 from werkzeug.local import LocalProxy
@@ -18,14 +19,6 @@
 
 from .models import RemoteToken
 
-try:
-    # itsdangerous < 2.1.0
-    from itsdangerous import TimedJSONWebSignatureSerializer
-except ImportError:
-    # itsdangerous >= 2.1.0
-    from invenio_base.jws import TimedJSONWebSignatureSerializer
-
-
 _security = LocalProxy(lambda: current_app.extensions["security"])
 
 
diff --git a/tests/test_views.py b/tests/test_views.py
index e2323ce..bedfae9 100644
--- a/tests/test_views.py
+++ b/tests/test_views.py
@@ -2,6 +2,7 @@
 #
 # This file is part of Invenio.
 # Copyright (C) 2015-2018 CERN.
+# Copyright (C) 2024 Graz University of Technology.
 #
 # Invenio is free software; you can redistribute it and/or modify it
 # under the terms of the MIT License; see LICENSE file for more details.
@@ -17,8 +18,8 @@
 from flask_security import login_user
 from helpers import check_response_redirect_url
 from invenio_accounts.testutils import login_user_via_session
+from invenio_base.jws import TimedJSONWebSignatureSerializer
 from invenio_db import db
-from itsdangerous import TimedJSONWebSignatureSerializer
 from mock import MagicMock
 from simplejson import JSONDecodeError
 
diff --git a/tests/test_views_rest.py b/tests/test_views_rest.py
index 2751659..4c0fee9 100644
--- a/tests/test_views_rest.py
+++ b/tests/test_views_rest.py
@@ -2,6 +2,7 @@
 #
 # This file is part of Invenio.
 # Copyright (C) 2015-2018 CERN.
+# Copyright (C) 2024 Graz University of Technology.
 #
 # Invenio is free software; you can redistribute it and/or modify it
 # under the terms of the MIT License; see LICENSE file for more details.
@@ -16,8 +17,8 @@
 from flask_oauthlib.client import OAuth as FlaskOAuth
 from helpers import check_response_redirect_url, check_response_redirect_url_args
 from invenio_accounts.testutils import login_user_via_session
+from invenio_base.jws import TimedJSONWebSignatureSerializer
 from invenio_db import db
-from itsdangerous import TimedJSONWebSignatureSerializer
 from mock import MagicMock
 from simplejson import JSONDecodeError
 

From 352489be6bed2583ba7bc9d31502662f81d7c9a5 Mon Sep 17 00:00:00 2001
From: Christoph Ladurner <christoph.ladurner@tugraz.at>
Date: Thu, 5 Dec 2024 23:17:39 +0100
Subject: [PATCH 4/5] fix: sqlalchemy.exc.ArgumentError:

* Strings are not accepted for attribute names in loader options; please
  use class-bound attributes directly.

* sqlalchemy >= 2.0
---
 invenio_oauthclient/models.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/invenio_oauthclient/models.py b/invenio_oauthclient/models.py
index 56039c1..4386527 100644
--- a/invenio_oauthclient/models.py
+++ b/invenio_oauthclient/models.py
@@ -2,6 +2,7 @@
 #
 # This file is part of Invenio.
 # Copyright (C) 2015-2018 CERN.
+# Copyright (C) 2024 Graz University of Technology.
 #
 # Invenio is free software; you can redistribute it and/or modify it
 # under the terms of the MIT License; see LICENSE file for more details.
@@ -174,7 +175,11 @@ def get(cls, user_id, client_id, token_type="", access_token=None):
         if access_token:
             args.append(RemoteToken.access_token == access_token)
 
-        return cls.query.options(db.joinedload("remote_account")).filter(*args).first()
+        return (
+            cls.query.options(db.joinedload(RemoteToken.remote_account))
+            .filter(*args)
+            .first()
+        )
 
     @classmethod
     def get_by_token(cls, client_id, access_token, token_type=""):
@@ -186,7 +191,7 @@ def get_by_token(cls, client_id, access_token, token_type=""):
         :returns: A :class:`invenio_oauthclient.models.RemoteToken` instance.
         """
         return (
-            cls.query.options(db.joinedload("remote_account"))
+            cls.query.options(db.joinedload(RemoteToken.remote_account))
             .filter(
                 RemoteAccount.id == RemoteToken.id_remote_account,
                 RemoteAccount.client_id == client_id,

From 225124992c7f503f6bd67d55d78776aabf1ea5e7 Mon Sep 17 00:00:00 2001
From: Christoph Ladurner <christoph.ladurner@tugraz.at>
Date: Thu, 5 Dec 2024 23:18:09 +0100
Subject: [PATCH 5/5] release: v5.0.0

---
 CHANGES.rst                     | 7 +++++++
 invenio_oauthclient/__init__.py | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/CHANGES.rst b/CHANGES.rst
index fd99ebe..8300953 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -9,6 +9,13 @@
 Changes
 =======
 
+Version 5.0.0 (released 2024-12-06)
+
+- fix: sqlalchemy.exc.ArgumentError:
+- global: use invenio_base.jws not itsdangerous
+- tests: apply changes for sqlalchemy>=2.0
+- setup: bump major dependencies
+
 Version 4.1.3 (release 2024-12-03)
 
 - utils: improve and fix creation/update of groups
diff --git a/invenio_oauthclient/__init__.py b/invenio_oauthclient/__init__.py
index e50bcc3..52013d8 100644
--- a/invenio_oauthclient/__init__.py
+++ b/invenio_oauthclient/__init__.py
@@ -13,7 +13,7 @@
 from .oauth import oauth_link_external_id, oauth_unlink_external_id
 from .proxies import current_oauthclient
 
-__version__ = "4.1.3"
+__version__ = "5.0.0"
 
 __all__ = (
     "__version__",