🚨 Fix linting issues

Author: jemrobinson

README.md

@@ -151,23 +151,23 @@ Do this as follows:
 
 - Create a new `Client` in your `Keycloak` instance.
     - Under `General Settings`:
-        -  Client type: `OpenID Connect`
-        -  Client name: `apricot`
+        - Client type: `OpenID Connect`
+        - Client name: `apricot`
     - Under `Capability config`
         - Enable `Client authentication`
         - Enable the following authentication flows and disable the rest:
             - `Direct access grants`
             - `Service accounts roles`
     - Save the client
 - For the client you have just created
-  - Under `Credentials` copy `client secret`
-  - Under `Service accounts roles`:
-      - Click on `Assign role` then `Filter by clients`
-      - Assign the following roles:
-          - `realm-management` > `view-users`
-          - `realm-management` > `manage-users`
-          - `realm-management` > `query-groups`
-          - `realm-management` > `query-users`
+    - Under `Credentials` copy `client secret`
+    - Under `Service accounts roles`:
+        - Click on `Assign role` then `Filter by clients`
+        - Assign the following roles:
+            - `realm-management` > `view-users`
+            - `realm-management` > `manage-users`
+            - `realm-management` > `query-groups`
+            - `realm-management` > `query-users`
 
 ## Disabling Apricot groups
 
@@ -203,7 +203,6 @@ member: CN=sherlock.holmes,OU=users,DC=example,DC=com
 
 :exclamation: You can disable the creation of these groups with the `--disable-primary-groups` command line option :exclamation:
 
-
 ## Mirrored groups
 
 Apricot creates a group-of-groups for each group of users.

apricot/apricot_server.py

@@ -2,17 +2,19 @@
 
 import inspect
 import sys
-from typing import Any, Self, cast
+from typing import TYPE_CHECKING, Any, Self, cast
 
 from twisted.internet import reactor, task
 from twisted.internet.endpoints import quoteStringArgument, serverFromString
-from twisted.internet.interfaces import IReactorCore, IStreamServerEndpoint
 from twisted.python import log
 
 from apricot.cache import LocalCache, RedisCache, UidCache
 from apricot.ldap import OAuthLDAPServerFactory
 from apricot.oauth import OAuthBackend, OAuthClientMap, OAuthDataAdaptor
 
+if TYPE_CHECKING:
+    from twisted.internet.interfaces import IReactorCore, IStreamServerEndpoint
+
 
 class ApricotServer:
     """The Apricot server running via Twisted."""
@@ -139,7 +141,7 @@ def __init__(
             ssl_endpoint.listen(factory)
 
         # Load the Twisted reactor
-        self.reactor = cast(IReactorCore, reactor)
+        self.reactor = cast("IReactorCore", reactor)
 
     def run(self: Self) -> None:
         """Start the Twisted reactor."""

apricot/cache/redis_cache.py

@@ -42,4 +42,4 @@ def set(self: Self, identifier: str, uid_value: int) -> None:
         self.cache.set(identifier, uid_value)
 
     def values(self: Self, keys: list[str]) -> list[int]:
-        return [int(cast(str, v)) for v in self.cache.mget(keys)]
+        return [int(cast("str", v)) for v in self.cache.mget(keys)]

apricot/cache/uid_cache.py

@@ -55,7 +55,7 @@ def get_uid(
             min_value = min_value or 0
             next_uid = max(self._get_max_uid(category) + 1, min_value)
             self.set(identifier_, next_uid)
-        return cast(int, self.get(identifier_))
+        return cast("int", self.get(identifier_))
 
     def _get_max_uid(self: Self, category: str | None) -> int:
         """Get maximum UID for a given category.

apricot/ldap/oauth_ldap_entry.py

@@ -75,7 +75,7 @@ def add_child(
         except LDAPEntryAlreadyExists:
             log.msg(f"Refusing to add child '{rdn.getText()}' as it already exists.")
             output = self._children[rdn.getText()]
-        return cast(OAuthLDAPEntry, output)
+        return cast("OAuthLDAPEntry", output)
 
     def bind(self: Self, password: bytes) -> defer.Deferred[OAuthLDAPEntry]:
         def _bind(password: bytes) -> OAuthLDAPEntry:
@@ -89,4 +89,4 @@ def _bind(password: bytes) -> OAuthLDAPEntry:
         return defer.maybeDeferred(_bind, password)
 
     def list_children(self: Self) -> list[OAuthLDAPEntry]:
-        return [cast(OAuthLDAPEntry, entry) for entry in self._children.values()]
+        return [cast("OAuthLDAPEntry", entry) for entry in self._children.values()]

apricot/oauth/keycloak_client.py

@@ -1,14 +1,15 @@
 from __future__ import annotations
 
 import operator
-from typing import Any, Self, cast
+from typing import TYPE_CHECKING, Any, Self, cast
 
 from twisted.python import log
 
-from apricot.typedefs import JSONDict
-
 from .oauth_client import OAuthClient
 
+if TYPE_CHECKING:
+    from apricot.typedefs import JSONDict
+
 
 class KeycloakClient(OAuthClient):
     """OAuth client for the Keycloak backend."""
@@ -56,7 +57,7 @@ def groups(self: Self) -> list[JSONDict]:
                 f"{self.base_url}/admin/realms/{self.realm}/groups?first={len(group_data)}&max={self.max_rows}&briefRepresentation=false",
                 use_client_secret=False,
             ):
-                group_data.extend(cast(list[JSONDict], data))
+                group_data.extend(cast("list[JSONDict]", data))
                 if len(data) != self.max_rows:
                     break
 
@@ -99,7 +100,7 @@ def groups(self: Self) -> list[JSONDict]:
                     use_client_secret=False,
                 )
                 attributes["memberUid"] = [
-                    user["username"] for user in cast(list[JSONDict], members)
+                    user["username"] for user in cast("list[JSONDict]", members)
                 ]
                 output.append(attributes)
         except KeyError as exc:
@@ -115,7 +116,7 @@ def users(self: Self) -> list[JSONDict]:
                 f"{self.base_url}/admin/realms/{self.realm}/users?first={len(user_data)}&max={self.max_rows}&briefRepresentation=false",
                 use_client_secret=False,
             ):
-                user_data.extend(cast(list[JSONDict], data))
+                user_data.extend(cast("list[JSONDict]", data))
                 if len(data) != self.max_rows:
                     break
 

apricot/oauth/microsoft_entra_client.py

@@ -1,14 +1,15 @@
 from __future__ import annotations
 
 import operator
-from typing import Any, Self, cast
+from typing import TYPE_CHECKING, Any, Self, cast
 
 from twisted.python import log
 
-from apricot.typedefs import JSONDict
-
 from .oauth_client import OAuthClient
 
+if TYPE_CHECKING:
+    from apricot.typedefs import JSONDict
+
 
 class MicrosoftEntraClient(OAuthClient):
     """OAuth client for the Microsoft Entra backend."""
@@ -50,7 +51,7 @@ def groups(self: Self) -> list[JSONDict]:
             f"https://graph.microsoft.com/v1.0/groups?$select={','.join(queries)}",
         )
         for group_dict in cast(
-            list[JSONDict],
+            "list[JSONDict]",
             sorted(group_data["value"], key=operator.itemgetter("createdDateTime")),
         ):
             try:
@@ -92,7 +93,7 @@ def users(self: Self) -> list[JSONDict]:
                 f"https://graph.microsoft.com/v1.0/users?$select={','.join(queries)}",
             )
             for user_dict in cast(
-                list[JSONDict],
+                "list[JSONDict]",
                 sorted(user_data["value"], key=operator.itemgetter("createdDateTime")),
             ):
                 # Get user attributes

pyproject.toml

@@ -168,10 +168,10 @@ strict = true                     # enable all optional error checking flags
 
 [[tool.mypy.overrides]]
 module = [
-    "ldaptor.*",
-    "pydantic.*",
-    "requests_oauthlib.*",
-    "twisted.*",
-    "zope.interface.*",
+  "ldaptor.*",
+  "pydantic.*",
+  "requests_oauthlib.*",
+  "twisted.*",
+  "zope.interface.*",
 ]
 ignore_missing_imports = true