chore(deps): update dependency connexion to v2 (master)

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
connexion	== 1.1.15 → ==2.3.0

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity	CVSS Score	Vulnerability	Reachability
High	7.5	WS-2020-0450
High	7.3	WS-2019-0064
Medium	5.6	WS-2019-0103

---

Release Notes

spec-first/connexion (connexion)

v2.3.0

Compare Source

• AioHttpApi oauth middleware catches all OAuth problems (#​830)
• Serve YAML spec (#​842)
• Added MethodViewResolver (#​847)
• Fix swagger console backslash redirect for aiohttp (#​843)
• Fix uwsgi metric collection (#​972)
• Respond with problems by default in aiohttp (#​952)

v2.2.0

Compare Source

• Fix case sensitive headers in aiohttp (#​825)
• Fix passing empty object body (#​815)
• Fix openapi3 path and query validation (#​821)
• Add path to API only for HTTP operations (#​817)
• Added OpenAPI 3 getting API Key from cookie support (#​794)

v2.1.0

Compare Source

• Proper debug logs for aiohttp's StreamResponse (#​787)
• Fix cli --stub (#​800)
• Fix handling additionalProperties in body (#​789)
• Change can_read_body to body_exists in AioHttpApi.get_request (#​738)
• Removed duplicated calls of get_response method of the Api classes (#​809)
• Fix up array style defaults (#​803)

v2.0.2

Compare Source

• Enforce that spec has string keys (JSON does not support integer keys) (#​763)
• Add connexion.operation dummy module for backwards compatability (#​758)
• Only pass body on PATCH/POST/PUT request (#​761)
• Add support for JWT authentication (#​732)
• Don't let openapi_spec_validator tamper raw spec (#​762)
• Simplify Operation class construction (#​726)

v2.0.1

Compare Source

• Pass files to handler if filename in arguments or has_kwargs (#​753)
• Handle TypeValidationError in form-data (#​749)
• Get rid of deprecation warning when using connexion run ... (#​745)

v2.0.0

Compare Source

Connexion 2.0 supports version 3.0.x of the OpenAPI Specification!
As 2.0 is a major version bump, you can expect some breaking changes from Connexion 1.5.3.

• You can now use openapi 3 specifications
• Swagger UI is now optional, and can be installed with pip install connexion[swagger-ui]
• App and Api options must be provided through the "options" argument (old_style_options have been removed).
• You must specify a form content-type in 'consumes' in order to consume form data.
• The Operation interface has been formalized in the AbstractOperation class.
• The Operation class has been renamed to Swagger2Operation.
• Array parameter deserialization now follows the Swagger 2.0 spec more closely.
  In situations when a query parameter is passed multiple times, and the collectionFormat is either csv or pipes, the right-most value will be used.
  For example, ?q=1,2,3&q=4,5,6 will result in q = [4, 5, 6].
  The old behavior is available by setting the collectionFormat to multi, or by importing decorators.uri_parsing.AlwaysMultiURIParser and passing parser_class=AlwaysMultiURIParser to your Api.
• The spec validator library has changed from swagger-spec-validator to openapi-spec-validator.
• Errors that previously raised SwaggerValidationError now raise the InvalidSpecification exception.
  All spec validation errors should be wrapped with InvalidSpecification.
• Support for nullable/x-nullable, readOnly and writeOnly/x-writeOnly has been added to the standard json schema validator.
• Custom validators can now be specified on api level (instead of app level).
• Added support for basic authentication and apikey authentication
• If unsupported security requirements are defined or x-tokenInfoFunc/x-tokenInfoUrl is missing, connexion now denies requests instead of allowing access without security-check.
• Accessing connexion.request.user / flask.request.user is no longer supported, use connexion.context['user'] instead

v1.5.3

Compare Source

• Fix error codes for bad Content-Types in body validator. (#​629)
• Add validator kind to error logs extra in validators (#​671)
• Improve metrics reporting (#​672)
• Improve coroutine detection (#​600)
• Add x-nullable support for body validators (#​642)

v1.5.2

Compare Source

Bugfix:

• Split FormData array parameters correctly (#​638)

v1.5.1

Compare Source

• Fix log line to wrong logger

v1.5.0

Compare Source

• Update to swagger-spec-validator 2.3.1 (#​611)
• URI parsing decorator (#​613)
• Correct validator response on bad JSON (#​610)
• Add capability to pass framework's request context to handler functions

v1.4.2

Compare Source

This release contains no Python code changes!

• #​584: fix PyPI description rendering

v1.4.1

Compare Source

• #​583: make Connexion compatible with the latest gevent version

v1.4

Compare Source

• #​530: added aiohttp support

v1.3

Compare Source

• #​559: allow local OAuth token validation via vendor extension, see Connexion's OAuth documentation

v1.2

Compare Source

• #​541: SECURITY: use Authorization header instead of URL params when trying to verify OAuth tokens against TokenInfo endpoint (this might be a BREAKING CHANGE for TokenInfo endpoints not supporting the Authorization header)
• #​523, #​545: minor fixes / refactoring

v1.1.16

Compare Source

• #​526: enable the use of Flask-Injector again
• #​504: allow http.HTTPStatus enums as response status codes

---

• If you want to rebase/retry this PR, check this box