From 26bf329eb7a2887763d2c8c3ea00edfca5280204 Mon Sep 17 00:00:00 2001
From: Awais Qureshi <awais.qureshi@arbisoft.com>
Date: Mon, 11 Sep 2023 15:30:42 +0500
Subject: [PATCH] [django42] sha1 is removed in django42 version.  (#33129)

* fix: fixing django42 issue. sha1 is removed in 42 version.
---
 openedx/core/djangoapps/safe_sessions/middleware.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/openedx/core/djangoapps/safe_sessions/middleware.py b/openedx/core/djangoapps/safe_sessions/middleware.py
index 5f4449d93c..a9ade2ac3b 100644
--- a/openedx/core/djangoapps/safe_sessions/middleware.py
+++ b/openedx/core/djangoapps/safe_sessions/middleware.py
@@ -267,7 +267,10 @@ class SafeCookieData:
         SHA256(version '|' session_id '|' user_id '|').
         """
         data_to_sign = self._compute_digest(user_id)
-        self.signature = signing.dumps(data_to_sign, salt=self.key_salt)
+
+        self.signature = signing.TimestampSigner(
+            salt=self.key_salt, algorithm=settings.DEFAULT_HASHING_ALGORITHM
+        ).sign_object(data_to_sign, serializer=signing.JSONSerializer, compress=False)
 
     def verify(self, user_id):
         """
@@ -276,7 +279,10 @@ class SafeCookieData:
         (not expired) and bound to the given user.
         """
         try:
-            unsigned_data = signing.loads(self.signature, salt=self.key_salt, max_age=settings.SESSION_COOKIE_AGE)
+            unsigned_data = signing.TimestampSigner(
+                salt=self.key_salt, algorithm=settings.DEFAULT_HASHING_ALGORITHM
+            ).unsign_object(self.signature, serializer=signing.JSONSerializer, max_age=settings.SESSION_COOKIE_AGE)
+
             if unsigned_data == self._compute_digest(user_id):
                 return True
             log.error("SafeCookieData '%r' is not bound to user '%s'.", str(self), user_id)