Merge pull request #23753 from edx/aj/jwt_issuer

Config changes to get the JWT token working with MFEs again
2020-04-22 08:10:23 -04:00
parent 960ba3fe4d aeef139843
commit 5e3a5d8bb8
2 changed files with 12 additions and 2 deletions
--- a/cms/envs/devstack.py
+++ b/cms/envs/devstack.py
@@ -151,8 +151,13 @@ REQUIRE_DEBUG = DEBUG

 ########################### OAUTH2 #################################
 JWT_AUTH.update({
-    'JWT_SECRET_KEY': 'lms-secret',
    'JWT_ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
+    'JWT_ISSUERS': [{
+        'AUDIENCE': 'lms-key',
+        'ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
+        'SECRET_KEY': 'lms-secret',
+    }],
+    'JWT_SECRET_KEY': 'lms-secret',
    'JWT_AUDIENCE': 'lms-key',
    'JWT_PUBLIC_SIGNING_JWK_SET': (
        '{"keys": [{"kid": "devstack_key", "e": "AQAB", "kty": "RSA", "n": "smKFSYowG6nNUAdeqH1jQQnH1PmIHphzBmwJ5vRf1vu'
--- a/lms/envs/devstack.py
+++ b/lms/envs/devstack.py
@@ -265,8 +265,13 @@ LOGIN_REDIRECT_WHITELIST = [CMS_BASE]
 ###################### JWTs ######################
 # pylint: disable=unicode-format-string
 JWT_AUTH.update({
-    'JWT_ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
    'JWT_AUDIENCE': 'lms-key',
+    'JWT_ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
+    'JWT_ISSUERS': [{
+        'AUDIENCE': 'lms-key',
+        'ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
+        'SECRET_KEY': 'lms-secret',
+    }],
    'JWT_SECRET_KEY': 'lms-secret',
    'JWT_SIGNING_ALGORITHM': 'RS512',
    'JWT_PRIVATE_SIGNING_JWK': (