Removing all settings that have OIDC in name (#23251)

* Removing all settings that have OIDC in name * Removing ENABLE_DOP_ADAPTER * changes JWT_ISSUER value in devstack
2020-03-04 09:06:29 -05:00
parent 44199c3f72
commit 7d2ff9cd3f
14 changed files with 3 additions and 36 deletions
--- a/cms/envs/bok_choy.env.json
+++ b/cms/envs/bok_choy.env.json
@@ -99,5 +99,4 @@
    "TECH_SUPPORT_EMAIL": "technical@example.com",
    "TIME_ZONE": "America/New_York",
    "WIKI_ENABLED": true,
-    "OAUTH_OIDC_ISSUER": "https://www.example.com/oauth2"
 }
--- a/cms/envs/bok_choy.yml
+++ b/cms/envs/bok_choy.yml
@@ -112,7 +112,6 @@ MODULESTORE:
      - ENGINE: xmodule.modulestore.xml.XMLModuleStore
        NAME: xml
        OPTIONS: {data_dir: '** OVERRIDDEN **', default_class: xmodule.hidden_module.HiddenDescriptor}
-OAUTH_OIDC_ISSUER: https://www.example.com/oauth2
 SECRET_KEY: ''
 SERVER_EMAIL: devops@example.com
 SESSION_COOKIE_DOMAIN: null
--- a/cms/envs/bok_choy_docker.env.json
+++ b/cms/envs/bok_choy_docker.env.json
@@ -98,5 +98,4 @@
    "TECH_SUPPORT_EMAIL": "technical@example.com",
    "TIME_ZONE": "America/New_York",
    "WIKI_ENABLED": true,
-    "OAUTH_OIDC_ISSUER": "https://www.example.com/oauth2"
 }
--- a/cms/envs/bok_choy_docker.yml
+++ b/cms/envs/bok_choy_docker.yml
@@ -112,7 +112,6 @@ MODULESTORE:
      - ENGINE: xmodule.modulestore.xml.XMLModuleStore
        NAME: xml
        OPTIONS: {data_dir: '** OVERRIDDEN **', default_class: xmodule.hidden_module.HiddenDescriptor}
-OAUTH_OIDC_ISSUER: https://www.example.com/oauth2
 SECRET_KEY: ''
 SERVER_EMAIL: devops@example.com
 SESSION_COOKIE_DOMAIN: null
--- a/cms/envs/common.py
+++ b/cms/envs/common.py
@@ -1826,8 +1826,6 @@ CACHES = {

 ############################ OAUTH2 Provider ###################################

-# OpenID Connect issuer ID. Normally the URL of the authentication endpoint.
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'

 # 5 minute expiration time for JWT id tokens issued for external API requests.
 OAUTH_ID_TOKEN_EXPIRATION = 5 * 60
--- a/cms/envs/devstack.py
+++ b/cms/envs/devstack.py
@@ -136,8 +136,6 @@ FEATURES['FRONTEND_APP_PUBLISHER_URL'] = 'http://localhost:18400'
 REQUIRE_DEBUG = DEBUG

 ########################### OAUTH2 #################################
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'
-
 JWT_AUTH.update({
    'JWT_SECRET_KEY': 'lms-secret',
    'JWT_ISSUER': 'http://127.0.0.1:8000/oauth2',
--- a/cms/envs/devstack_docker.py
+++ b/cms/envs/devstack_docker.py
@@ -21,10 +21,8 @@ FEATURES.update({

 CREDENTIALS_SERVICE_USERNAME = 'credentials_worker'

-OAUTH_OIDC_ISSUER = '{}/oauth2'.format(LMS_ROOT_URL)
-
 JWT_AUTH.update({
+    'JWT_ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
    'JWT_SECRET_KEY': 'lms-secret',
-    'JWT_ISSUER': OAUTH_OIDC_ISSUER,
    'JWT_AUDIENCE': 'lms-key',
 })
--- a/cms/envs/production.py
+++ b/cms/envs/production.py
@@ -545,9 +545,6 @@ XBLOCK_SETTINGS.setdefault("VideoBlock", {})['YOUTUBE_API_KEY'] = AUTH_TOKENS.ge

 ############################ OAUTH2 Provider ###################################

-# OpenID Connect issuer ID. Normally the URL of the authentication endpoint.
-OAUTH_OIDC_ISSUER = ENV_TOKENS['OAUTH_OIDC_ISSUER']
-
 #### JWT configuration ####
 JWT_AUTH.update(ENV_TOKENS.get('JWT_AUTH', {}))
 JWT_AUTH.update(AUTH_TOKENS.get('JWT_AUTH', {}))
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -551,15 +551,7 @@ CACHES = {
    },
 }

-############################ OpenID Provider  ##################################
-OPENID_PROVIDER_TRUSTED_ROOTS = ['cs50.net', '*.cs50.net']
-
 ############################ OAUTH2 Provider ###################################
-
-# OpenID Connect issuer ID. Normally the URL of the authentication endpoint.
-
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'
-
 OAUTH_EXPIRE_CONFIDENTIAL_CLIENT_DAYS = 365
 OAUTH_EXPIRE_PUBLIC_CLIENT_DAYS = 30

--- a/lms/envs/devstack.py
+++ b/lms/envs/devstack.py
@@ -140,10 +140,8 @@ CC_PROCESSOR = {

 ########################### External REST APIs #################################
 FEATURES['ENABLE_OAUTH2_PROVIDER'] = True
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'
 FEATURES['ENABLE_MOBILE_REST_API'] = True
 FEATURES['ENABLE_VIDEO_ABSTRACTION_LAYER_API'] = True
-ENABLE_DOP_ADAPTER = False

 ########################## SECURITY #######################
 FEATURES['ENABLE_MAX_FAILED_LOGIN_ATTEMPTS'] = False
@@ -246,7 +244,7 @@ LOGIN_REDIRECT_WHITELIST = [CMS_BASE]
 ###################### JWTs ######################
 # pylint: disable=unicode-format-string
 JWT_AUTH.update({
-    'JWT_ISSUER': OAUTH_OIDC_ISSUER,
+    'JWT_ISSUER': 'http://127.0.0.1:8000/oauth2',
    'JWT_AUDIENCE': 'lms-key',
    'JWT_SECRET_KEY': 'lms-secret',
    'JWT_SIGNING_ALGORITHM': 'RS512',
--- a/lms/envs/devstack_docker.py
+++ b/lms/envs/devstack_docker.py
@@ -25,10 +25,8 @@ ENTERPRISE_API_URL = '{}/enterprise/api/v1/'.format(LMS_INTERNAL_ROOT_URL)
 CREDENTIALS_INTERNAL_SERVICE_URL = 'http://edx.devstack.credentials:18150'
 CREDENTIALS_PUBLIC_SERVICE_URL = 'http://localhost:18150'

-OAUTH_OIDC_ISSUER = '{}/oauth2'.format(LMS_ROOT_URL)
-
 JWT_AUTH.update({
-    'JWT_ISSUER': OAUTH_OIDC_ISSUER,
+    'JWT_ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
 })

 FEATURES.update({
--- a/lms/envs/production.py
+++ b/lms/envs/production.py
@@ -756,7 +756,6 @@ if FEATURES.get('ENABLE_THIRD_PARTY_AUTH'):

 ##### OAUTH2 Provider ##############
 if FEATURES.get('ENABLE_OAUTH2_PROVIDER'):
-    OAUTH_OIDC_ISSUER = ENV_TOKENS['OAUTH_OIDC_ISSUER']
    OAUTH_ENFORCE_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_SECURE', True)
    OAUTH_ENFORCE_CLIENT_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_CLIENT_SECURE', True)
    # Defaults for the following are defined in lms.envs.common
--- a/lms/envs/test.py
+++ b/lms/envs/test.py
@@ -281,8 +281,6 @@ OPENID_PROVIDER_TRUSTED_ROOTS = ['*']

 ############################## OAUTH2 Provider ################################
 FEATURES['ENABLE_OAUTH2_PROVIDER'] = True
-# don't cache courses for testing
-OIDC_COURSE_HANDLER_CACHE_TIMEOUT = 0
 OAUTH_ENFORCE_SECURE = False

 ########################### External REST APIs #################################
--- a/openedx/core/djangoapps/oauth_dispatch/tests/test_views.py
+++ b/openedx/core/djangoapps/oauth_dispatch/tests/test_views.py
@@ -557,11 +557,6 @@ class TestViewDispatch(TestCase):
        view_object = views.AccessTokenView()
        self.assertRaises(KeyError, view_object.get_view_for_backend, None)

-    def test_dop_toggle_enforced(self):
-        with self.settings(ENABLE_DOP_ADAPTER=False):
-            request = self._get_request('dop-id')
-            self.assertEqual(self.view.select_backend(request), self.dot_adapter.backend)
-

 class TestRevokeTokenView(AccessTokenLoginMixin, _DispatchingViewTestCase):  # pylint: disable=abstract-method
    """