We already add the user id (imperfectly) to many requests.
However, when a user starts off unauthenticated, it is not
possible to correlate to those requests. Adding the raw
IP chain provides that possibility. See new custom attribute
ip_chain.raw.
The decision to provide Restricted Applications expired
JWTs was superseded by another ADR. This commit simply
adds clarity around that change.
Co-authored-by: Phillip Shiu <pshiu@users.noreply.github.com>
As part of dissolving our sub-projects in edx-platform, we are moving this package under the xmodule directory.
We have fixed all the occurences of import of this package and also fixed all documents related references.
This might break your platform if you have any reference of `import capa` or `from capa import` in your codebase or in any Xblock.
Ref: https://openedx.atlassian.net/browse/BOM-2582
To exchange jwt with session cookies we need to determine JWT grant type in
AccessTokenExchangeView. JWT only having password grant type will be allowed to exchange session.
Added ADR for mobile migration to JWT authentication.
LEARNER-8886
The username was allowed in the login endpoint alongside the email address
but rate-limiting logic was not updated to rate limit on the new POST
param `email_or_username`.
VAN-1003
JIRA: https://openedx.atlassian.net/browse/BOM-2580
This PR aims at refactoring the discussion xblock sub project and moving it within the xmodule directory effectively removing its position as a sub project within edx-platform
* feat: added new live provider and fixed tests
* feat: added free_tier compatiblity
* fix: resolved linter issues and other refactors
* fix: ran makemigration to generate migrations
* fix: Implemeted key retrival for tabs
Co-authored-by: AhtishamShahid <ahtishamshahid@A006-00850.local>
Exchange third party auth token wiith jwt token
since mobile platform is moving to jwt token we
need jwt token instead of access token now.
LEARNER-8517
Co-authored-by: Robert Raposa <rraposa@edx.org>
- Moving xmodule folder to root as we're dissolving sub-projects of common folder in edx-platform
- More info: https://openedx.atlassian.net/browse/BOM-2579
- -e common/lib/xmodule has been removed from the requirements as xmodule has itself become the part of edx-platform and not being installed through requirements
- The test files common/lib/xmodule/test_files/ have been removed as they are not being used anymore
Meta field in UserProfile model will only store those fields which are available in extended_profile configuration,
so we are removing the fields that are not available in extended_profile configuration because their data will
not be stored
VAN-977
* fix: call blockstore APIs in atomic transactions.
To ensure database integry when using the blockstore APIs, the Content
Library views which invoke blockstore API methods are wrapped in
database transactions.
* fix: assert create_library is called inside an atomic transaction block
This removes the `rebind_noauth_module_to_user` argument from the
ModuleSystem constructor and moves it to a separate service called
"rebinder" in the class `RebindModuleService`. This is used in the
LTI module to bind calls received by its noauth endpoint to bind
the module the real_user.
The node_path attribute & constructor argument of the ModuleSystem is
deprecated without any replacement service or fallback as there doesn't
seem to be any core blocks using it.
It also removes the references to node_path from the LMS settings, the
LoncapaModuleSystem and the XBlock runtime shim.
Co-authored-by: Agrendalath <piotr@surowiec.it>
