Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45,731 Commits 1 Branch 0 Tags
435c3c633811ea5164311caefc7d94de1595c435
Commit Graph

19 Commits

Author SHA1 Message Date
Nimisha Asthagiri
b99d0a3495 OAuth docs: minor fixes 2018-02-04 18:29:22 -05:00
Nimisha Asthagiri
293e4f895a OAuth docs, including decisions 2018-02-03 14:15:29 -05:00
John Eskew
5a71fa1e33 Allow inactive users to authenticate in Django 1.10+ 2018-01-26 14:04:19 -05:00
Nimisha Asthagiri
ea041700f6 OAuth: support for auto_even_if_expired REQUEST_APPROVAL_PROMPT 2018-01-12 16:15:09 -05:00
Ahsan Ulhaq
1b2fdc058d Rate limited /oauth2/access_token/ 
There has been some reports about attack on /oauth2/access_token/.
This cause LMS to be down. This is being resolved by rate limiting the
endpoint.
LEARNER-3393
 2018-01-08 16:58:16 +05:00
bmedx
d3e6836d9e Fixes to common/openedx tests that reference apps CMS doesn't use 2017-11-22 15:46:06 -05:00
Jeremy Bowman
43a11af735 PLAT-1199 Stop using pycrypto 2017-11-21 11:25:48 -05:00
bmedx
68e3894c17 openedx urls cleanup for Django 1.11 
- Remove usage of django.urls.patterns
- Change urls tuples to lists
- Make all string view names callables
 2017-11-03 16:11:41 -04:00
ayub-khan
320eb0c6b7 edx_clear_expired_tokens management commands removes 
all expired tokens added a exlude_application_ids argument which
enable us to not remove expired tokens for given applications.
LEARNER-717
 2017-10-26 21:50:14 +05:00
Douglas Hall
f0b41fea5a Revert "LEARNER-717 Added logs for discovery" 2017-10-24 11:38:43 -04:00
ayub-khan
790150a8aa Management Command to Clear DOT expired Tokens 
LEARNER-717
 2017-10-24 16:10:26 +05:00
ayub-khan
a71fd68673 Added user logs for save bearer token 
Purpose of those logs is to get more information
about deadlocks coming on prod when we revoke already
existing refresh tokens.

LEARNER-717
 2017-10-20 00:26:18 +05:00
Andy Armstrong
93235d118d Reorder imports using isort (except lms and cms) 2017-05-30 16:04:54 -04:00
Clinton Blackburn
2b4817b102 Added OpenID Connect discovery endpoint 
Although we are phasing out our support of OIDC, this particular feature will allow us to eliminate many of the settings we
share across services. Instead of reading various endpoints and secret keys from settings or hardcoded values, services
with the proper authentication backend can simply read (and cache) the information from this endpoint.

ECOM-3629
 2017-04-26 10:02:27 -04:00
Clinton Blackburn
f4e72c80c5 Added given and family name fields to profile scope 
This information mirrors the fields returned in our ID token for OpenID
Connect (OIDC). Including this information will allow us to eventually
migrate toward replacing OIDC with OAuth 2.0 + JWT.

ECOM-3628
 2017-04-24 11:07:08 -04:00
chrisndodge
6d327594ac add restricted DOT OAUTH2 client with reduced privileges 2016-10-14 07:31:26 -04:00
Jesse Zoldak
8004545cf5 Revert "Cdodge/restricted oauth2 applications" 2016-10-13 13:18:29 -04:00
chrisndodge
1732663486 add restricted DOT OAUTH2 client with reduced privileges 2016-10-12 09:40:49 -04:00
Nimisha Asthagiri
4c0f85b4d9 Move auth_exchange from common to openedx/core. 
Move oauth_dispatch from lms to openedx/core.
 2016-10-06 12:54:39 -04:00