-Updated middleware setting to use use middleware insted of
middleware_classes
-github install of django-method-override fork to support
new style middleware in django1.11
Some tests that used to mock the cache internals of ConfigurationModels
had to be modified to use CacheIsolationTestCase instead (the things
they were mocking no longer exist).
Logout link should be displayed only for learner portal
Added changed to display only for learner portal
Added unit tests
check third_party_auth is enabled
Changes to extend SSO logout link feature to Oauth providers
Fixed quality violations
Removed unncessary assert
Reviewer feedback changes
- use login_ajax (in place of login_session with shim) for
logistration's call to login POST
- add toggle for using login_ajax from logistration
- FEATURES['ENABLE_LOGIN_POST_WITHOUT_SHIM']
- add custom metrics for redirect_url
- update test for third-party auth error_code
NOTE: The error_code `third-party-auth-with-no-linked-account`
was introduced in JSON in this earlier PR:
https://github.com/edx/edx-platform/pull/22452/files
ARCH-1253
The toggle UPDATE_LOGIN_USER_ERROR_STATUS_CODE was added to roll out a
breaking change for `login_user` auth errors to return a 400 rather than
a 200.
This toggle was enabled in Production on 12/5/2019 with seemingly no
adverse affects.
ARCH-1253
This completes the work started in https://github.com/edx/edx-platform/pull/19453
to use the LMS login and registration for Studio, rather than Studio
providing its own implementation.
LMS login/registration are being used for the following reasons:
1. LMS logistration properly handles all SSO integrations.
2. A single logistration is simpler to maintain and understand.
3. Allows Studio to work more like all other IDAs that use LMS
logistration.
The original switch to use LMS logistration for Studio also added the
toggle `DISABLE_STUDIO_SSO_OVER_LMS` to provide the community some
additional time for switching. This commit removes this toggle, which
at this point means all deployments will use the LMS logistration.
This change requires sharing cookies across LMS and Studio. Should that
prove to be a problem for certain Open edX instances, there are
discussions of possible alternative solutions.
See https://github.com/edx/edx-platform/pull/19845#issuecomment-559154256
Detailed changes:
* Fix some Studio links that still went to old Studio signin and signup.
* Remove DISABLE_STUDIO_SSO_OVER_LMS feature toggle.
* Remove old studio signin and signup pages and templates.
* Fix url name "login", which had different meanings for Studio and LMS.
* Use the following settings: LOGIN_URL, FRONTEND_LOGIN_URL,
FRONTEND_LOGOUT_URL, and FRONTEND_REGISTER_URL.
* Redirect /signin and /signup to the LMS logistration.
* Add custom metric `uses_pattern_library`.
* Add custom metric `student_activate_account`.
* Add Django Settings to allow /signin, /signup, and /login_post to be
disabled once ready.
This work also relates to ARCH-218 and DEPR-6.
ARCH-1253
Refactored enterprise unlink code to fix ENT-1890
Fixed quality violations and brokent test
Fixed pylint quality violations
Fixed failing unit test
Fixed broken test after rebasing with master
Usernames containing unicode characters were
reportedly not showing up correctly in the
registration form when registered with MOE/SAML,
FB and Google.
This change fixes the issue by overriding the
django setting SOCIAL_AUTH_CLEAN_USERNAMES to
disable the default username check that wasn't
allowing non-ascii values.
* Add IdentityServer3 Backend
This adds a backend for users who want to use IdentityServer3 as their
SSO provider. It can be used with the OAuth2ProviderConfig in django
admin to point to an external provider.
We are doing this for two reasons:
1. We suspect that the get_username function in social_core is performing a case-sensitive
username check which is breaking when we try to create the user with a duplicate username.
This version ensures we perform a case insensitive check.
2. If it's not that, we want more logging information in order to debug the issue.
