PSA was monolothic, now split, with new features, like
a DB-backed partial pipeline. FB OAuth2 version also upped.
Partial pipelines don't get cleared except when necessary.
They persist for special cases like change of browser while
still mid-pipeline (i.e. email validation step).
Refactor, cleanup, and update of a lot of small things as well.
PLEASE NOTE the new `social_auth_partial` table.
When authenticating using an SAML IdP, gather additional user
data besides what is standard. Requires admin to input JSON
in settings to recognize the additional user data.
This sock sits at the bottom of both the home and the course content pages. It allows the user to click a 'Learn More' button to open a panel that allows the user to navigate to the upgrade checkout page. The sock is only shown for users that have not yet upgraded in a course that has a verification upgrade date that has not yet passed. Python tests cover the various course mode and upgrade dates.
The cryptography package is designed to be the "cryptographic
standard library" for Python developers. (Documents are online
at https://cryptography.io/en/latest/).
The use case for adding this is to bring encrypted claims from
outside edX into a course for assigning a grade using CAPA.
As an example, imagine that users enrolled in a computer security
and penetration testing class on edX are challenged to advance
as many levels as possible in a certain capture-the-flag (CTF)
puzzle hosted on an external app.
The external platform may provide the users an encrypted, tamper-
resistant token allowing them to enter that into an edX CAPA
auto-graded exercise in order for the edX user to claim credit
within the edX course.
For example, the external platform might take some plaintext JSON
like this:
{'user': 'isaac@example.com', 'score': 30}
And then use the Fernet symmetric encryption to give the user a
token like this:
gAAAAABZQX8xwdtvpdnTtuXWQUnbTPVA-Gw5dz6-kXFuKi0_2jpqFkSG
Dhy-BugBx38xhUfbmao9KwIhcxZt0uBAE0WT_uzjagLn7BwRIQP4Ap_B
r4e797QQllWcaHXVHhskHk6ETohc
Because the external platform and the `loncapa/python` script share
a secret, this token (1) means nothing to the user, (2) can be
decrypted on the edX side and used accordingly, and (3) won't
work if tampered with in between.
There are probably other use cases for using tokens, HMAC, or
encryption with autograded exercises. In any case, the crytography
library is well tested and reliable, so adding it presents little
risk and will probably benefit others.
