Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
49,248 Commits 1 Branch 0 Tags
c597d91fbd9a94de881173848cfe754830eab0cf
Commit Graph

71 Commits

Author SHA1 Message Date
Robert Raposa
c12048ed1f add optional scopes to create application access 
Supply create_dot_application with optional scopes argument to create
an oauth_dispatch ApplicationAccess with the provided scopes.

ARCH-603
 2019-03-28 17:04:30 -04:00
Christopher Pappas
3fcf99f65b ENT-1556 - Adding in roles claim to jwt for use with edx rbac 
Adding logic that adds roles to jwt

Quality fixes
 2019-03-28 14:17:07 -04:00
Robert Raposa
e52db402b8 add user_id scope to the list of available scopes 
This should have been done when the scope was first added as part
of (#19765).

ARCH-603
 2019-03-27 19:00:04 -04:00
Nimisha Asthagiri
e4f935aab3 JWT Cookie updates: remove refresh cookie, cookie expires with JWT 
ARCH-418, ARCH-548
 2019-03-12 09:14:33 -04:00
Julia Eskew
d74ec765b5 Add skip-authorization flag for DOT application creation. 2019-02-25 12:42:21 -05:00
bmedx
7df1e05f49 Fix xxslint errors in touched files 2019-02-19 11:24:24 -05:00
Julia Eskew
368f221f0a Initial start on annotations. 2019-02-19 11:24:21 -05:00
Matthew Piatetsky
f294b1a374 fix unicode strings in openedx/ part 1 2019-02-13 10:47:35 -05:00
Robert Raposa
a213104790 add user_id scope and claim for JWT cookies 
The following changes are made to add LMS user_id:
* Adds user_id scope to the JWT to provide the LMS user_id.
* JWT cookies always use the user_id claim.

ARCH-379
 2019-02-07 10:44:35 -05:00
Julia Eskew
ed239ed0fd Read client ID/secret from DOT application instead of DOP client. 2019-01-31 13:57:23 -05:00
Jillian Vogel
f1a65c588a Adds optional args to create_dot_application command 
Allows for the creation of public applications, and the passing of the
client_id or client_secret to the command, e.g. from a configuration playbook
 2019-01-10 20:18:18 +10:30
Nimisha Asthagiri
b4f0796ce6 Merge pull request #19327 from edx/arch/adr-jwt-cookie-opt-in 
Update jwt-in-session-cookie decision with HTTP_USE_JWT_COOKIE header
 2018-11-28 11:56:40 -05:00
Nimisha Asthagiri
9a0812fcde Add email_verified field in JWT token 2018-11-28 06:36:48 -05:00
Nimisha Asthagiri
f19809c526 Update jwt-in-session-cookie decision to include HTTP_USE_JWT_COOKIE header 2018-11-27 23:59:34 -05:00
Ned Batchelder
3353e7425e Remove unused imports 2018-11-03 16:07:05 -04:00
Nimisha Asthagiri
45dadca18b Add email and profile scopes in JWT Cookies 2018-10-18 08:11:04 -04:00
Robert Raposa
fbc59231fc Update edx-drf-extensions to 2.0.0. 
Note: this version update is backward incompatible.

ARCH-255
 2018-10-17 01:00:34 -04:00
Nimisha Asthagiri
13d4091a1a Fix overriding of token expiration in DOT (ARCH-246) 2018-10-08 17:43:25 -04:00
Douglas Hall
dec77f2ad3 Add decisions record related to frontent apps and CSRF protection. 2018-10-03 11:28:58 -04:00
Nimisha Asthagiri
02ba5fb0e8 Login service support for JWT Cookies 2018-10-01 13:08:40 -04:00
Nimisha Asthagiri
b7deedfb36 Refactor Login Cookies 2018-09-25 09:12:08 -04:00
edx-pipeline-bot
89963efd3a Merge pull request #18968 from edx/release-mergeback-to-master 
Merge release back to master
 2018-09-18 12:56:07 -04:00
Nimisha Asthagiri
1376409351 Decision: Transport JWT in HTTP Cookies 2018-09-17 14:44:01 -04:00
Nimisha Asthagiri
e2ff1ec537 Merge pull request #18917 from edx/arch/user-authn-app 
Consolidate user login and authentication code
 2018-09-15 10:00:51 -04:00
Nimisha Asthagiri
8cf44283c9 Consolidate user login and authentication code 2018-09-15 03:21:39 -04:00
Kevin Falcone
bc082aa1ac Mark the interdependency between our code and DOT 
We need to drop the Foreign Keys, apply their two migrations and then
re-add the Foreign Keys but Django gets to decide on the apply order and
this helps ensure we get the one we want.
 2018-09-13 09:54:30 -04:00
Robert Raposa
9a7c224f18 Restore constraints after DOT upgrade. 
ARCH-180
 2018-09-13 09:54:30 -04:00
Robert Raposa
c7800acaa0 Restore "Upgrade DOT to 1.1.2." 
This upgrades DOT by reverting the revert.

This reverts commit 4d8b9c3

ARCH-180
 2018-09-13 09:54:30 -04:00
Robert Raposa
a31fca4e47 Drop constraints before DOT Upgrade. 
ARCH-180
 2018-09-13 09:54:29 -04:00
Nimisha Asthagiri
700a902b68 Cleanup and remove deprecated RequestCache Django app 
ARCH-223
 2018-09-12 14:39:11 -04:00
Jeremy Bowman
d90afa4cde TE-2689 Remove useless pylint suppressions part 5 2018-08-21 11:07:52 -04:00
Robert Raposa
99c9eb7343 Migrate to edx-django-utils monitoring. 
ARCH-220
 2018-08-17 15:39:04 -04:00
Nimisha Asthagiri
ae9b8956e0 Management command: generate_jwt_signing_key 2018-07-30 16:09:46 -04:00
Nimisha Asthagiri
eac1ce7bfd Asymmetric JWT support 2018-07-30 07:17:08 -04:00
Robert Raposa
86ce4e2b3a Allow metrics for failed responses. 
- Move metrics out from 200 status check.
- Add value for token type not supplied.
- Add tests.

ARCH-164
 2018-07-18 15:21:09 -04:00
Robert Raposa
5738086c17 Add oauth_dispatch metrics. 
ARCH-164
 2018-07-13 13:57:11 -04:00
Robert Raposa
4d8b9c36ae Revert "Upgrade DOT to 1.1.2." 
There was an issue with migrations on sandboxes.

This reverts commit 58f6e92
 2018-07-12 14:45:39 -04:00
Robert Raposa
58f6e92522 Upgrade DOT to 1.1.2. 2018-07-11 17:36:56 -04:00
Nimisha Asthagiri
66afa24bfe Authn: Remove unneeded openid-configuration View 2018-07-10 17:35:18 -04:00
Nimisha Asthagiri
c68a5a3fb6 Authn: Remove unneeded Jwks View 2018-07-10 17:35:02 -04:00
Jeremy Bowman
809f3d51e7 TE-2629 Use better field type for applicationaccess.application 2018-06-29 14:23:09 -04:00
Douglas Hall
db22939193 Add OAuth2 Scopes and Filters to JWTs. 2018-06-28 10:30:09 -04:00
Douglas Hall
bab6e3669c Add new custom DOT Application model to support OAuth2 per-application scopes. 
This also introduces a model for persisting organization-based filters on
a per-application basis. See openedx/core/djangoapps/oauth_dispatch/docs/decisions/0007-include-organizations-in-tokens.rst
for additional details.
 2018-06-20 16:31:19 -04:00
Michael Youngstrom
f4dc2ca000 Merge pull request #18314 from edx/youngstrom/remove_django_18_shim 
Remove temp django upgrade logic
 2018-06-06 11:09:17 -04:00
Tyler Hallada
1f42d1b384 Merge pull request #18316 from edx/thallada/PLAT-1524-on-delete 
PLAT-1524: Add on_delete kwarg to ForeignKey & OneToOneFields
 2018-06-06 10:38:15 -04:00
Michael Youngstrom
26b4e30833 Remove django 1.8 shim 2018-06-06 10:34:56 -04:00
Tyler Hallada
1540f9ec72 Add on_delete kwarg to ForeignKey & OneToOneFields 
Django 2.0 will make this field required for `ForeignKey` and `OneToOneFields`.
In previous versions the option defaulted to `models.CASCADE` when not
specified. This change should make the deprecation warnings in the current
Django version go away.

The migrations where also modified, but the changes should not cause a change in
the database schema since `models.CASCADE` was already the old default.
 2018-06-05 17:05:12 -04:00
Eric Fischer
247bb50ed2 s/django.core.urlresolvers/django.urls/g 
Django 1.10 deprecation fix for Hackathon XIX
Addresses PLAT-1397
 2018-06-05 13:59:09 -04:00
Nimisha Asthagiri
246ebc14c2 Merge pull request #18139 from edx/arch/update-oauth-scopes-doc 
Update OAuth decision 7: including organizations in tokens
 2018-05-10 09:29:58 -04:00
Nimisha Asthagiri
e43f6370f7 Update OAuth decision 7: including organizations in tokens 2018-05-09 21:03:26 -04:00