* feat: choose signing cert explicitly in saml metadata
when parsing, we want to explicitly choose the use='signing' cert instead of accidentally choosing the encryption one
ENT-677
* test: test for parse_metadata_xml
* feat: also address case when signing key is absent
in this case we consider the 'use'-less keydescriptior as if it's for both signing and encryption
* test: test case for missing use=signing attribute
* test: fix test failure
rest-condition has not been updated for a while, and with DRF 3.9 it is no longer needed since the ability to combine Permission classes using boolean operators is now provided by DRF directly.
We squashed migrations in this djangoapp a while back.
This is the followup work to remove the migrations that were
squashed and to convert the squashed migration into a 'normal'
migration.
https://openedx.atlassian.net/browse/ARCHBOM-1177
Modify the existing login api in a way that
it will allow the user to login via username as well.
currently it is only allowing email to log the user in.
VAN-445
Modify the existing login api in a way that
it will allow the user to login via username as well.
currently it is only allowing email to log the user in.
VAN-445
This change associates users signing in using oauth providers when tpa is required, verifying that only a single database user is associated with the email.
For more information as to why this was added in a separate pipeline, check edx-platform#25935.
Since we are handling the MFE redirection in login_and_registration_form()
we don't need to handle it here. It's redirecting the enterprise users to
MFE instead of FE which is currently handled in login_and_registration_form()
view.
VAN-425
django-not-configured is an error raised by pylint (with
the pylint-django plugin) when it's not correctly configured.
We should not be applying lint amnesty for such a violation.
* Remove authentication, including SessionAuthentication, to fix CSRF
exemption by dropping CSRF check of SessionAuthentication.
* Several changes to make it more clear that only POST is supported and
clean up GET method testing.
* Removed the temporary 403 error logging that wasn't working.
* Removed test_single_access_token which was written for DOP, but
doesn't work with DOT. See
[MA-2122](https://openedx.atlassian.net/browse/MA-2122) for a ticket
about implementing this for DOT, although it doesn't seem to be a
priority. NOTE: A comment was added to the ticket explaining that this
test was removed.
* GET now returns default error for methods not allowed.
ARCHBOM-1667
