Update ecommerce JWT settings

Add JWT_ISSUERS list to ecommerce defaults. Also specify values for JWT_ALGORITHM and JWT_DECODE_HANDLER.

Update ecommerce JWT settings
Add JWT_ISSUERS list to ecommerce defaults. Also specify values for JWT_ALGORITHM and JWT_DECODE_HANDLER.
f68da0b3 · Renzo Lucioni · b1b08d15 · f68da0b3
Commit f68da0b3 authored Oct 05, 2015 by Renzo Lucioni
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletions

playbooks/roles/ecommerce/defaults/main.yml
+8 -1

No files found.
--- a/playbooks/roles/ecommerce/defaults/main.yml
+++ b/playbooks/roles/ecommerce/defaults/main.yml
@@ -44,7 +44,12 @@ ECOMMERCE_EDX_API_KEY: 'PUT_YOUR_API_KEY_HERE'  # This should match the value se
 ECOMMERCE_ECOMMERCE_URL_ROOT: 'http://localhost:8002'
 ECOMMERCE_LMS_URL_ROOT: 'http://127.0.0.1:8000'
 ECOMMERCE_JWT_SECRET_KEY: 'SET-ME-PLEASE' # This should match the value set for edxapp
+ECOMMERCE_JWT_ALGORITHM: 'HS256'
 ECOMMERCE_JWT_VERIFY_EXPIRATION: true
+ECOMMERCE_JWT_DECODE_HANDLER: 'ecommerce.extensions.api.handlers.jwt_decode_handler'
+ECOMMERCE_JWT_ISSUERS:
+  - '{{ ECOMMERCE_LMS_URL_ROOT }}/oauth2'
+  - 'ecommerce_worker'

 # Used to automatically configure OAuth2 Client
 ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY : 'some-secret'
@@ -121,8 +126,10 @@ ECOMMERCE_SERVICE_CONFIG:
  LMS_DASHBOARD_URL: '{{ ECOMMERCE_LMS_URL_ROOT }}/dashboard'
  JWT_AUTH:
    JWT_SECRET_KEY: '{{ ECOMMERCE_JWT_SECRET_KEY }}'
-    JWT_ISSUER: '{{ ECOMMERCE_LMS_URL_ROOT }}/oauth2'
+    JWT_ALGORITHM: '{{ ECOMMERCE_JWT_ALGORITHM }}'
    JWT_VERIFY_EXPIRATION: '{{ ECOMMERCE_JWT_VERIFY_EXPIRATION }}'
+    JWT_DECODE_HANDLER: '{{ ECOMMERCE_JWT_DECODE_HANDLER }}'
+    JWT_ISSUERS: '{{ ECOMMERCE_JWT_ISSUERS }}'
  SOCIAL_AUTH_EDX_OIDC_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_KEY }}'
  SOCIAL_AUTH_EDX_OIDC_SECRET: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'
  SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: '{{ ECOMMERCE_SOCIAL_AUTH_EDX_OIDC_SECRET }}'