Use the correct JWT key when querying the Catalog API.

ECOM-4441

Use the correct JWT key when querying the Catalog API.
ECOM-4441
5abb7732 · Peter Fogg · b38c4ed9 · 5abb7732 · 5abb7732
Commit 5abb7732 authored May 17, 2016 by Peter Fogg
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 3 deletions

openedx/core/djangoapps/api_admin/utils.py
+5 -1

openedx/core/lib/token_utils.py
+7 -2

No files found.
--- a/openedx/core/djangoapps/api_admin/utils.py
+++ b/openedx/core/djangoapps/api_admin/utils.py
 """ Course Discovery API Service. """
+from django.conf import settings
+
 from edx_rest_api_client.client import EdxRestApiClient
+from openedx.core.djangoapps.theming import helpers
 from openedx.core.lib.token_utils import get_id_token
 from provider.oauth2.models import Client

@@ -9,7 +12,8 @@ CLIENT_NAME = 'course-discovery'
 def course_discovery_api_client(user):
    """ Returns a Course Discovery API client setup with authentication for the specified user. """
    course_discovery_client = Client.objects.get(name=CLIENT_NAME)
+    secret_key = helpers.get_value('JWT_AUTH', settings.JWT_AUTH)['JWT_SECRET_KEY']
    return EdxRestApiClient(
        course_discovery_client.url,
-        jwt=get_id_token(user, CLIENT_NAME)
+        jwt=get_id_token(user, CLIENT_NAME, secret_key=secret_key)
    )
--- a/openedx/core/lib/token_utils.py
+++ b/openedx/core/lib/token_utils.py
@@ -11,7 +11,7 @@ from provider.oauth2.models import Client
 from student.models import UserProfile, anonymous_id_for_user


-def get_id_token(user, client_name):
+def get_id_token(user, client_name, secret_key=None):
    """Construct a JWT for use with the named client.

    The JWT is signed with the named client's secret, and includes the following claims:
@@ -31,6 +31,8 @@ def get_id_token(user, client_name):
    Arguments:
        user (User): User for which to generate the JWT.
        client_name (unicode): Name of the OAuth2 Client for which the token is intended.
+        secret_key (str): Optional secret key for signing the JWT. Defaults to the configured client secret
+            if not provided.

    Returns:
        str: the JWT
@@ -64,7 +66,10 @@ def get_id_token(user, client_name):
        'sub': anonymous_id_for_user(user, None),
    }

-    return jwt.encode(payload, client.client_secret)
+    if secret_key is None:
+        secret_key = client.client_secret
+
+    return jwt.encode(payload, secret_key)


 def get_asymmetric_token(user, client_id):