Skip to content

E
edx-platform
Commit 5abb7732 by Peter Fogg
Options

Use the correct JWT key when querying the Catalog API. 

ECOM-4441
parent b38c4ed9
Showing with 12 additions and 3 deletions
openedx/core/djangoapps/api_admin/utils.py
""" Course Discovery API Service. """ """ Course Discovery API Service. """
from django.conf import settings
from edx_rest_api_client.client import EdxRestApiClient from edx_rest_api_client.client import EdxRestApiClient
from openedx.core.djangoapps.theming import helpers
from openedx.core.lib.token_utils import get_id_token from openedx.core.lib.token_utils import get_id_token
from provider.oauth2.models import Client from provider.oauth2.models import Client
...@@ -9,7 +12,8 @@ CLIENT_NAME = 'course-discovery' ...@@ -9,7 +12,8 @@ CLIENT_NAME = 'course-discovery'
def course_discovery_api_client(user): def course_discovery_api_client(user):
""" Returns a Course Discovery API client setup with authentication for the specified user. """ """ Returns a Course Discovery API client setup with authentication for the specified user. """
course_discovery_client = Client.objects.get(name=CLIENT_NAME) course_discovery_client = Client.objects.get(name=CLIENT_NAME)
secret_key = helpers.get_value('JWT_AUTH', settings.JWT_AUTH)['JWT_SECRET_KEY']
return EdxRestApiClient( return EdxRestApiClient(
course_discovery_client.url, course_discovery_client.url,
jwt=get_id_token(user, CLIENT_NAME) jwt=get_id_token(user, CLIENT_NAME, secret_key=secret_key)
) )
openedx/core/lib/token_utils.py
...@@ -11,7 +11,7 @@ from provider.oauth2.models import Client ...@@ -11,7 +11,7 @@ from provider.oauth2.models import Client
from student.models import UserProfile, anonymous_id_for_user from student.models import UserProfile, anonymous_id_for_user
def get_id_token(user, client_name): def get_id_token(user, client_name, secret_key=None):
"""Construct a JWT for use with the named client. """Construct a JWT for use with the named client.
The JWT is signed with the named client's secret, and includes the following claims: The JWT is signed with the named client's secret, and includes the following claims:
...@@ -31,6 +31,8 @@ def get_id_token(user, client_name): ...@@ -31,6 +31,8 @@ def get_id_token(user, client_name):
Arguments: Arguments:
user (User): User for which to generate the JWT. user (User): User for which to generate the JWT.
client_name (unicode): Name of the OAuth2 Client for which the token is intended. client_name (unicode): Name of the OAuth2 Client for which the token is intended.
secret_key (str): Optional secret key for signing the JWT. Defaults to the configured client secret
if not provided.
Returns: Returns:
str: the JWT str: the JWT
...@@ -64,7 +66,10 @@ def get_id_token(user, client_name): ...@@ -64,7 +66,10 @@ def get_id_token(user, client_name):
'sub': anonymous_id_for_user(user, None), 'sub': anonymous_id_for_user(user, None),
} }
return jwt.encode(payload, client.client_secret) if secret_key is None:
secret_key = client.client_secret
return jwt.encode(payload, secret_key)
def get_asymmetric_token(user, client_id): def get_asymmetric_token(user, client_id):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment