Merge pull request #15383 from edx/saleem-latif/ENT-367-updates

ENT-367: Remove enterprise cookie when it is not needed any further.

lms/djangoapps/student_account/test/test_views.py

@@ -31,7 +31,7 @@ from commerce.models import CommerceConfiguration
 from commerce.tests import factories
 from commerce.tests.mocks import mock_get_orders
 from course_modes.models import CourseMode
-from edxmako.shortcuts import render_to_response
+from http.cookies import SimpleCookie
 from openedx.core.djangoapps.oauth_dispatch.tests import factories as dot_factories
 from openedx.core.djangoapps.programs.tests.mixins import ProgramsApiConfigMixin
 from openedx.core.djangoapps.site_configuration.tests.mixins import SiteMixin
@@ -542,6 +542,23 @@ class StudentAccountLoginAndRegistrationTest(ThirdPartyAuthTestMixin, UrlResetMi
             if logo_url:
                 self.assertContains(response, logo_url)
 
+    def test_enterprise_cookie_delete(self):
+        """
+        Test that enterprise cookies are deleted in login/registration views.
+
+        Cookies must be deleted in login/registration views so that *default* login/registration branding
+        is displayed to subsequent requests from non-enterprise customers.
+        """
+        cookies = SimpleCookie()
+        cookies[settings.ENTERPRISE_CUSTOMER_COOKIE_NAME] = 'test-enterprise-customer'
+        response = self.client.get(reverse('signin_user'), HTTP_ACCEPT="text/html", cookies=cookies)
+
+        self.assertIn(settings.ENTERPRISE_CUSTOMER_COOKIE_NAME, response.cookies)  # pylint:disable=no-member
+        enterprise_cookie = response.cookies[settings.ENTERPRISE_CUSTOMER_COOKIE_NAME]  # pylint:disable=no-member
+
+        self.assertEqual(enterprise_cookie['domain'], settings.BASE_COOKIE_DOMAIN)
+        self.assertEqual(enterprise_cookie.value, '')
+
     @override_settings(SITE_NAME=settings.MICROSITE_TEST_HOSTNAME)
     def test_microsite_uses_old_login_page(self):
         # Retrieve the login page from a microsite domain

lms/djangoapps/student_account/views.py

@@ -150,7 +150,15 @@ def login_and_registration_form(request, initial_mode="login"):
 
     context = update_context_for_enterprise(request, context)
 
-    return render_to_response('student_account/login_and_register.html', context)
+    response = render_to_response('student_account/login_and_register.html', context)
+
+    # Remove enterprise cookie so that subsequent requests show default login page.
+    response.delete_cookie(
+        configuration_helpers.get_value("ENTERPRISE_CUSTOMER_COOKIE_NAME", settings.ENTERPRISE_CUSTOMER_COOKIE_NAME),
+        domain=configuration_helpers.get_value("BASE_COOKIE_DOMAIN", settings.BASE_COOKIE_DOMAIN),
+    )
+
+    return response
 
 
 @require_http_methods(['POST'])

lms/envs/aws.py

@@ -959,7 +959,6 @@ ENTERPRISE_COURSE_ENROLLMENT_AUDIT_MODES = ENV_TOKENS.get(
     ENTERPRISE_COURSE_ENROLLMENT_AUDIT_MODES
 )
 
-
 ############## ENTERPRISE SERVICE API CLIENT CONFIGURATION ######################
 # The LMS communicates with the Enterprise service via the EdxRestApiClient class
 # The below environmental settings are utilized by the LMS when interacting with
@@ -998,6 +997,10 @@ ENTERPRISE_EXCLUDED_REGISTRATION_FIELDS = set(
         ENTERPRISE_EXCLUDED_REGISTRATION_FIELDS
     )
 )
+BASE_COOKIE_DOMAIN = ENV_TOKENS.get(
+    'BASE_COOKIE_DOMAIN',
+    BASE_COOKIE_DOMAIN
+)
 
 ############## CATALOG/DISCOVERY SERVICE API CLIENT CONFIGURATION ######################
 # The LMS communicates with the Catalog service via the EdxRestApiClient class

lms/envs/common.py

@@ -3219,6 +3219,7 @@ ENTERPRISE_EXCLUDED_REGISTRATION_FIELDS = {
     'mailing_address',
 }
 ENTERPRISE_CUSTOMER_COOKIE_NAME = 'enterprise_customer_uuid'
+BASE_COOKIE_DOMAIN = 'localhost'
 
 ############## Settings for Course Enrollment Modes ######################
 COURSE_ENROLLMENT_MODES = {