Skip to content

Commit

Permalink
Revert "feat: DEPR USE-JWT-COOKIE header (#35393)" (#35397)
Browse files Browse the repository at this point in the history
This reverts commit 1c2b804.
  • Loading branch information
robrap authored Aug 29, 2024
1 parent 5323c55 commit 01c718d
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 1 deletion.
1 change: 1 addition & 0 deletions cms/envs/common.py
Original file line number Diff line number Diff line change
Expand Up @@ -2544,6 +2544,7 @@
# because that decision might happen in a later config file. (The headers to
# allow is an application logic, and not site policy.)
CORS_ALLOW_HEADERS = corsheaders_default_headers + (
'use-jwt-cookie',
'content-range',
'content-disposition',
)
Expand Down
4 changes: 3 additions & 1 deletion lms/envs/common.py
Original file line number Diff line number Diff line change
Expand Up @@ -3686,7 +3686,9 @@ def _make_locale_paths(settings): # pylint: disable=missing-function-docstring
# Set CORS_ALLOW_HEADERS regardless of whether we've enabled ENABLE_CORS_HEADERS
# because that decision might happen in a later config file. (The headers to
# allow is an application logic, and not site policy.)
CORS_ALLOW_HEADERS = corsheaders_default_headers
CORS_ALLOW_HEADERS = corsheaders_default_headers + (
'use-jwt-cookie',
)

# Default cache expiration for the cross-domain proxy HTML page.
# This is a static page that can be iframed into an external page
Expand Down
5 changes: 5 additions & 0 deletions openedx/core/djangoapps/user_authn/tests/test_cookies.py
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,9 @@ def _copy_cookies_to_request(self, response, request):
for key, val in response.cookies.items()
}

def _set_use_jwt_cookie_header(self, request):
request.META['HTTP_USE_JWT_COOKIE'] = 'true'

def _assert_recreate_jwt_from_cookies(self, response, can_recreate):
"""
If can_recreate is True, verifies that a JWT can be properly recreated
Expand Down Expand Up @@ -130,6 +133,7 @@ def test_set_logged_in_deprecated_cookies(self):
@patch.dict("django.conf.settings.FEATURES", {"DISABLE_SET_JWT_COOKIES_FOR_TESTS": False})
def test_set_logged_in_jwt_cookies(self):
setup_login_oauth_client()
self._set_use_jwt_cookie_header(self.request)
response = cookies_api.set_logged_in_cookies(self.request, HttpResponse(), self.user)
self._assert_cookies_present(response, cookies_api.ALL_LOGGED_IN_COOKIE_NAMES)
self._assert_consistent_expires(response, num_of_unique_expires=2)
Expand All @@ -149,6 +153,7 @@ def test_delete_and_are_logged_in_cookies_set(self):
@patch.dict("django.conf.settings.FEATURES", {"DISABLE_SET_JWT_COOKIES_FOR_TESTS": False})
def test_refresh_jwt_cookies(self):
setup_login_oauth_client()
self._set_use_jwt_cookie_header(self.request)
response = cookies_api.get_response_with_refreshed_jwt_cookies(self.request, self.user)
data = json.loads(response.content.decode('utf8').replace("'", '"'))
assert data['success'] is True
Expand Down

0 comments on commit 01c718d

Please sign in to comment.