From 1c2b804ef7eb9d1ae98a01cb3bf33ced7c952149 Mon Sep 17 00:00:00 2001 From: Robert Raposa Date: Thu, 29 Aug 2024 08:27:47 -0400 Subject: [PATCH] feat: DEPR USE-JWT-COOKIE header (#35393) This repo is no longer using USE-JWT-COOKIE header, since it has the required edx-drf-extensions>10.2.0, where it was fully removed. This is final clean-up for this repo. See "[DEPR]: USE-JWT-COOKIE header" for more details: - https://github.com/openedx/edx-drf-extensions/issues/371 --- cms/envs/common.py | 1 - lms/envs/common.py | 4 +--- openedx/core/djangoapps/user_authn/tests/test_cookies.py | 5 ----- 3 files changed, 1 insertion(+), 9 deletions(-) diff --git a/cms/envs/common.py b/cms/envs/common.py index 45a8e97f3e51..dc94334c2e7d 100644 --- a/cms/envs/common.py +++ b/cms/envs/common.py @@ -2544,7 +2544,6 @@ # because that decision might happen in a later config file. (The headers to # allow is an application logic, and not site policy.) CORS_ALLOW_HEADERS = corsheaders_default_headers + ( - 'use-jwt-cookie', 'content-range', 'content-disposition', ) diff --git a/lms/envs/common.py b/lms/envs/common.py index 04a1753838ed..428c02951b6c 100644 --- a/lms/envs/common.py +++ b/lms/envs/common.py @@ -3686,9 +3686,7 @@ def _make_locale_paths(settings): # pylint: disable=missing-function-docstring # Set CORS_ALLOW_HEADERS regardless of whether we've enabled ENABLE_CORS_HEADERS # because that decision might happen in a later config file. (The headers to # allow is an application logic, and not site policy.) -CORS_ALLOW_HEADERS = corsheaders_default_headers + ( - 'use-jwt-cookie', -) +CORS_ALLOW_HEADERS = corsheaders_default_headers # Default cache expiration for the cross-domain proxy HTML page. # This is a static page that can be iframed into an external page diff --git a/openedx/core/djangoapps/user_authn/tests/test_cookies.py b/openedx/core/djangoapps/user_authn/tests/test_cookies.py index a90f20f19469..8a7841b3b980 100644 --- a/openedx/core/djangoapps/user_authn/tests/test_cookies.py +++ b/openedx/core/djangoapps/user_authn/tests/test_cookies.py @@ -74,9 +74,6 @@ def _copy_cookies_to_request(self, response, request): for key, val in response.cookies.items() } - def _set_use_jwt_cookie_header(self, request): - request.META['HTTP_USE_JWT_COOKIE'] = 'true' - def _assert_recreate_jwt_from_cookies(self, response, can_recreate): """ If can_recreate is True, verifies that a JWT can be properly recreated @@ -133,7 +130,6 @@ def test_set_logged_in_deprecated_cookies(self): @patch.dict("django.conf.settings.FEATURES", {"DISABLE_SET_JWT_COOKIES_FOR_TESTS": False}) def test_set_logged_in_jwt_cookies(self): setup_login_oauth_client() - self._set_use_jwt_cookie_header(self.request) response = cookies_api.set_logged_in_cookies(self.request, HttpResponse(), self.user) self._assert_cookies_present(response, cookies_api.ALL_LOGGED_IN_COOKIE_NAMES) self._assert_consistent_expires(response, num_of_unique_expires=2) @@ -153,7 +149,6 @@ def test_delete_and_are_logged_in_cookies_set(self): @patch.dict("django.conf.settings.FEATURES", {"DISABLE_SET_JWT_COOKIES_FOR_TESTS": False}) def test_refresh_jwt_cookies(self): setup_login_oauth_client() - self._set_use_jwt_cookie_header(self.request) response = cookies_api.get_response_with_refreshed_jwt_cookies(self.request, self.user) data = json.loads(response.content.decode('utf8').replace("'", '"')) assert data['success'] is True