From 2de48c11770fb6148c3583ec05ee007d8f3338a3 Mon Sep 17 00:00:00 2001 From: Ben Lu Date: Fri, 2 Feb 2024 15:55:29 -0600 Subject: [PATCH] fix: auth JWKS endpoint The original implementation of the endpoint returned a string instead of a JSON object. This fixes the return value to be the JSON object. --- openedx/core/djangoapps/user_authn/views/auth.py | 5 +++-- openedx/core/djangoapps/user_authn/views/tests/test_auth.py | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/openedx/core/djangoapps/user_authn/views/auth.py b/openedx/core/djangoapps/user_authn/views/auth.py index d2a8ab231442..673b2230ddeb 100644 --- a/openedx/core/djangoapps/user_authn/views/auth.py +++ b/openedx/core/djangoapps/user_authn/views/auth.py @@ -1,6 +1,6 @@ """ Views related to auth. """ - +import json from common.djangoapps.util.json_request import JsonResponse from django.conf import settings @@ -13,4 +13,5 @@ def get_public_signing_jwks(request): if not jwt_dict.get('JWT_PUBLIC_SIGNING_JWK_SET'): return JsonResponse({'error': 'JWK set is not found'}, status=400) jwks = jwt_dict['JWT_PUBLIC_SIGNING_JWK_SET'] - return JsonResponse(jwks, status=200) + # jwks is a string here, need to convert it to dict + return JsonResponse(json.loads(jwks), status=200) diff --git a/openedx/core/djangoapps/user_authn/views/tests/test_auth.py b/openedx/core/djangoapps/user_authn/views/tests/test_auth.py index fed7551a5938..7ca8bc96fbaf 100644 --- a/openedx/core/djangoapps/user_authn/views/tests/test_auth.py +++ b/openedx/core/djangoapps/user_authn/views/tests/test_auth.py @@ -20,7 +20,7 @@ def _get_jwks(self, accepts='application/json'): return self.client.get(url, HTTP_ACCEPT=accepts) - @mock.patch.dict(settings.JWT_AUTH, {'JWT_PUBLIC_SIGNING_JWK_SET': None}) + @mock.patch.dict(settings.JWT_AUTH, {'JWT_PUBLIC_SIGNING_JWK_SET': ''}) def test_get_public_signing_jwks_with_no_jwk_set(self): """ Test JWT_PUBLIC_SIGNING_JWK_SET is undefined """ resp = self._get_jwks() @@ -28,7 +28,7 @@ def test_get_public_signing_jwks_with_no_jwk_set(self): assert resp.status_code == 400 assert 'JWK set is not found' in content['error'] - @mock.patch.dict(settings.JWT_AUTH, {'JWT_PUBLIC_SIGNING_JWK_SET': {'keys': []}}) + @mock.patch.dict(settings.JWT_AUTH, {'JWT_PUBLIC_SIGNING_JWK_SET': '{"keys": []}'}) def test_get_public_signing_jwks_with_jwk_set(self): """ Test JWT_PUBLIC_SIGNING_JWK_SET is defined """ resp = self._get_jwks()