LMS now passes JWT issuer and expiration date to ecommerce API client

lms/djangoapps/commerce/__init__.py

@@ -23,8 +23,14 @@ def is_commerce_service_configured():
 
 def ecommerce_api_client(user):
     """ Returns an E-Commerce API client setup with authentication for the specified user. """
-    return EcommerceApiClient(settings.ECOMMERCE_API_URL, settings.ECOMMERCE_API_SIGNING_KEY, user.username,
-                              user.profile.name, user.email, tracking_context=create_tracking_context(user))
+    return EcommerceApiClient(settings.ECOMMERCE_API_URL,
+                              settings.ECOMMERCE_API_SIGNING_KEY,
+                              user.username,
+                              user.profile.name,
+                              user.email,
+                              tracking_context=create_tracking_context(user),
+                              issuer=settings.JWT_ISSUER,
+                              expires_in=settings.JWT_EXPIRATION)
 
 
 # this is here to support registering the signals in signals.py

lms/djangoapps/commerce/tests/__init__.py

 # -*- coding: utf-8 -*-
 """ Commerce app tests package. """
+import datetime
+import json
 
+from django.conf import settings
 from django.test import TestCase
 from django.test.utils import override_settings
+from freezegun import freeze_time
 import httpretty
 import jwt
 import mock
 
+from ecommerce_api_client import auth
 from commerce import ecommerce_api_client
 from student.tests.factories import UserFactory
 
@@ -32,16 +37,20 @@ class EcommerceApiClientTest(TestCase):
 
     def setUp(self):
         super(EcommerceApiClientTest, self).setUp()
+
         self.user = UserFactory()
         self.user.email = self.TEST_USER_EMAIL
         self.user.save()  # pylint: disable=no-member
 
     @httpretty.activate
+    @freeze_time('2015-7-2')
+    @override_settings(JWT_ISSUER='http://example.com/oauth', JWT_EXPIRATION=30)
     def test_tracking_context(self):
         """
         Ensure the tracking context is set up in the api client correctly and
         automatically.
         """
+
         # fake an ecommerce api request.
         httpretty.register_uri(
             httpretty.POST,
@@ -49,6 +58,7 @@ class EcommerceApiClientTest(TestCase):
             status=200, body='{}',
             adding_headers={'Content-Type': JSON}
         )
+
         mock_tracker = mock.Mock()
         mock_tracker.resolve_context = mock.Mock(return_value={'client_id': self.TEST_CLIENT_ID})
         with mock.patch('commerce.tracker.get_tracker', return_value=mock_tracker):
@@ -60,11 +70,14 @@ class EcommerceApiClientTest(TestCase):
             'username': self.user.username,
             'full_name': self.user.profile.name,
             'email': self.user.email,
+            'iss': settings.JWT_ISSUER,
+            'exp': datetime.datetime.utcnow() + datetime.timedelta(seconds=settings.JWT_EXPIRATION),
             'tracking_context': {
                 'lms_user_id': self.user.id,  # pylint: disable=no-member
                 'lms_client_id': self.TEST_CLIENT_ID,
             },
         }
+
         expected_header = 'JWT {}'.format(jwt.encode(expected_payload, TEST_API_SIGNING_KEY))
         self.assertEqual(actual_header, expected_header)
 

lms/envs/common.py

@@ -2565,3 +2565,7 @@ CREDIT_HELP_LINK_URL = "#"
 # not expected to be active; this setting simply allows administrators to
 # route any messages intended for LTI users to a common domain.
 LTI_USER_EMAIL_DOMAIN = 'lti.example.com'
+
+# Number of seconds before JWT tokens expire
+JWT_EXPIRATION = 30
+JWT_ISSUER = None

requirements/edx/github.txt

@@ -52,7 +52,7 @@ git+https://github.com/edx/edx-lint.git@ed8c8d2a0267d4d42f43642d193e25f8bd575d9b
 -e git+https://github.com/edx/xblock-utils.git@213a97a50276d6a2504d8133650b2930ead357a0#egg=xblock-utils
 -e git+https://github.com/edx-solutions/xblock-google-drive.git@138e6fa0bf3a2013e904a085b9fed77dab7f3f21#egg=xblock-google-drive
 -e git+https://github.com/edx/edx-reverification-block.git@a286e89c73e1b788e35ac5b08a54b71a9fa63cfd#egg=edx-reverification-block
-git+https://github.com/edx/ecommerce-api-client.git@1.0.0#egg=ecommerce-api-client==1.0.0
+git+https://github.com/edx/ecommerce-api-client.git@1.1.0#egg=ecommerce-api-client==1.1.0
 -e git+https://github.com/edx/edx-user-state-client.git@64a8b603f42669bb7fdca03d364d4e8d3d6ad67d#egg=edx-user-state-client
 
 # Third Party XBlocks