diff --git a/cms/envs/bok_choy.env.json b/cms/envs/bok_choy.env.json
index cdb25a8fcb3ae38b550f1b52fe4b3caa8040df08..835bba51aed909573e21bb5cd25874b687c111fc 100644
--- a/cms/envs/bok_choy.env.json
+++ b/cms/envs/bok_choy.env.json
@@ -99,5 +99,4 @@
"TECH_SUPPORT_EMAIL": "technical@example.com",
"TIME_ZONE": "America/New_York",
"WIKI_ENABLED": true,
- "OAUTH_OIDC_ISSUER": "https://www.example.com/oauth2"
}
diff --git a/cms/envs/bok_choy.yml b/cms/envs/bok_choy.yml
index 8c44975e970daad90e1598a444b8d49e17e135cf..741918ef783e88a3e6cbea6cf73f52efda98d4f6 100644
--- a/cms/envs/bok_choy.yml
+++ b/cms/envs/bok_choy.yml
@@ -112,7 +112,6 @@ MODULESTORE:
- ENGINE: xmodule.modulestore.xml.XMLModuleStore
NAME: xml
OPTIONS: {data_dir: '** OVERRIDDEN **', default_class: xmodule.hidden_module.HiddenDescriptor}
-OAUTH_OIDC_ISSUER: https://www.example.com/oauth2
SECRET_KEY: ''
SERVER_EMAIL: devops@example.com
SESSION_COOKIE_DOMAIN: null
diff --git a/cms/envs/bok_choy_docker.env.json b/cms/envs/bok_choy_docker.env.json
index a1515c97f114795c40791048a88536cdd758e9b9..cc8b9daa53f57c4ff1d200ae9f3ac1a4b2b05cb6 100644
--- a/cms/envs/bok_choy_docker.env.json
+++ b/cms/envs/bok_choy_docker.env.json
@@ -98,5 +98,4 @@
"TECH_SUPPORT_EMAIL": "technical@example.com",
"TIME_ZONE": "America/New_York",
"WIKI_ENABLED": true,
- "OAUTH_OIDC_ISSUER": "https://www.example.com/oauth2"
}
diff --git a/cms/envs/bok_choy_docker.yml b/cms/envs/bok_choy_docker.yml
index cd2da8f7f28ec0840e39efdbec27a649c73d9b80..2a162460a43bde6fa7c77d4fbed87b11e1d2a003 100644
--- a/cms/envs/bok_choy_docker.yml
+++ b/cms/envs/bok_choy_docker.yml
@@ -112,7 +112,6 @@ MODULESTORE:
- ENGINE: xmodule.modulestore.xml.XMLModuleStore
NAME: xml
OPTIONS: {data_dir: '** OVERRIDDEN **', default_class: xmodule.hidden_module.HiddenDescriptor}
-OAUTH_OIDC_ISSUER: https://www.example.com/oauth2
SECRET_KEY: ''
SERVER_EMAIL: devops@example.com
SESSION_COOKIE_DOMAIN: null
diff --git a/cms/envs/common.py b/cms/envs/common.py
index 6157e6e40832ff2465ed277214134c27997a3806..696fee419b4415a7e95e35bffc0e8782e473c883 100644
--- a/cms/envs/common.py
+++ b/cms/envs/common.py
@@ -1826,8 +1826,6 @@ CACHES = {
############################ OAUTH2 Provider ###################################
-# OpenID Connect issuer ID. Normally the URL of the authentication endpoint.
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'
# 5 minute expiration time for JWT id tokens issued for external API requests.
OAUTH_ID_TOKEN_EXPIRATION = 5 * 60
diff --git a/cms/envs/devstack.py b/cms/envs/devstack.py
index 47c2ac786fd617d28bf6a26ebe3d03f4660fb45f..460b357ebd7a2d38143d197a31d5cf69746752c4 100644
--- a/cms/envs/devstack.py
+++ b/cms/envs/devstack.py
@@ -136,8 +136,6 @@ FEATURES['FRONTEND_APP_PUBLISHER_URL'] = 'http://localhost:18400'
REQUIRE_DEBUG = DEBUG
########################### OAUTH2 #################################
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'
-
JWT_AUTH.update({
'JWT_SECRET_KEY': 'lms-secret',
'JWT_ISSUER': 'http://127.0.0.1:8000/oauth2',
diff --git a/cms/envs/devstack_docker.py b/cms/envs/devstack_docker.py
index 407d44bd20463f9cffd617620e0fa67ae1b677de..20a4f3346a44996863e343403d6f55534fb5a4f0 100644
--- a/cms/envs/devstack_docker.py
+++ b/cms/envs/devstack_docker.py
@@ -21,10 +21,8 @@ FEATURES.update({
CREDENTIALS_SERVICE_USERNAME = 'credentials_worker'
-OAUTH_OIDC_ISSUER = '{}/oauth2'.format(LMS_ROOT_URL)
-
JWT_AUTH.update({
+ 'JWT_ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
'JWT_SECRET_KEY': 'lms-secret',
- 'JWT_ISSUER': OAUTH_OIDC_ISSUER,
'JWT_AUDIENCE': 'lms-key',
})
diff --git a/cms/envs/production.py b/cms/envs/production.py
index eb89b8bde4599d1787c77e4d0ac52749f9319f4b..aa254585e6d8fde369639bca5ab9b08c3aa5c756 100644
--- a/cms/envs/production.py
+++ b/cms/envs/production.py
@@ -545,9 +545,6 @@ XBLOCK_SETTINGS.setdefault("VideoBlock", {})['YOUTUBE_API_KEY'] = AUTH_TOKENS.ge
############################ OAUTH2 Provider ###################################
-# OpenID Connect issuer ID. Normally the URL of the authentication endpoint.
-OAUTH_OIDC_ISSUER = ENV_TOKENS['OAUTH_OIDC_ISSUER']
-
#### JWT configuration ####
JWT_AUTH.update(ENV_TOKENS.get('JWT_AUTH', {}))
JWT_AUTH.update(AUTH_TOKENS.get('JWT_AUTH', {}))
diff --git a/lms/envs/common.py b/lms/envs/common.py
index f24110c04a982ad49e00a1e89446cfb19f799cf1..936caa43dc44edb70c2f622316f7eea8ad22898f 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -551,15 +551,7 @@ CACHES = {
},
}
-############################ OpenID Provider ##################################
-OPENID_PROVIDER_TRUSTED_ROOTS = ['cs50.net', '*.cs50.net']
-
############################ OAUTH2 Provider ###################################
-
-# OpenID Connect issuer ID. Normally the URL of the authentication endpoint.
-
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'
-
OAUTH_EXPIRE_CONFIDENTIAL_CLIENT_DAYS = 365
OAUTH_EXPIRE_PUBLIC_CLIENT_DAYS = 30
diff --git a/lms/envs/devstack.py b/lms/envs/devstack.py
index d544a9a4e7b1d15abeebbb45aff43be12689525c..b440eb38410bf99c58caa4c0e70184b7b148f136 100644
--- a/lms/envs/devstack.py
+++ b/lms/envs/devstack.py
@@ -140,10 +140,8 @@ CC_PROCESSOR = {
########################### External REST APIs #################################
FEATURES['ENABLE_OAUTH2_PROVIDER'] = True
-OAUTH_OIDC_ISSUER = 'http://127.0.0.1:8000/oauth2'
FEATURES['ENABLE_MOBILE_REST_API'] = True
FEATURES['ENABLE_VIDEO_ABSTRACTION_LAYER_API'] = True
-ENABLE_DOP_ADAPTER = False
########################## SECURITY #######################
FEATURES['ENABLE_MAX_FAILED_LOGIN_ATTEMPTS'] = False
@@ -246,7 +244,7 @@ LOGIN_REDIRECT_WHITELIST = [CMS_BASE]
###################### JWTs ######################
# pylint: disable=unicode-format-string
JWT_AUTH.update({
- 'JWT_ISSUER': OAUTH_OIDC_ISSUER,
+ 'JWT_ISSUER': 'http://127.0.0.1:8000/oauth2',
'JWT_AUDIENCE': 'lms-key',
'JWT_SECRET_KEY': 'lms-secret',
'JWT_SIGNING_ALGORITHM': 'RS512',
diff --git a/lms/envs/devstack_docker.py b/lms/envs/devstack_docker.py
index 19bada8af3a795e7715dc5343fc210f25f814f6d..71182550fada22b47e46e8ce421638400591987b 100644
--- a/lms/envs/devstack_docker.py
+++ b/lms/envs/devstack_docker.py
@@ -25,10 +25,8 @@ ENTERPRISE_API_URL = '{}/enterprise/api/v1/'.format(LMS_INTERNAL_ROOT_URL)
CREDENTIALS_INTERNAL_SERVICE_URL = 'http://edx.devstack.credentials:18150'
CREDENTIALS_PUBLIC_SERVICE_URL = 'http://localhost:18150'
-OAUTH_OIDC_ISSUER = '{}/oauth2'.format(LMS_ROOT_URL)
-
JWT_AUTH.update({
- 'JWT_ISSUER': OAUTH_OIDC_ISSUER,
+ 'JWT_ISSUER': '{}/oauth2'.format(LMS_ROOT_URL),
})
FEATURES.update({
diff --git a/lms/envs/production.py b/lms/envs/production.py
index f521914873273c10a5478282f684ed789133ce3b..fcff4a9b0b1cfe8c6905fb81538bf4b44588863b 100644
--- a/lms/envs/production.py
+++ b/lms/envs/production.py
@@ -756,7 +756,6 @@ if FEATURES.get('ENABLE_THIRD_PARTY_AUTH'):
##### OAUTH2 Provider ##############
if FEATURES.get('ENABLE_OAUTH2_PROVIDER'):
- OAUTH_OIDC_ISSUER = ENV_TOKENS['OAUTH_OIDC_ISSUER']
OAUTH_ENFORCE_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_SECURE', True)
OAUTH_ENFORCE_CLIENT_SECURE = ENV_TOKENS.get('OAUTH_ENFORCE_CLIENT_SECURE', True)
# Defaults for the following are defined in lms.envs.common
diff --git a/lms/envs/test.py b/lms/envs/test.py
index ff3cd29a94a5b03b081ab6a322fa37bc62d5eb56..cc10e2a0a8991569d94f7a860f07c7635569a509 100644
--- a/lms/envs/test.py
+++ b/lms/envs/test.py
@@ -281,8 +281,6 @@ OPENID_PROVIDER_TRUSTED_ROOTS = ['*']
############################## OAUTH2 Provider ################################
FEATURES['ENABLE_OAUTH2_PROVIDER'] = True
-# don't cache courses for testing
-OIDC_COURSE_HANDLER_CACHE_TIMEOUT = 0
OAUTH_ENFORCE_SECURE = False
########################### External REST APIs #################################
diff --git a/openedx/core/djangoapps/oauth_dispatch/tests/test_views.py b/openedx/core/djangoapps/oauth_dispatch/tests/test_views.py
index 269fa89af9e2542819ec3455c54dda25c5cb1375..acc463ddbee4f42165307053d5c95222a8f6ca4e 100644
--- a/openedx/core/djangoapps/oauth_dispatch/tests/test_views.py
+++ b/openedx/core/djangoapps/oauth_dispatch/tests/test_views.py
@@ -557,11 +557,6 @@ class TestViewDispatch(TestCase):
view_object = views.AccessTokenView()
self.assertRaises(KeyError, view_object.get_view_for_backend, None)
- def test_dop_toggle_enforced(self):
- with self.settings(ENABLE_DOP_ADAPTER=False):
- request = self._get_request('dop-id')
- self.assertEqual(self.view.select_backend(request), self.dot_adapter.backend)
-
class TestRevokeTokenView(AccessTokenLoginMixin, _DispatchingViewTestCase): # pylint: disable=abstract-method
"""