ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
40,234 Commits 324 Branches 20,019 Tags 1.7 GiB
Commit Graph

4 Commits

Author SHA1 Message Date
Marc Phillips efdba8d77c Add client_credentials grant_type 
Oauth2.0 client_credentials grant_type is added as a means
to support LTI Advantage services. Will accept only the
client_assertion_type of jwt-bearer and returns a JWS as
the access token. LTI services using the jws will be able to
authenticate, but other api endpoints will fail when using
this jwt.

closes PLAT-3659

Test Plan:
 - Create an oauth 2.0 request using a jwt signed by a
   developer key
 - Request should be validated and returns a jwt with
   the correct scopes

Change-Id: I786b71e39f8d3c2c9c71aa3eff4ea490f6d56285
Reviewed-on: https://gerrit.instructure.com/161245
Tested-by: Jenkins
QA-Review: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Product-Review: Marc Alan Phillips <mphillips@instructure.com>
 2018-09-10 17:07:05 +00:00
wdransfield ab9381e75f Store public keys on developer key [ci no-db-snapshot] 
Closes PLAT-3684

Test Plan:
- Create a new developer key and call
  generate_rsa_keypair!
- Verify its public_jwk column was populated
- Verify its private_jwk attribute was populated
  (This attribute is volatile: It is only populated in memory, not
   persisted to the DB)

Change-Id: I8e1f0ebb597228f9e91f463d00bba1d360c27e6d
Reviewed-on: https://gerrit.instructure.com/161576
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
QA-Review: Marc Alan Phillips <mphillips@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
 2018-09-06 16:26:26 +00:00
Han Ngo 27d24538d6 Run Key Rotation Script as a Periodic Job in Canvas 
Closes PLAT-3508 & PLAT-3509

Test Plan:
- Verify the key rotate correctly (set current to past, future
to current, and the new key to future) in both cases: when there
is no existing key AND when there is key already in Consul
- Verify the script will be running every month
- Verify the keys got rotated using Imperium gem version '0.4.0'

Change-Id: I630f230b3cd1c515ebb266b532901b4260622173
Reviewed-on: https://gerrit.instructure.com/154529
Reviewed-by: Stewie aka Nicholas Stewart <nstewart@instructure.com>
QA-Review: Nathan Mills <nathanm@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
Tested-by: Jenkins
 2018-07-12 19:57:40 +00:00
Han Ngo 843ec80814 Canvas Creates Private-Public Key Pair & Copy into JWK Format 
Closes PLAT-3503 & PLAT-3504

Test Plan
- Verify Lti::RSAKeyPair can generate a private and a public key
- Verify the key pair can be read but not modified
- Verify the keys got copied into JWK format correctly

Change-Id: If83edebfbf631815e3078031623d6dead52017ec
Reviewed-on: https://gerrit.instructure.com/154187
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
Tested-by: Jenkins
QA-Review: Marc Alan Phillips <mphillips@instructure.com>
Product-Review: Han Ngo <hngo@instructure.com>
 2018-06-20 13:29:30 +00:00