ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
canvas-lms/app
History
Ethan Vizitei 47f2dc93cf Teach Canvas to consume JWT 
closes CNVS-24286

Add JWT (wrapped and signed by shared secret)
as a viable authentication method.

Also remove deprecation errors from login template

TEST PLAN:
1) have ECOSYSTEM_* env vars set (docker helps)
2) login as a user
3) take a token from "/jwts/generate"
4) wrap that token in another token signed
with the shared secret (ECOSYSTEM_SECRET,
see services_jwt_spec.rb for a way to do this)
5) use the base64 encoded string as a bearer
token for canvas
6) try it again in 70 minutes or so (the same
token), it should now be expired.

Change-Id: I721f42d7c9ca7edc82bc75b116354dd3edc50a88
Reviewed-on: https://gerrit.instructure.com/66110
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
 		2015-11-11 23:59:37 +00:00
..
coffeescripts show alt-text warning when inserting images into quizzes 2015-11-11 19:40:28 +00:00
controllers Teach Canvas to consume JWT 2015-11-11 23:59:37 +00:00
helpers fix so script bundles load on pages that include plugin JS 2015-11-05 22:27:19 +00:00
jsx fix grading scheme permissions 2015-11-11 17:13:47 +00:00
messages due date in assignment created notification 2015-11-05 04:02:56 +00:00
middleware re-include session_id in logs 2015-10-02 19:33:50 +00:00
models don't prematurely limit the needs_grading_count query 2015-11-11 17:45:41 +00:00
observers clear site admin users cache in all regions 2015-07-16 14:37:26 +00:00
presenters add graded anonymously indicator to grade summary page 2015-10-22 15:09:47 +00:00
serializers adds ability to filter quiz statistics by section 2015-09-23 23:54:28 +00:00
stylesheets Small calendar UI fixes 2015-11-11 21:44:27 +00:00
views Teach Canvas to consume JWT 2015-11-11 23:59:37 +00:00