From 1bbd257319aed4bd7b8418b87f8390f2db5255d1 Mon Sep 17 00:00:00 2001 From: Robert Raposa Date: Thu, 29 Aug 2024 15:44:36 -0400 Subject: [PATCH] feat: DEPR USE-JWT-COOKIE header - Part 1 This repo is no longer using USE-JWT-COOKIE header, since it has the required edx-drf-extensions>10.2.0, where it was fully removed. This removes all uses of the header, except updating CORS_ALLOW_HEADERS, which can't be done before all MFEs and other callers stop sending the header. See "[DEPR]: USE-JWT-COOKIE header" for more details: - https://github.com/openedx/edx-drf-extensions/issues/371 --- docs/getting_started.rst | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/docs/getting_started.rst b/docs/getting_started.rst index 64b099271..1b6fff47f 100644 --- a/docs/getting_started.rst +++ b/docs/getting_started.rst @@ -119,11 +119,7 @@ To get a JWT role defined inside your cookie, do the following: "enterprise_learner:{another-enterprise-uuid}", "enterprise_openedx_operator:*" ] - #. Soon, you'll make a request to e.g. http://localhost:18160/api/v1/enterprise-catalogs/?format=json. Before you do this, - it's important that you can make the request with an additional header: ``use_jwt_cookie: true`` This tells - our auth middleware to "reconstitute" the JWT cookie header and signature into a single JWT from which auth, roles, etc. - can be fetched. You can do this in your browser using a tool like ModHeader, or with something like Postman. - #. Make the request. For the example endpoint above, you should get a response payload that looks like:: + #. Make a request to e.g. http://localhost:18160/api/v1/enterprise-catalogs/?format=json. For this example endpoint, you should get a response payload that looks like:: { "count": 2,