From 929027e1f20aac412e0a8019c6e5a73ad63c858d Mon Sep 17 00:00:00 2001
From: Robert Raposa <rraposa@edx.org>
Date: Thu, 29 Aug 2024 10:58:32 -0400
Subject: [PATCH] Revert "feat: DEPR USE-JWT-COOKIE header (#922)"

This reverts commit 7f4ae6e5e527c75e36221fdecd0cf60aec4d1651.
---
 docs/getting_started.rst            | 6 +++++-
 enterprise_catalog/settings/base.py | 4 +++-
 requirements/base.in                | 2 +-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/docs/getting_started.rst b/docs/getting_started.rst
index 1b6fff47f..64b099271 100644
--- a/docs/getting_started.rst
+++ b/docs/getting_started.rst
@@ -119,7 +119,11 @@ To get a JWT role defined inside your cookie, do the following:
             "enterprise_learner:{another-enterprise-uuid}",
             "enterprise_openedx_operator:*"
         ]
-   #. Make a request to e.g. http://localhost:18160/api/v1/enterprise-catalogs/?format=json. For this example endpoint, you should get a response payload that looks like::
+   #. Soon, you'll make a request to e.g. http://localhost:18160/api/v1/enterprise-catalogs/?format=json.  Before you do this,
+      it's important that you can make the request with an additional header: ``use_jwt_cookie: true``  This tells
+      our auth middleware to "reconstitute" the JWT cookie header and signature into a single JWT from which auth, roles, etc.
+      can be fetched.  You can do this in your browser using a tool like ModHeader, or with something like Postman.
+   #. Make the request.  For the example endpoint above, you should get a response payload that looks like::
 
         {
           "count": 2,
diff --git a/enterprise_catalog/settings/base.py b/enterprise_catalog/settings/base.py
index 9b2397b5b..280acb0e9 100644
--- a/enterprise_catalog/settings/base.py
+++ b/enterprise_catalog/settings/base.py
@@ -107,7 +107,9 @@
 
 # Enable CORS
 CORS_ALLOW_CREDENTIALS = True
-CORS_ALLOW_HEADERS = corsheaders_default_headers
+CORS_ALLOW_HEADERS = corsheaders_default_headers + (
+    'use-jwt-cookie',
+)
 CORS_ORIGIN_WHITELIST = []
 
 ROOT_URLCONF = 'enterprise_catalog.urls'
diff --git a/requirements/base.in b/requirements/base.in
index c2cb99749..bc214a3b8 100644
--- a/requirements/base.in
+++ b/requirements/base.in
@@ -21,7 +21,7 @@ edx-auth-backends
 edx-celeryutils
 edx-django-release-util
 edx-django-utils
-edx-drf-extensions>=10.2.0  # 10.2.0 removes use-jwt-cookie header
+edx-drf-extensions
 edx_rbac
 edx-rest-api-client
 edx-toggles