diff --git a/cms/envs/common.py b/cms/envs/common.py index 43ddc3415023..864cc33bed44 100644 --- a/cms/envs/common.py +++ b/cms/envs/common.py @@ -439,6 +439,9 @@ LMS_ENROLLMENT_API_PATH = "/api/enrollment/v1/" ENTERPRISE_API_URL = LMS_INTERNAL_ROOT_URL + '/enterprise/api/v1/' ENTERPRISE_CONSENT_API_URL = LMS_INTERNAL_ROOT_URL + '/consent/api/v1/' +FRONTEND_LOGIN_URL = LOGIN_URL +FRONTEND_LOGOUT_URL = lambda settings: settings.LMS_ROOT_URL + '/logout' +derived('FRONTEND_LOGOUT_URL') # List of logout URIs for each IDA that the learner should be logged out of when they logout of # Studio. Only applies to IDA for which the social auth flow uses DOT (Django OAuth Toolkit). diff --git a/cms/envs/production.py b/cms/envs/production.py index 536483983e98..906756b0b487 100644 --- a/cms/envs/production.py +++ b/cms/envs/production.py @@ -14,6 +14,7 @@ from xmodule.modulestore.modulestore_settings import convert_module_store_setting_if_needed from openedx.core.djangoapps.plugins import plugin_settings, constants as plugin_constants from django.core.exceptions import ImproperlyConfigured +from django.core.urlresolvers import reverse_lazy from .common import * @@ -298,6 +299,15 @@ def get_env_setting(setting): HEARTBEAT_EXTENDED_CHECKS = ENV_TOKENS.get('HEARTBEAT_EXTENDED_CHECKS', HEARTBEAT_EXTENDED_CHECKS) HEARTBEAT_CELERY_TIMEOUT = ENV_TOKENS.get('HEARTBEAT_CELERY_TIMEOUT', HEARTBEAT_CELERY_TIMEOUT) +# Login using the LMS as the identity provider. +# Turning the flag to True means that the LMS will NOT be used as the Identity Provider (idp) +if FEATURES.get('DISABLE_STUDIO_SSO_OVER_LMS', False): + LOGIN_URL = reverse_lazy('login') + FRONTEND_LOGIN_URL = LOGIN_URL + FRONTEND_LOGOUT_URL = reverse_lazy('logout') + +LOGIN_REDIRECT_WHITELIST = [reverse_lazy('home')] + # Specific setting for the File Upload Service to store media in a bucket. FILE_UPLOAD_STORAGE_BUCKET_NAME = ENV_TOKENS.get('FILE_UPLOAD_STORAGE_BUCKET_NAME', FILE_UPLOAD_STORAGE_BUCKET_NAME) FILE_UPLOAD_STORAGE_PREFIX = ENV_TOKENS.get('FILE_UPLOAD_STORAGE_PREFIX', FILE_UPLOAD_STORAGE_PREFIX) diff --git a/cms/templates/widgets/header.html b/cms/templates/widgets/header.html index 11229321f2e1..1b69f2411ea8 100644 --- a/cms/templates/widgets/header.html +++ b/cms/templates/widgets/header.html @@ -230,7 +230,6 @@

@@ -245,7 +244,7 @@

${_("Account Navigation")}

% endif diff --git a/cms/templates/widgets/user_dropdown.html b/cms/templates/widgets/user_dropdown.html index 1b05fb24cfe3..a59fc3b75bd5 100644 --- a/cms/templates/widgets/user_dropdown.html +++ b/cms/templates/widgets/user_dropdown.html @@ -39,9 +39,6 @@

- <% - logout_url = settings.LMS_ROOT_URL + '/logout' - %>
diff --git a/lms/envs/test.py b/lms/envs/test.py index 120acfb57a70..b9cd90f45bf0 100644 --- a/lms/envs/test.py +++ b/lms/envs/test.py @@ -551,6 +551,10 @@ LMS_ROOT_URL = "http://localhost:8000" +# TODO (felipemontoya): This key is only needed during lettuce tests. +# To be removed during https://openedx.atlassian.net/browse/DEPR-19 +FRONTEND_LOGOUT_URL = LMS_ROOT_URL + '/logout' + ECOMMERCE_API_URL = 'https://ecommerce.example.com/api/v2/' ENTERPRISE_API_URL = 'http://enterprise.example.com/enterprise/api/v1/' ENTERPRISE_CONSENT_API_URL = 'http://enterprise.example.com/consent/api/v1/' diff --git a/openedx/core/djangoapps/user_authn/views/logout.py b/openedx/core/djangoapps/user_authn/views/logout.py index 3b58aaf5cb82..e2cc9be27a8c 100644 --- a/openedx/core/djangoapps/user_authn/views/logout.py +++ b/openedx/core/djangoapps/user_authn/views/logout.py @@ -57,7 +57,11 @@ def dispatch(self, request, *args, **kwargs): logout(request) - response = super(LogoutView, self).dispatch(request, *args, **kwargs) + # If we are using studio logout directly and there is not OIDC logouts we can just redirect the user + if settings.FEATURES.get('DISABLE_STUDIO_SSO_OVER_LMS', False) and not self.oauth_client_ids: + response = redirect(self.target) + else: + response = super(LogoutView, self).dispatch(request, *args, **kwargs) # Clear the cookie used by the edx.org marketing site delete_logged_in_cookies(response)