fix: include full-complement paramters in `JWT_PRIVATE_SIGNING_JWK`

Addresses the breaking upstream change in this commit: 92731be0dc See Changelog entry for details.
2024-12-04 19:03:39 +00:00 · 2023-10-20 14:36:00 -04:00 · 2023-10-20 14:36:00 -04:00 · 7f47c3c8af
commit 7f47c3c8af
parent c99958893e
2 changed files with 4 additions and 0 deletions
--- a/changelog.d/20231020_143112_kyle_jwk_full_complement.md
+++ b/changelog.d/20231020_143112_kyle_jwk_full_complement.md
@ -0,0 +1 @@
+- [Bugfix] Updated how the Tutor setting ``JWT_RSA_PRIVATE_KEY`` is rendered into the LMS Django setting ``JWT_AUTH['JWT_PRIVATE_SIGNING_JWK']`` as required by a recent breaking upstream change. The new representation of the ``JWT_PRIVATE_SIGNING_JWK`` simply adds the ``dq``, ``dp``, and ``qi`` parameters. Without this fix, LMS would encounter an ``InvalidKeyError`` on all logins (by @kdmccormick).
--- a/tutor/templates/apps/openedx/settings/partials/common_all.py
+++ b/tutor/templates/apps/openedx/settings/partials/common_all.py
@ -189,6 +189,9 @@ JWT_AUTH["JWT_PRIVATE_SIGNING_JWK"] = json.dumps(
        "n": "{{ jwt_rsa_key.n|long_to_base64 }}",
        "p": "{{ jwt_rsa_key.p|long_to_base64 }}",
        "q": "{{ jwt_rsa_key.q|long_to_base64 }}",
+        "dq": "{{ jwt_rsa_key.dq|long_to_base64 }}",
+        "dp": "{{ jwt_rsa_key.dp|long_to_base64 }}",
+        "qi": "{{ jwt_rsa_key.invq|long_to_base64 }}",
    }
 )
 JWT_AUTH["JWT_PUBLIC_SIGNING_JWK_SET"] = json.dumps(
				`@ -0,0 +1 @@`
				- [Bugfix] Updated how the Tutor setting ``JWT_RSA_PRIVATE_KEY`` is rendered into the LMS Django setting ``JWT_AUTH['JWT_PRIVATE_SIGNING_JWK']`` as required by a recent breaking upstream change. The new representation of the ``JWT_PRIVATE_SIGNING_JWK`` simply adds the ``dq``, ``dp``, and ``qi`` parameters. Without this fix, LMS would encounter an ``InvalidKeyError`` on all logins (by @kdmccormick).