Reconnecting Token Generator for Annotation Tool [Fix]

cms/envs/common.py

@@ -318,7 +318,7 @@
             'css/vendor/ui-lightness/jquery-ui-1.8.22.custom.css',
             'css/vendor/jquery.qtip.min.css',
             'js/vendor/markitup/skins/simple/style.css',
-            'js/vendor/markitup/sets/wiki/style.css'
+            'js/vendor/markitup/sets/wiki/style.css',
         ],
         'output_filename': 'css/cms-style-vendor.css',
     },

common/djangoapps/pipeline_mako/__init__.py

@@ -6,7 +6,7 @@
 from static_replace import try_staticfiles_lookup
 
 
-def compressed_css(package_name):
+def compressed_css(package_name, raw=False):
     package = settings.PIPELINE_CSS.get(package_name, {})
     if package:
         package = {package_name: package}
@@ -15,26 +15,28 @@ def compressed_css(package_name):
     package = packager.package_for('css', package_name)
 
     if settings.PIPELINE:
-        return render_css(package, package.output_filename)
+        return render_css(package, package.output_filename, raw=raw)
     else:
         paths = packager.compile(package.paths)
-        return render_individual_css(package, paths)
+        return render_individual_css(package, paths, raw=raw)
 
 
-def render_css(package, path):
+def render_css(package, path, raw=False):
     template_name = package.template_name or "mako/css.html"
     context = package.extra_context
 
     url = try_staticfiles_lookup(path)
+    if raw:
+        url += "?raw"
     context.update({
         'type': guess_type(path, 'text/css'),
         'url': url,
     })
     return render_to_string(template_name, context)
 
 
-def render_individual_css(package, paths):
-    tags = [render_css(package, path) for path in paths]
+def render_individual_css(package, paths, raw=False):
+    tags = [render_css(package, path, raw) for path in paths]
     return '\n'.join(tags)
 
 

common/djangoapps/pipeline_mako/templates/static_content.html

@@ -3,19 +3,19 @@
 from pipeline_mako import compressed_css, compressed_js
 %>
 
-<%def name='url(file)'><%
+<%def name='url(file, raw=False)'><%
 try:
     url = staticfiles_storage.url(file)
 except:
     url = file
-%>${url}</%def>
+%>${url}${"?raw" if raw else ""}</%def>
 
-<%def name='css(group)'>
+<%def name='css(group, raw=False)'>
   % if settings.FEATURES['USE_DJANGO_PIPELINE']:
-    ${compressed_css(group)}
+    ${compressed_css(group, raw=raw)}
   % else:
     % for filename in settings.PIPELINE_CSS[group]['source_filenames']:
-      <link rel="stylesheet" href="${staticfiles_storage.url(filename.replace('.scss', '.css'))}" type="text/css" media="all" / >
+      <link rel="stylesheet" href="${staticfiles_storage.url(filename.replace('.scss', '.css'))}${"?raw" if raw else ""}" type="text/css" media="all" / >
     % endfor
   %endif
 </%def>

common/djangoapps/student/tests/tests.py

@@ -26,7 +26,7 @@
 
 from student.models import anonymous_id_for_user, user_by_anonymous_id, CourseEnrollment, unique_id_for_user
 from student.views import (process_survey_link, _cert_info,
-                           change_enrollment, complete_course_mode_info, token)
+                           change_enrollment, complete_course_mode_info)
 from student.tests.factories import UserFactory, CourseModeFactory
 
 import shoppingcart
@@ -498,26 +498,3 @@ def test_roundtrip_for_logged_user(self):
         anonymous_id = anonymous_id_for_user(self.user, self.course.id)
         real_user = user_by_anonymous_id(anonymous_id)
         self.assertEqual(self.user, real_user)
-
-
-@override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)
-class Token(ModuleStoreTestCase):
-    """
-    Test for the token generator. This creates a random course and passes it through the token file which generates the
-    token that will be passed in to the annotation_storage_url.
-    """
-    request_factory = RequestFactory()
-    COURSE_SLUG = "100"
-    COURSE_NAME = "test_course"
-    COURSE_ORG = "edx"
-
-    def setUp(self):
-        self.course = CourseFactory.create(org=self.COURSE_ORG, display_name=self.COURSE_NAME, number=self.COURSE_SLUG)
-        self.user = User.objects.create(username="username", email="username")
-        self.req = self.request_factory.post('/token?course_id=edx/100/test_course', {'user': self.user})
-        self.req.user = self.user
-
-    def test_token(self):
-        expected = HttpResponse("eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJpc3N1ZWRBdCI6ICIyMDE0LTAxLTIzVDE5OjM1OjE3LjUyMjEwNC01OjAwIiwgImNvbnN1bWVyS2V5IjogInh4eHh4eHh4LXh4eHgteHh4eC14eHh4LXh4eHh4eHh4eHh4eCIsICJ1c2VySWQiOiAidXNlcm5hbWUiLCAidHRsIjogODY0MDB9.OjWz9mzqJnYuzX-f3uCBllqJUa8PVWJjcDy_McfxLvc", mimetype="text/plain")
-        response = token(self.req)
-        self.assertEqual(expected.content.split('.')[0], response.content.split('.')[0])

common/djangoapps/student/views.py

@@ -44,7 +44,6 @@
     create_comments_service_user, PasswordHistory
 )
 from student.forms import PasswordResetFormNoActive
-from student.firebase_token_generator import create_token
 
 from verify_student.models import SoftwareSecurePhotoVerification, MidcourseReverificationWindow
 from certificates.models import CertificateStatuses, certificate_status_for_student
@@ -1852,26 +1851,3 @@ def change_email_settings(request):
         track.views.server_track(request, "change-email-settings", {"receive_emails": "no", "course": course_id}, page='dashboard')
 
     return JsonResponse({"success": True})
-
-
-@login_required
-def token(request):
-    '''
-    Return a token for the backend of annotations.
-    It uses the course id to retrieve a variable that contains the secret
-    token found in inheritance.py. It also contains information of when
-    the token was issued. This will be stored with the user along with
-    the id for identification purposes in the backend.
-    '''
-    course_id = request.GET.get("course_id")
-    course = course_from_id(course_id)
-    dtnow = datetime.datetime.now()
-    dtutcnow = datetime.datetime.utcnow()
-    delta = dtnow - dtutcnow
-    newhour, newmin = divmod((delta.days * 24 * 60 * 60 + delta.seconds + 30) // 60, 60)
-    newtime = "%s%+02d:%02d" % (dtnow.isoformat(), newhour, newmin)
-    secret = course.annotation_token_secret
-    custom_data = {"issuedAt": newtime, "consumerKey": secret, "userId": request.user.email, "ttl": 86400}
-    newtoken = create_token(secret, custom_data)
-    response = HttpResponse(newtoken, mimetype="text/plain")
-    return response

common/lib/xmodule/xmodule/annotator_token.py

@@ -0,0 +1,32 @@
+"""
+This file contains a function used to retrieve the token for the annotation backend
+without having to create a view, but just returning a string instead.
+
+It can be called from other files by using the following:
+from xmodule.annotator_token import retrieve_token
+"""
+import datetime
+from firebase_token_generator import create_token
+
+
+def retrieve_token(userid, secret):
+    '''
+    Return a token for the backend of annotations.
+    It uses the course id to retrieve a variable that contains the secret
+    token found in inheritance.py. It also contains information of when
+    the token was issued. This will be stored with the user along with
+    the id for identification purposes in the backend.
+    '''
+
+    # the following five lines of code allows you to include the default timezone in the iso format
+    # for more information: http://stackoverflow.com/questions/3401428/how-to-get-an-isoformat-datetime-string-including-the-default-timezone
+    dtnow = datetime.datetime.now()
+    dtutcnow = datetime.datetime.utcnow()
+    delta = dtnow - dtutcnow
+    newhour, newmin = divmod((delta.days * 24 * 60 * 60 + delta.seconds + 30) // 60, 60)
+    newtime = "%s%+02d:%02d" % (dtnow.isoformat(), newhour, newmin)
+    # uses the issued time (UTC plus timezone), the consumer key and the user's email to maintain a 
+    # federated system in the annotation backend server
+    custom_data = {"issuedAt": newtime, "consumerKey": secret, "userId": userid, "ttl": 86400}
+    newtoken = create_token(secret, custom_data)
+    return newtoken

common/lib/xmodule/xmodule/tests/test_annotator_token.py

@@ -0,0 +1,20 @@
+"""
+This test will run for annotator_token.py
+"""
+import unittest
+
+from xmodule.annotator_token import retrieve_token
+
+
+class TokenRetriever(unittest.TestCase):
+    """
+    Tests to make sure that when passed in a username and secret token, that it will be encoded correctly
+    """
+    def test_token(self):
+        """
+        Test for the token generator. Give an a random username and secret token, it should create the properly encoded string of text. 
+        """
+        expected = "eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJpc3N1ZWRBdCI6ICIyMDE0LTAyLTI3VDE3OjAwOjQyLjQwNjQ0MSswOjAwIiwgImNvbnN1bWVyS2V5IjogImZha2Vfc2VjcmV0IiwgInVzZXJJZCI6ICJ1c2VybmFtZSIsICJ0dGwiOiA4NjQwMH0.Dx1PoF-7mqBOOSGDMZ9R_s3oaaLRPnn6CJgGGF2A5CQ"
+        response = retrieve_token("username", "fake_secret")
+        self.assertEqual(expected.split('.')[0], response.split('.')[0])
+        self.assertNotEqual(expected.split('.')[2], response.split('.')[2])

common/lib/xmodule/xmodule/tests/test_textannotation.py

@@ -38,17 +38,6 @@ def setUp(self):
             ScopeIds(None, None, None, None)
         )
 
-    def test_render_content(self):
-        """
-        Tests to make sure the sample xml is rendered and that it forms a valid xmltree
-        that does not contain a display_name.
-        """
-        content = self.mod._render_content()  # pylint: disable=W0212
-        self.assertIsNotNone(content)
-        element = etree.fromstring(content)
-        self.assertIsNotNone(element)
-        self.assertFalse('display_name' in element.attrib, "Display Name should have been deleted from Content")
-
     def test_extract_instructions(self):
         """
         Tests to make sure that the instructions are correctly pulled from the sample xml above.
@@ -70,5 +59,5 @@ def test_get_html(self):
         Tests the function that passes in all the information in the context that will be used in templates/textannotation.html
         """
         context = self.mod.get_html()
-        for key in ['display_name', 'tag', 'source', 'instructions_html', 'content_html', 'annotation_storage']:
+        for key in ['display_name', 'tag', 'source', 'instructions_html', 'content_html', 'annotation_storage', 'token']:
             self.assertIn(key, context)