I’m trying to run the profile MFE on a running Juniper instance using the role from this PR.
I cherry-picked the commits into the local configuration repo, then I run the role (had to add a handlers folder for reload nginx) and then I configured the LMS as described in the PR. When I go to the profile page I get successfully redirected to the right URL but then I get this error:
Looking at the LMS log I see: [service_variant=lms][edx_rest_framework_extensions.auth.jwt.middleware][env:sandbox] WARNING [ip-172-31-16-169 3554] [user 12] [middleware.py:244] - Both JWT auth cookies missing. JWT auth cookies will not be reconstituted.
I’m not quite sure what to check in my JWT configuration, any pointers would be much appreciated !
(pinging you in case you’ve come across this @morenol)
I think that you can solve that by enabling the CONFIGURE_JWTS configuration in order to generate the JWT settings automatically for you in the deployment of edxapp.
That is enabled in the native installation playbook, so I guess that it should work:
In the past, when I was not using the native installation I was able to generate the JWT configurations using a lms command:
python manage.py lms generate_jwt_signing_key
The output of that command should generate the missing configurations i.e. EDXAPP_JWT_SIGNING_ALGORITHM, COMMON_JWT_PUBLIC_SIGNING_JWK_SET and EDXAPP_JWT_PRIVATE_SIGNING_JWK. But I guess that with the CONFIGURE_JWT configuration that would not be necessary.
Once you add that configurations to your variables I think that with a deployment to edxapp, your problem should be solved. Let me know if that works
I had a look and my JWT was configured as expected from the default install script. I had another instance on the same domain and I think that was interfering. I tried it with that other instance and it works fine.
Thanks for the work on the deployment script! It was effortless to use.
Were you able to move past the Both JWT auth cookies missing. JWT auth cookies will not be reconstituted issue ?
I’m running Koa.1 on azure. And I’m facing this same issue on the basket page when trying to upgrade to verified.
Logs:
Feb 23 17:47:22 apcwokoa [service_variant=ecommerce][edx_rest_framework_extensions.auth.jwt.middleware] WARNING [apcwokoa 59199] [/edx/app/ecommerce/venvs/ecommerce/lib/python3.8/site-packages/edx_rest_framework_extensions/auth/jwt/middleware.py:245] - Both JWT auth cookies missing. JWT auth cookies will not be reconstituted.
Feb 23 17:47:22 apcwokoa [service_variant=ecommerce][edx_rest_framework_extensions.auth.jwt.middleware] INFO [apcwokoa 59199] [/edx/app/ecommerce/venvs/ecommerce/lib/python3.8/site-packages/edx_rest_framework_extensions/auth/jwt/middleware.py:70] - (‘The view BasketAddItemsView allows Jwt Authentication. The required permission class, NotJwtRestrictedApplication,’, ’ was automatically added.’)
Feb 23 17:48:46 apcwokoa [service_variant=ecommerce][edx_rest_framework_extensions.auth.jwt.middleware] WARNING [apcwokoa 59199] [/edx/app/ecommerce/venvs/ecommerce/lib/python3.8/site-packages/edx_rest_framework_extensions/auth/jwt/middleware.py:245] - Both JWT auth cookies missing. JWT auth cookies will not be reconstituted.
From what I remember I had to make sure my CROSS_DOMAIN_CSRF_COOKIE_DOMAIN was configured incorrectly and it meant having a value that was ‘.your-lms-domain’.
Hi @BbrSofiane
I just reviewed my settings and noted that after a week of debugging and your advice pointing me to the right place, the issue seemed to arise from two configuration mistakes from my end :
The CROSS_DOMAIN_CSRF_COOKIE_DOMAIN should be set as the LMS domain only. [THANKS FOR YOUR HELP]
Ensure that FEATURES → ENABLE_CROSS_DOMAIN_CSRF_COOKIE: is set to true
!