Skip to content

Commit

Permalink
Removed all references to RefreshTokenStore.
Browse files Browse the repository at this point in the history
  • Loading branch information
@cmaddox5
cmaddox5 committed Sep 9, 2024
1 parent 36604de commit a725884
Show file tree
Hide file tree
Showing 6 changed files with 1 addition and 143 deletions.
1 change: 0 additions & 1 deletion config/config.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ config :signs_ui, SignsUiWeb.Endpoint,
# Internal configuration
config :signs_ui,
config_store: SignsUi.Config.S3,
refresh_token_store: SignsUi.RefreshTokenStore,
alert_producer: ServerSentEventStage,
alert_consumer_opts: [
name: SignsUi.Alerts.State,
Expand Down
1 change: 0 additions & 1 deletion lib/signs_ui/application.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ defmodule SignsUi.Application do
SignsUi.Config.Writer,
{SignsUi.Signs.State, [name: SignsUi.Signs.State]},
SignsUi.Config.Expiration,
SignsUi.RefreshTokenStore,
{Application.get_env(:signs_ui, :alert_producer),
name: AlertProducer,
url:
Expand Down
34 changes: 0 additions & 34 deletions lib/signs_ui/refresh_token_store.ex
View file

This file was deleted.

22 changes: 0 additions & 22 deletions lib/signs_ui_web/controllers/auth_controller.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ defmodule SignsUiWeb.AuthController do
def callback(%{assigns: %{ueberauth_auth: auth}} = conn, _params) do
username = auth.uid
expiration = auth.credentials.expires_at
credentials = conn.assigns.ueberauth_auth.credentials

current_time = System.system_time(:second)

Expand All @@ -19,11 +18,6 @@ defmodule SignsUiWeb.AuthController do
roles =
get_in(auth.extra.raw_info.userinfo, ["resource_access", keycloak_client_id, "roles"]) || []

if credentials.refresh_token do
refresh_token_store = Application.get_env(:signs_ui, :refresh_token_store)
refresh_token_store.put_refresh_token(username, credentials.refresh_token)
end

conn
|> Guardian.Plug.sign_in(
SignsUiWeb.AuthManager,
Expand All @@ -42,11 +36,6 @@ defmodule SignsUiWeb.AuthController do
Logger.error("ueberauth_failure #{inspect(errors)}")

cond do
error?(errors, "refresh_token_failure") ->
refresh_token_cleanup(conn)

reauthenticate(conn)

error?(errors, "bad_state") ->
reauthenticate(conn)

Expand All @@ -57,23 +46,12 @@ defmodule SignsUiWeb.AuthController do

@spec logout(Conn.t(), map()) :: Conn.t()
def logout(conn, _params) do
refresh_token_cleanup(conn)

conn
|> Guardian.Plug.sign_out(SignsUiWeb.AuthManager)
|> Conn.clear_session()
|> redirect(to: SignsUiWeb.Router.Helpers.page_path(conn, :index))
end

defp refresh_token_cleanup(conn) do
refresh_token_store = Application.get_env(:signs_ui, :refresh_token_store)

conn
|> Conn.fetch_session()
|> Conn.get_session(:signs_ui_username)
|> refresh_token_store.clear_refresh_token()
end

@spec error?([Ueberauth.Failure.t(), ...], String.t()) :: boolean
defp error?(errors, key) do
Enum.any?(errors, fn e -> e.message_key == key end)
Expand Down
44 changes: 0 additions & 44 deletions test/signs_ui/refresh_token_store_test.exs
View file

This file was deleted.

42 changes: 1 addition & 41 deletions test/signs_ui_web/controllers/auth_controller_test.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ defmodule SignsUiWeb.AuthControllerTest do

describe "callback" do
test "redirects on success and saves refresh token", %{conn: conn} do
reassign_env(:refresh_token_store, SignsUiWeb.AuthControllerTest.FakeRefreshTokenStore)
current_time = System.system_time(:second)

auth = %Ueberauth.Auth{
Expand Down Expand Up @@ -38,8 +37,6 @@ defmodule SignsUiWeb.AuthControllerTest do
}
}

reassign_env(:refresh_token_store, SignsUiWeb.AuthControllerTest.FakeRefreshTokenStore)

log =
capture_log([level: :info], fn ->
conn =
Expand All @@ -52,8 +49,6 @@ defmodule SignsUiWeb.AuthControllerTest do
assert response =~ SignsUiWeb.Router.Helpers.messages_path(conn, :index)
assert Guardian.Plug.current_claims(conn)["roles"] == ["test1"]
end)

assert log =~ "stored_refresh_token username=foo@mbta.com refresh_token=bar"
end

test "handles generic failure", %{conn: conn} do
Expand All @@ -70,27 +65,6 @@ defmodule SignsUiWeb.AuthControllerTest do
assert log =~ "ueberauth_failure"
end

test "handles failure to use refresh token", %{conn: conn} do
reassign_env(:refresh_token_store, SignsUiWeb.AuthControllerTest.FakeRefreshTokenStore)

log =
capture_log([level: :info], fn ->
conn =
conn
|> init_test_session(%{signs_ui_username: "foo@mbta.com"})
|> assign(:ueberauth_failure, %Ueberauth.Failure{
errors: [%Ueberauth.Failure.Error{message_key: "refresh_token_failure"}]
})
|> get(SignsUiWeb.Router.Helpers.auth_path(conn, :callback, "keycloak"))

response = response(conn, 302)

assert response =~ SignsUiWeb.Router.Helpers.auth_path(conn, :request, "keycloak")
end)

assert log =~ "cleared_refresh_token username=foo@mbta.com"
end

@tag :capture_log
test "handles bad_state by redirecting to /auth/keycloak", %{conn: conn} do
conn =
Expand Down Expand Up @@ -118,7 +92,7 @@ defmodule SignsUiWeb.AuthControllerTest do

describe "logout" do
@tag :authenticated
test "clears refresh token, logs user out, and redirects to keycloak logout", %{conn: conn} do
test "logs user out and redirects to keycloak logout", %{conn: conn} do
current_time = System.system_time(:second)

auth = %Ueberauth.Auth{
Expand Down Expand Up @@ -150,8 +124,6 @@ defmodule SignsUiWeb.AuthControllerTest do
}
}

reassign_env(:refresh_token_store, SignsUiWeb.AuthControllerTest.FakeRefreshTokenStore)

log =
capture_log([level: :info], fn ->
conn =
Expand All @@ -166,18 +138,6 @@ defmodule SignsUiWeb.AuthControllerTest do

assert redirected_to(conn) == "/"
end)

assert log =~ "cleared_refresh_token"
end
end

defmodule FakeRefreshTokenStore do
def put_refresh_token(username, refresh_token) do
Logger.info("stored_refresh_token username=#{username} refresh_token=#{refresh_token}")
end

def clear_refresh_token(username) do
Logger.info("cleared_refresh_token username=#{username}")
end
end

Expand Down

0 comments on commit a725884

Please sign in to comment.