Remove unused /api/authtokens/create endpoint

app/Http/Controllers/AuthTokenController.php

@@ -4,51 +4,12 @@
 
 namespace App\Http\Controllers;
 
-use App\Models\AuthToken;
-use App\Utils\AuthTokenUtil;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Auth;
 use Illuminate\View\View;
-use InvalidArgumentException;
-use Symfony\Component\HttpFoundation\Response;
 
 final class AuthTokenController extends AbstractController
 {
     public function manage(): View
     {
         return $this->vue('manage-auth-tokens', 'Authentication Tokens');
     }
-
-    public function createToken(Request $request): JsonResponse
-    {
-        $fields = ['scope', 'description'];
-        foreach ($fields as $f) {
-            if (!$request->has($f)) {
-                return response()->json(['error' => "Missing field '{$f}'"], Response::HTTP_BAD_REQUEST);
-            }
-        }
-
-        if ($request->input('scope') !== AuthToken::SCOPE_FULL_ACCESS) {
-            $projectid = (int) $request->input('projectid');
-            if (!is_numeric($projectid)) {
-                return response()->json(['error' => 'Invalid projectid'], Response::HTTP_BAD_REQUEST);
-            }
-        } else {
-            $projectid = -1;
-        }
-
-        try {
-            $gen_auth_token = AuthTokenUtil::generateToken(
-                Auth::id(),
-                $projectid,
-                $request->input('scope'),
-                $request->input('description'),
-            );
-        } catch (InvalidArgumentException $e) {
-            return response()->json(['error' => $e->getMessage()], Response::HTTP_BAD_REQUEST);
-        }
-
-        return response()->json($gen_auth_token);
-    }
 }

app/cdash/tests/test_authtoken.php

@@ -18,12 +18,10 @@ class AuthTokenTestCase extends KWWebTestCase
     private $Token;
     private $PostBuildId;
     private ?Project $Project;
-    private $Hash;
 
     public function __construct()
     {
         parent::__construct();
-        $this->Hash = '';
         $this->PostBuildId = 0;
         $this->Project = null;
         $this->Token = '';
@@ -68,24 +66,10 @@ public function testEnableAuthenticatedSubmissions(): void
 
     public function testGenerateToken(): void
     {
-        // Log in as non-admin user.
-        $this->login('user1@kw', 'user1');
+        $userid = User::where('email', 'user1@kw')->firstOrFail()->id;
+        $response = AuthTokenUtil::generateToken($userid, -1, AuthToken::SCOPE_FULL_ACCESS, 'mytoken');
 
-        // Use API to generate token.
-        $response = $this->post($this->url . '/api/authtokens/create', ['description' => 'mytoken', 'scope' => AuthToken::SCOPE_FULL_ACCESS]);
-        $response = json_decode($response, true);
-        if (!array_key_exists('raw_token', $response)) {
-            $this->fail('Failed to generate token');
-        }
         $this->Token = $response['raw_token'];
-
-        // Test that the model agrees that this token exists.
-        $tokenmodel = new AuthToken();
-        $this->Hash = $response['token']['hash'];
-        $tokenmodel->Hash = $this->Hash;
-        if (!$tokenmodel->Exists()) {
-            $this->fail('Token does not exist');
-        }
     }
 
     public function testApiAccess()

app/cdash/tests/test_deferredsubmissions.php

@@ -8,6 +8,8 @@
 require_once 'tests/test_branchcoverage.php';
 
 use App\Models\AuthToken;
+use App\Models\User;
+use App\Utils\AuthTokenUtil;
 use App\Utils\DatabaseCleanupUtils;
 use CDash\Model\Project;
 use Illuminate\Support\Facades\DB;
@@ -130,18 +132,9 @@ private function getToken(string $scope): void
             return;
         }
 
-        // Log in as non-admin user.
-        $this->login('user1@kw', 'user1');
-
-        // Use API to generate token.
-        $response = $this->post($this->url . '/api/authtokens/create', [
-            'description' => 'mytoken',
-            'scope' => $scope,
-            'projectid' => $this->project->Id,
-        ]);
-        $response = json_decode($response, true);
+        $userid = User::where('email', 'user1@kw')->firstOrFail()->id;
+        $response = AuthTokenUtil::generateToken($userid, $this->project->Id, $scope, 'mytoken');
         $this->token = $response['raw_token'];
-        $this->logout();
     }
 
     public function testNormalSubmitWithValidToken(): void

phpstan-baseline.neon

@@ -570,36 +570,6 @@ parameters:
 			count: 1
 			path: app/Http/Controllers/Auth/RegisterController.php
 
-		-
-			rawMessage: 'Call to function is_numeric() with int will always evaluate to true.'
-			identifier: function.alreadyNarrowedType
-			count: 1
-			path: app/Http/Controllers/AuthTokenController.php
-
-		-
-			rawMessage: Cannot cast mixed to int.
-			identifier: cast.int
-			count: 1
-			path: app/Http/Controllers/AuthTokenController.php
-
-		-
-			rawMessage: 'Parameter #1 $user_id of static method App\Utils\AuthTokenUtil::generateToken() expects int, int|string|null given.'
-			identifier: argument.type
-			count: 1
-			path: app/Http/Controllers/AuthTokenController.php
-
-		-
-			rawMessage: 'Parameter #3 $scope of static method App\Utils\AuthTokenUtil::generateToken() expects string, mixed given.'
-			identifier: argument.type
-			count: 1
-			path: app/Http/Controllers/AuthTokenController.php
-
-		-
-			rawMessage: 'Parameter #4 $description of static method App\Utils\AuthTokenUtil::generateToken() expects string, mixed given.'
-			identifier: argument.type
-			count: 1
-			path: app/Http/Controllers/AuthTokenController.php
-
 		-
 			rawMessage: 'Argument of an invalid type array|false supplied for foreach, only iterables are supported.'
 			identifier: foreach.nonIterable
@@ -16872,12 +16842,6 @@ parameters:
 			count: 1
 			path: app/cdash/tests/test_attachedfiles.php
 
-		-
-			rawMessage: Access to an undefined property App\Models\AuthToken::$Hash.
-			identifier: property.notFound
-			count: 1
-			path: app/cdash/tests/test_authtoken.php
-
 		-
 			rawMessage: '''
 				Call to deprecated method getConfig() of class GuzzleHttp\Client:
@@ -16968,12 +16932,6 @@ parameters:
 			count: 1
 			path: app/cdash/tests/test_authtoken.php
 
-		-
-			rawMessage: 'Only booleans are allowed in a negated boolean, Illuminate\Database\Eloquent\Builder<App\Models\AuthToken> given.'
-			identifier: booleanNot.exprNotBoolean
-			count: 1
-			path: app/cdash/tests/test_authtoken.php
-
 		-
 			rawMessage: 'Only booleans are allowed in a negated boolean, Psr\Http\Message\ResponseInterface given.'
 			identifier: booleanNot.exprNotBoolean
@@ -17016,24 +16974,12 @@ parameters:
 			count: 1
 			path: app/cdash/tests/test_authtoken.php
 
-		-
-			rawMessage: 'Parameter #2 $array of function array_key_exists expects array, mixed given.'
-			identifier: argument.type
-			count: 1
-			path: app/cdash/tests/test_authtoken.php
-
 		-
 			rawMessage: 'Parameter #3 $value of function curl_setopt expects bool, int given.'
 			identifier: argument.type
 			count: 1
 			path: app/cdash/tests/test_authtoken.php
 
-		-
-			rawMessage: Property AuthTokenTestCase::$Hash has no type specified.
-			identifier: missingType.property
-			count: 1
-			path: app/cdash/tests/test_authtoken.php
-
 		-
 			rawMessage: Property AuthTokenTestCase::$PostBuildId has no type specified.
 			identifier: missingType.property
@@ -18642,12 +18588,6 @@ parameters:
 			count: 18
 			path: app/cdash/tests/test_deferredsubmissions.php
 
-		-
-			rawMessage: Cannot access offset 'raw_token' on mixed.
-			identifier: offsetAccess.nonOffsetAccessible
-			count: 1
-			path: app/cdash/tests/test_deferredsubmissions.php
-
 		-
 			rawMessage: Cannot access property $builderrors on stdClass|null.
 			identifier: property.nonObject

routes/api.php

@@ -54,8 +54,6 @@
 Route::match(['get', 'post', 'delete'], '/v1/expectedbuild.php', 'ExpectedBuildController@apiResponse');
 
 Route::middleware(['auth'])->group(function (): void {
-    Route::post('/authtokens/create', 'AuthTokenController@createToken');
-
     Route::post('/v1/addUserNote.php', 'UserNoteController@apiAddUserNote');
 
     Route::get('/v1/manageSubProject.php', 'SubProjectController@apiManageSubProject');