cal-itp · machikoyasuda · Oct 7, 2021 · Oct 7, 2021
@@ -5,13 +5,8 @@
         "token_header": "Authorization",
         "jwe_cek_enc": "A256CBC-HS512",
         "jwe_encryption_alg": "RSA-OAEP",
-        "jws_signing_alg": "RS256",
-        "request_access": "REQUEST_ACCESS"
+        "jws_signing_alg": "RS256"
     },
-    "merchants": [
-        "abc",
-        "deftl"
-    ],
     "users": {
         "A1234567": ["Garcia", ["type1"]],
         "B2345678": ["Hernandez", ["type2"]],

@@ -24,13 +24,8 @@ def __init__(self):
         with open("data/server.json") as f:
             data = json.load(f)
             self._config = data["config"]
-            self._merchants = data["merchants"]
             self._users = data["users"]
 
-    def check_merchant(self, merchant_id):
-        """Check if the data matches a record in the database."""
-        return merchant_id in self._merchants
-
     def check_user(self, key, user, types):
         """Check if the data matches a record in the database."""
         if (
@@ -67,10 +62,6 @@ def jwe_encryption_alg(self):
     def jws_signing_alg(self):
         return self._config["jws_signing_alg"]
 
-    @property
-    def request_access(self):
-        return self._config["request_access"]
-
 
 app = Flask(__name__)
 api = Api(app)
@@ -81,41 +72,6 @@ def healthcheck():
     return "Healthy"
 
 
-class MerchantAuthToken(Resource):
-
-    db = Database()
-
-    def _bad_request(self):
-        return {"status": "400", "message": "Invalid request payload"}
-
-    def _check_payload(self):
-        """Ensure correct request payload"""
-        req_parser = reqparse.RequestParser()
-        req_parser.add_argument("request_access", required=True)
-        args = req_parser.parse_args()
-
-        if args.get("request_access") == self.db.request_access:
-            return True
-        else:
-            return False
-
-    def _not_found(self):
-        return {"status": "404", "message": "Merchant doesn't exist"}
-
-    def _token(self):
-        return {"access_token": self.db.auth_token, "token_type": "Bearer", "expires_in": 60}
-
-    def post(self, merchant_id):
-        """Respond to an auth token request."""
-        if self.db.check_merchant(merchant_id):
-            if self._check_payload():
-                return self._token(), 200
-            else:
-                return self._bad_request(), 400
-        else:
-            return self._not_found(), 404
-
-
 class Verify(Resource):
 
     db = Database()
@@ -216,7 +172,6 @@ def get(self):
             return "Invalid token format", 400
 
 
-api.add_resource(MerchantAuthToken, "/<merchant_id>/access-token")
 api.add_resource(Verify, "/verify")
 
 

@@ -10,7 +10,6 @@
 
 def test_database_init(database):
     assert database._config
-    assert database._merchants
     assert database._users
 
 
@@ -21,19 +20,6 @@ def test_database_properties(database):
     assert database.jwe_cek_enc
     assert database.jwe_encryption_alg
     assert database.jws_signing_alg
-    assert database.request_access
-
-
-def test_database_check_merchant_in_database(database):
-    merchant_id = DATA["merchants"][1]
-    response = database.check_merchant(merchant_id)
-    assert response is True
-
-
-def test_database_check_merchant_not_in_database(database):
-    merchant_id_not_in_database = "123"
-    response = database.check_merchant(merchant_id_not_in_database)
-    assert response is False
 
 
 def test_database_check_user_in_database(database):