Remove SendVerifyEmail

cloudtrust · Jan 8, 2020 · 2571488 · 2571488
1 parent 76e866b
commit 2571488
Show file tree

Hide file tree

Showing 9 changed files with 0 additions and 226 deletions.
diff --git a/api/management/swagger-api_management.yaml b/api/management/swagger-api_management.yaml
@@ -446,40 +446,6 @@ paths:
             text/plain:
               schema:
                 type: string
-  /realms/{realm}/users/{userID}/send-verify-email:
-    put:
-      tags:
-      - Users
-      summary: >
-        Send an email-verification email to the user.
-        It contains a link the user can click to verify its email address.
-        The redirectUri and clientId parameters are optional. The default for the redirect is the account client.
-      parameters:
-      - name: realm
-        in: path
-        description: realm name (not id!)
-        required: true
-        schema:
-          type: string
-      - name: userID
-        in: path
-        description: User id
-        required: true
-        schema:
-          type: string
-      - name: client_id
-        in: query
-        schema:
-          type: string
-        allowEmptyValue: true
-      - name: redirect_uri
-        in: query
-        schema:
-          type: string
-        allowEmptyValue: true
-      responses:
-        200:
-          description: successful operation
   /realms/{realm}/users/{userID}/execute-actions-email:
     put:
       tags:

diff --git a/cmd/keycloakb/keycloak_bridge.go b/cmd/keycloakb/keycloak_bridge.go
@@ -472,7 +472,6 @@ func main() {
 			GetClientRoleForUser:           prepareEndpoint(management.MakeGetClientRolesForUserEndpoint(keycloakComponent), "get_client_roles_for_user_endpoint", influxMetrics, managementLogger, tracer, rateLimit["management"]),
 			AddClientRoleToUser:            prepareEndpoint(management.MakeAddClientRolesToUserEndpoint(keycloakComponent), "get_client_roles_for_user_endpoint", influxMetrics, managementLogger, tracer, rateLimit["management"]),
 			ResetPassword:                  prepareEndpoint(management.MakeResetPasswordEndpoint(keycloakComponent), "reset_password_endpoint", influxMetrics, managementLogger, tracer, rateLimit["management"]),
-			SendVerifyEmail:                prepareEndpoint(management.MakeSendVerifyEmailEndpoint(keycloakComponent), "send_verify_email_endpoint", influxMetrics, managementLogger, tracer, rateLimit["management"]),
 			ExecuteActionsEmail:            prepareEndpoint(management.MakeExecuteActionsEmailEndpoint(keycloakComponent), "execute_actions_email_endpoint", influxMetrics, managementLogger, tracer, rateLimit["management"]),
 			SendReminderEmail:              prepareEndpoint(management.MakeSendReminderEmailEndpoint(keycloakComponent), "send_reminder_email_endpoint", influxMetrics, managementLogger, tracer, rateLimit["management"]),
 			SendNewEnrolmentCode:           prepareEndpoint(management.MakeSendNewEnrolmentCodeEndpoint(keycloakComponent), "send_new_enrolment_code_endpoint", influxMetrics, managementLogger, tracer, rateLimit["management"]),
@@ -644,7 +643,6 @@ func main() {
 		var getGroupsHandler = configureManagementHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(managementEndpoints.GetGroups)
 
 		var resetPasswordHandler = configureManagementHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(managementEndpoints.ResetPassword)
-		var sendVerifyEmailHandler = configureManagementHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(managementEndpoints.SendVerifyEmail)
 		var executeActionsEmailHandler = configureManagementHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(managementEndpoints.ExecuteActionsEmail)
 		var sendNewEnrolmentCodeHandler = configureManagementHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(managementEndpoints.SendNewEnrolmentCode)
 		var sendReminderEmailHandler = configureManagementHandler(keycloakb.ComponentName, ComponentID, idGenerator, keycloakClient, audienceRequired, tracer, logger)(managementEndpoints.SendReminderEmail)
@@ -682,7 +680,6 @@ func main() {
 		managementSubroute.Path("/realms/{realm}/users/{userID}/role-mappings/clients/{clientID}").Methods("POST").Handler(addClientRoleToUserHandler)
 
 		managementSubroute.Path("/realms/{realm}/users/{userID}/reset-password").Methods("PUT").Handler(resetPasswordHandler)
-		managementSubroute.Path("/realms/{realm}/users/{userID}/send-verify-email").Methods("PUT").Handler(sendVerifyEmailHandler)
 		managementSubroute.Path("/realms/{realm}/users/{userID}/execute-actions-email").Methods("PUT").Handler(executeActionsEmailHandler)
 		managementSubroute.Path("/realms/{realm}/users/{userID}/send-new-enrolment-code").Methods("POST").Handler(sendNewEnrolmentCodeHandler)
 		managementSubroute.Path("/realms/{realm}/users/{userID}/send-reminder-email").Methods("POST").Handler(sendReminderEmailHandler)

diff --git a/configs/authorization.json b/configs/authorization.json
@@ -58,13 +58,6 @@
           "l3_support_manager": {}
         }
       },
-      "SendVerifyEmail": {
-        "master": {
-          "integrator_manager": {},
-          "l2_support_manager": {},
-          "l3_support_manager": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "master": {
           "integrator_manager": {},
@@ -214,14 +207,6 @@
           "end_user": {}
         }
       },
-      "SendVerifyEmail": {
-        "master": {
-          "integrator_agent": {}
-        },
-        "DEP": {
-          "end_user": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "master": {
           "integrator_agent": {}
@@ -351,11 +336,6 @@
           "*": {}
         }
       },
-      "SendVerifyEmail": {
-        "DEP": {
-          "*": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "DEP": {
           "*": {}
@@ -467,11 +447,6 @@
           "l2_support_agent": {}
         }
       },
-      "SendVerifyEmail": {
-        "master": {
-          "l2_support_agent": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "master": {
           "l2_support_agent": {}
@@ -600,11 +575,6 @@
           "l3_support_agent": {}
         }
       },
-      "SendVerifyEmail": {
-        "master": {
-          "l3_support_agent": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "master": {
           "l3_support_agent": {}
@@ -736,11 +706,6 @@
           "*": {}
         }
       },
-      "SendVerifyEmail": {
-        "DEP": {
-          "*": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "DEP": {
           "*": {}
@@ -879,12 +844,6 @@
           "end_user": {}
         }
       },
-      "SendVerifyEmail": {
-        "DEP": {
-          "l1_support_agent": {},
-          "end_user": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "DEP": {
           "l1_support_agent": {},
@@ -981,11 +940,6 @@
           "end_user": {}
         }
       },
-      "SendVerifyEmail": {
-        "DEP": {
-          "end_user": {}
-        }
-      },
       "ExecuteActionsEmail": {
         "DEP": {
           "end_user": {}
@@ -1036,11 +990,6 @@
           "end_user": {}
         }
       },
-      "SendVerifyEmail": {
-        "DEP": {
-          "end_user": {}
-        }
-      },
       "SendReminderEmail": {
         "DEP": {
           "end_user": {}

diff --git a/pkg/management/authorization.go b/pkg/management/authorization.go
@@ -26,7 +26,6 @@ const (
 	GetClientRolesForUser          = "GetClientRolesForUser"
 	AddClientRolesToUser           = "AddClientRolesToUser"
 	ResetPassword                  = "ResetPassword"
-	SendVerifyEmail                = "SendVerifyEmail"
 	ExecuteActionsEmail            = "ExecuteActionsEmail"
 	SendNewEnrolmentCode           = "SendNewEnrolmentCode"
 	SendReminderEmail              = "SendReminderEmail"
@@ -241,17 +240,6 @@ func (c *authorizationComponentMW) ResetPassword(ctx context.Context, realmName
 	return c.next.ResetPassword(ctx, realmName, userID, password)
 }
 
-func (c *authorizationComponentMW) SendVerifyEmail(ctx context.Context, realmName string, userID string, paramKV ...string) error {
-	var action = SendVerifyEmail
-	var targetRealm = realmName
-
-	if err := c.authManager.CheckAuthorizationOnTargetUser(ctx, action, targetRealm, userID); err != nil {
-		return err
-	}
-
-	return c.next.SendVerifyEmail(ctx, realmName, userID, paramKV...)
-}
-
 func (c *authorizationComponentMW) ExecuteActionsEmail(ctx context.Context, realmName string, userID string, actions []api.RequiredAction, paramKV ...string) error {
 	var action = ExecuteActionsEmail
 	var targetRealm = realmName

diff --git a/pkg/management/authorization_test.go b/pkg/management/authorization_test.go
@@ -127,9 +127,6 @@ func TestDeny(t *testing.T) {
 		_, err = authorizationMW.ResetPassword(ctx, realmName, userID, password)
 		assert.Equal(t, security.ForbiddenError{}, err)
 
-		err = authorizationMW.SendVerifyEmail(ctx, realmName, userID)
-		assert.Equal(t, security.ForbiddenError{}, err)
-
 		err = authorizationMW.ExecuteActionsEmail(ctx, realmName, userID, []api.RequiredAction{})
 		assert.Equal(t, security.ForbiddenError{}, err)
 
@@ -242,7 +239,6 @@ func TestAllowed(t *testing.T) {
 					"GetClientRolesForUser": {"*": {"*": {} }},
 					"AddClientRolesToUser": {"*": {"*": {} }},
 					"ResetPassword": {"*": {"*": {} }},
-					"SendVerifyEmail": {"*": {"*": {} }},
 					"ExecuteActionsEmail": {"*": {"*": {} }},
 					"SendNewEnrolmentCode": {"*": {"*": {} }},
 					"SendReminderEmail": {"*": {"*": {} }},
@@ -333,10 +329,6 @@ func TestAllowed(t *testing.T) {
 		_, err = authorizationMW.ResetPassword(ctx, realmName, userID, password)
 		assert.Nil(t, err)
 
-		mockManagementComponent.EXPECT().SendVerifyEmail(ctx, realmName, userID).Return(nil).Times(1)
-		err = authorizationMW.SendVerifyEmail(ctx, realmName, userID)
-		assert.Nil(t, err)
-
 		mockManagementComponent.EXPECT().ExecuteActionsEmail(ctx, realmName, userID, []api.RequiredAction{}).Return(nil).Times(1)
 		err = authorizationMW.ExecuteActionsEmail(ctx, realmName, userID, []api.RequiredAction{})
 		assert.Nil(t, err)

diff --git a/pkg/management/component.go b/pkg/management/component.go
@@ -37,7 +37,6 @@ type KeycloakClient interface {
 	AddClientRolesToUserRoleMapping(accessToken string, realmName, userID, clientID string, roles []kc.RoleRepresentation) error
 	GetRealmLevelRoleMappings(accessToken string, realmName, userID string) ([]kc.RoleRepresentation, error)
 	ResetPassword(accessToken string, realmName string, userID string, cred kc.CredentialRepresentation) error
-	SendVerifyEmail(accessToken string, realmName string, userID string, paramKV ...string) error
 	ExecuteActionsEmail(accessToken string, realmName string, userID string, actions []string, paramKV ...string) error
 	SendNewEnrolmentCode(accessToken string, realmName string, userID string) (kc.SmsCodeRepresentation, error)
 	SendReminderEmail(accessToken string, realmName string, userID string, paramKV ...string) error
@@ -76,7 +75,6 @@ type Component interface {
 	GetClientRolesForUser(ctx context.Context, realmName, userID, clientID string) ([]api.RoleRepresentation, error)
 	AddClientRolesToUser(ctx context.Context, realmName, userID, clientID string, roles []api.RoleRepresentation) error
 	ResetPassword(ctx context.Context, realmName string, userID string, password api.PasswordRepresentation) (string, error)
-	SendVerifyEmail(ctx context.Context, realmName string, userID string, paramKV ...string) error
 	ExecuteActionsEmail(ctx context.Context, realmName string, userID string, actions []api.RequiredAction, paramKV ...string) error
 	SendNewEnrolmentCode(ctx context.Context, realmName string, userID string) (string, error)
 	SendReminderEmail(ctx context.Context, realmName string, userID string, paramKV ...string) error
@@ -573,18 +571,6 @@ func (c *component) ResetPassword(ctx context.Context, realmName string, userID
 	return pwd, nil
 }
 
-func (c *component) SendVerifyEmail(ctx context.Context, realmName string, userID string, paramKV ...string) error {
-	var accessToken = ctx.Value(cs.CtContextAccessToken).(string)
-
-	err := c.keycloakClient.SendVerifyEmail(accessToken, realmName, userID, paramKV...)
-
-	if err != nil {
-		c.logger.Warn(ctx, "err", err.Error())
-	}
-
-	return err
-}
-
 func (c *component) ExecuteActionsEmail(ctx context.Context, realmName string, userID string, requiredActions []api.RequiredAction, paramKV ...string) error {
 	var accessToken = ctx.Value(cs.CtContextAccessToken).(string)
 

diff --git a/pkg/management/component_test.go b/pkg/management/component_test.go
@@ -1509,49 +1509,6 @@ func TestResetPassword(t *testing.T) {
 
 }
 
-func TestSendVerifyEmail(t *testing.T) {
-	var mockCtrl = gomock.NewController(t)
-	defer mockCtrl.Finish()
-	var mockKeycloakClient = mock.NewKeycloakClient(mockCtrl)
-	var mockEventDBModule = mock.NewEventDBModule(mockCtrl)
-	var mockConfigurationDBModule = mock.NewConfigurationDBModule(mockCtrl)
-	var mockLogger = log.NewNopLogger()
-
-	var managementComponent = NewComponent(mockKeycloakClient, mockEventDBModule, mockConfigurationDBModule, mockLogger)
-
-	var accessToken = "TOKEN=="
-	var realmName = "master"
-	var userID = "1245-7854-8963"
-
-	var key1 = "key1"
-	var value1 = "value1"
-	var key2 = "key2"
-	var value2 = "value2"
-
-	// Send email
-	{
-
-		mockKeycloakClient.EXPECT().SendVerifyEmail(accessToken, realmName, userID, key1, value1, key2, value2).Return(nil).Times(1)
-
-		var ctx = context.WithValue(context.Background(), cs.CtContextAccessToken, accessToken)
-
-		err := managementComponent.SendVerifyEmail(ctx, "master", userID, key1, value1, key2, value2)
-
-		assert.Nil(t, err)
-	}
-
-	// Error
-	{
-		mockKeycloakClient.EXPECT().SendVerifyEmail(accessToken, realmName, userID).Return(fmt.Errorf("Invalid input")).Times(1)
-
-		var ctx = context.WithValue(context.Background(), cs.CtContextAccessToken, accessToken)
-
-		err := managementComponent.SendVerifyEmail(ctx, "master", userID)
-
-		assert.NotNil(t, err)
-	}
-}
-
 func TestExecuteActionsEmail(t *testing.T) {
 	var mockCtrl = gomock.NewController(t)
 	defer mockCtrl.Finish()

diff --git a/pkg/management/endpoint.go b/pkg/management/endpoint.go
@@ -32,7 +32,6 @@ type Endpoints struct {
 	GetClientRoleForUser           endpoint.Endpoint
 	AddClientRoleToUser            endpoint.Endpoint
 	ResetPassword                  endpoint.Endpoint
-	SendVerifyEmail                endpoint.Endpoint
 	ExecuteActionsEmail            endpoint.Endpoint
 	SendNewEnrolmentCode           endpoint.Endpoint
 	SendReminderEmail              endpoint.Endpoint
@@ -66,7 +65,6 @@ type ManagementComponent interface {
 	GetClientRolesForUser(ctx context.Context, realmName, userID, clientID string) ([]api.RoleRepresentation, error)
 	AddClientRolesToUser(ctx context.Context, realmName, userID, clientID string, roles []api.RoleRepresentation) error
 	ResetPassword(ctx context.Context, realmName string, userID string, password api.PasswordRepresentation) (string, error)
-	SendVerifyEmail(ctx context.Context, realmName string, userID string, paramKV ...string) error
 	ExecuteActionsEmail(ctx context.Context, realmName string, userID string, actions []api.RequiredAction, paramKV ...string) error
 	SendNewEnrolmentCode(ctx context.Context, realmName string, userID string) (string, error)
 	SendReminderEmail(ctx context.Context, realmName string, userID string, paramKV ...string) error
@@ -304,22 +302,6 @@ func MakeResetPasswordEndpoint(managementComponent ManagementComponent) cs.Endpo
 	}
 }
 
-// MakeSendVerifyEmailEndpoint creates an endpoint for SendVerifyEmail
-func MakeSendVerifyEmailEndpoint(managementComponent ManagementComponent) cs.Endpoint {
-	return func(ctx context.Context, req interface{}) (interface{}, error) {
-		var m = req.(map[string]string)
-
-		var paramKV []string
-		for _, key := range []string{"client_id", "redirect_uri"} {
-			if m[key] != "" {
-				paramKV = append(paramKV, key, m[key])
-			}
-		}
-
-		return nil, managementComponent.SendVerifyEmail(ctx, m["realm"], m["userID"], paramKV...)
-	}
-}
-
 // MakeExecuteActionsEmailEndpoint creates an endpoint for ExecuteActionsEmail
 func MakeExecuteActionsEmailEndpoint(managementComponent ManagementComponent) cs.Endpoint {
 	return func(ctx context.Context, req interface{}) (interface{}, error) {