Remove dead code (#4328)

The mobile apps cozy-drive and cozy-banks were able to onboard a new Cozy instance. This was done with a flow involving the cloudery. Those apps are no longer used, and the flow is no longer supported by the cloudery, so we can clean the stack code.
cozy · Feb 13, 2024 · 21ff163 · 21ff163
2 parents 2c11baa + fc4e1ae
commit 21ff163
Show file tree

Hide file tree

Showing 11 changed files with 52 additions and 579 deletions.
diff --git a/assets/scripts/check-deeplink.js b/assets/scripts/check-deeplink.js
diff --git a/assets/templates/authorize.html b/assets/templates/authorize.html
@@ -99,6 +99,5 @@ <h1 class="h4 h2-md mb-3 text-center">{{t "Authorize Title" .Client.ClientName}}
     </div>
     <div class="modal-backdrop show"></div>
     <script src="{{asset .Domain "/scripts/cirrus.js"}}"></script>
-    {{if .HasFallback}}<script src="{{asset .Domain "/scripts/check-deeplink.js"}}"></script>{{end}}
   </body>
 </html>
diff --git a/docs/auth.md b/docs/auth.md
@@ -1002,53 +1002,6 @@ Content-Type: application/json
 }
 ```
 
-### POST /auth/secret_exchange
-
-This endpoint is designed to trade a `secret` for a client. It is useful when an
-OAuth client had been previously generated by an external entity with an
-onboarding secret.
-
-The only parameter needed is `secret`.
-
-
-```http
-POST /auth/secret_exchange HTTP/1.1
-Host: cozy.example.org
-Accept: application/json
-Content-Type: application/json
-
-{
-    "secret": "myS3Cr3t!"
-}
-```
-
-```http
-HTTP/1.1 200 OK
-Content-Type: application/json
-```
-
-```json
-{
-  "client_id": "cf60f07cd7e00d0c0f86cd3f29240477",
-  "client_secret": "NNSLTid18EATInQWyg2XGKd_vs0e3zUC",
-  "client_secret_expires_at": 0,
-  "redirect_uris": [
-    "https://example.org/oauth/callback"
-  ],
-  "grant_types": [
-    "authorization_code",
-    "refresh_token"
-  ],
-  "response_types": [
-    "code"
-  ],
-  "client_name": "cozy-test-3",
-  "software_id": "github.com/cozy/cozy-test",
-  "notifications": null,
-  "onboarding_secret": "myS3Cr3t!"
-}
-```
-
 ### POST /auth/session_code
 
 This endpoint can be used by the flagship application in order to create a

diff --git a/model/oauth/client.go b/model/oauth/client.go
@@ -105,11 +105,6 @@ type Client struct {
 	CertifiedFromStore  bool `json:"certified_from_store,omitempty"`
 	CreatedAtOnboarding bool `json:"created_at_onboarding,omitempty"`
 
-	OnboardingSecret      string `json:"onboarding_secret,omitempty"`
-	OnboardingApp         string `json:"onboarding_app,omitempty"`
-	OnboardingPermissions string `json:"onboarding_permissions,omitempty"`
-	OnboardingState       string `json:"onboarding_state,omitempty"`
-
 	Metadata *metadata.CozyMetadata `json:"cozyMetadata,omitempty"`
 }
 
@@ -592,10 +587,6 @@ func (c *Client) Update(i *instance.Instance, old *Client) *ClientRegistrationEr
 	c.GrantTypes = []string{"authorization_code", "refresh_token"}
 	c.ResponseTypes = []string{"code"}
 	c.AllowLoginScope = old.AllowLoginScope
-	c.OnboardingSecret = ""
-	c.OnboardingApp = ""
-	c.OnboardingPermissions = ""
-	c.OnboardingState = ""
 
 	if c.ClientName != old.ClientName {
 		if err := c.ensureClientNameUnicity(i); err != nil {

diff --git a/web/auth/auth.go b/web/auth/auth.go
@@ -628,7 +628,6 @@ func Routes(router *echo.Group) {
 	authHandler.Register(router.Group("/authorize", noCSRF))
 
 	router.POST("/access_token", accessToken)
-	router.POST("/secret_exchange", secretExchange)
 
 	// Flagship app
 	router.POST("/session_code", CreateSessionCode)