refactor: remove SGID login (#2253)

* refactor: remove SGID login

* fix: disable revert

---------

Co-authored-by: KishenKumarrrrr <kishen@open.gov.sg>
Co-authored-by: Jiayee Lim <me@jiayee.net>

.github/workflows/non-serverless-deploy.yml

@@ -102,29 +102,29 @@ jobs:
     uses: ./.github/workflows/e2e.yml
     secrets: inherit
 
-  revert-on-e2e-failure:
-    runs-on: ubuntu-latest
-    needs:
-      - deploy-backend
-      - deploy-frontend
-      - deploy-worker
-      - e2e-test
-    if: always()
-    steps:
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ap-southeast-1
-      - run: |
-          if [ "${{ needs.e2e-test.outputs.e2e_result }}" = "failure" ] && [ "${{ github.ref }}" = "refs/heads/master" ]; then
-            ${{ needs.deploy-worker.outputs.sending_revert_command }}
-            ${{ needs.deploy-worker.outputs.logging_revert_command }}
-            ${{ needs.deploy-frontend.outputs.revert_command }}
-            ${{ needs.deploy-backend.outputs.revert_command_backend }}
-            ${{ needs.deploy-backend.outputs.revert_command_callback }}
-          fi
+  # revert-on-e2e-failure:
+  #   runs-on: ubuntu-latest
+  #   needs:
+  #     - deploy-backend
+  #     - deploy-frontend
+  #     - deploy-worker
+  #     - e2e-test
+  #   if: always()
+  #   steps:
+  #     - name: Configure AWS credentials
+  #       uses: aws-actions/configure-aws-credentials@v2
+  #       with:
+  #         aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+  #         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  #         aws-region: ap-southeast-1
+  #     - run: |
+  #         if [ "${{ needs.e2e-test.outputs.e2e_result }}" = "failure" ] && [ "${{ github.ref }}" = "refs/heads/master" ]; then
+  #           ${{ needs.deploy-worker.outputs.sending_revert_command }}
+  #           ${{ needs.deploy-worker.outputs.logging_revert_command }}
+  #           ${{ needs.deploy-frontend.outputs.revert_command }}
+  #           ${{ needs.deploy-backend.outputs.revert_command_backend }}
+  #           ${{ needs.deploy-backend.outputs.revert_command_callback }}
+  #         fi
 
   slack-success:
     needs:

.secrets.baseline

@@ -184,14 +184,14 @@
         "filename": "backend/.env-example",
         "hashed_secret": "6748ca60457562b72fd832fddb31552789ce6370",
         "is_verified": false,
-        "line_number": 64
+        "line_number": 59
       },
       {
         "type": "Secret Keyword",
         "filename": "backend/.env-example",
         "hashed_secret": "a2eebfeb7f52d750b419d88a37acc905afe38591",
         "is_verified": false,
-        "line_number": 87
+        "line_number": 82
       }
     ],
     "backend/src/core/middlewares/auth.middleware.ts": [
@@ -200,7 +200,7 @@
         "filename": "backend/src/core/middlewares/auth.middleware.ts",
         "hashed_secret": "159500287c06851df741128ec4b073ea394414b6",
         "is_verified": false,
-        "line_number": 23
+        "line_number": 19
       }
     ],
     "backend/src/core/services/auth.service.ts": [
@@ -209,7 +209,7 @@
         "filename": "backend/src/core/services/auth.service.ts",
         "hashed_secret": "f114703480996b273d7e57cbd195b4ab1e70a21b",
         "is_verified": false,
-        "line_number": 65
+        "line_number": 31
       }
     ],
     "backend/src/email/services/tests/email-template.service.test.ts": [
@@ -365,5 +365,5 @@
       }
     ]
   },
-  "generated_at": "2023-11-16T03:18:03Z"
+  "generated_at": "2024-05-02T12:39:06Z"
 }

backend/.env-example

@@ -50,11 +50,6 @@ EMAIL_CALLBACK_HASH_SECRET="abcde"
 WORKER_SES_HOST=""
 TELEGRAM_BOT_CONTACT_US_URL="https://go.gov.sg/postman-contact-us-recipient"
 TELEGRAM_BOT_GUIDE_URL="https://go.gov.sg/postman-recipient-guide"
-SGID_CLIENT_ID=""
-SGID_CLIENT_SECRET=""
-SGID_PRIVATE_KEY=""
-SGID_REDIRECT_URI=""
-SGID_VALID_DOMAINS="@open.gov.sg"
 
 ##### Email callback #####
 # Generate a fake public key using

backend/package.json

@@ -33,7 +33,7 @@
     "@aws-sdk/client-sns": "3.370.0",
     "@aws-sdk/rds-signer": "3.370.0",
     "@aws-sdk/s3-request-presigner": "3.370.0",
-    "@opengovsg/sgid-client": "^2.1.0",
+    "@datadog/browser-rum": "^4.43.0",
     "@sentry/node": "5.30.0",
     "async-retry": "1.3.3",
     "axios": "0.21.4",

backend/src/core/config.ts

@@ -175,12 +175,6 @@ interface ConfigSchema {
   flamingo: {
     dbUri: string
   }
-  sgid: {
-    clientId: string
-    clientSecret: string
-    privateKey: string
-    redirectUri: string
-  }
 }
 
 convict.addFormats({
@@ -813,36 +807,6 @@ const config: Config<ConfigSchema> = convict({
       env: 'FLAMINGO_DB_URI',
     },
   },
-  sgid: {
-    clientId: {
-      doc: 'Client ID of application registered with sgID',
-      default: '',
-      env: 'SGID_CLIENT_ID',
-      format: 'required-string',
-      sensitive: true,
-    },
-    clientSecret: {
-      doc: 'Client secret of application registered with sgID',
-      default: '',
-      env: 'SGID_CLIENT_SECRET',
-      format: 'required-string',
-      sensitive: true,
-    },
-    privateKey: {
-      doc: 'Private key of application registered with sgID',
-      default: '',
-      env: 'SGID_PRIVATE_KEY',
-      format: 'required-string',
-      sensitive: true,
-    },
-    redirectUri: {
-      doc: 'Redirect URI of application registered with sgID',
-      default: '',
-      env: 'SGID_REDIRECT_URI',
-      format: 'required-string',
-      sensitive: true,
-    },
-  },
 })
 
 // If mailFrom was not set in an env var, set it using the app_name