Revert "WAZO-67 refresh token"

.gitignore

@@ -12,4 +12,3 @@ nosetests.xml
 pep8.txt
 pylint.txt
 pycodestyle.txt
-unit-tests.xml

integration_tests/suite/helpers/fixtures/db.py

@@ -66,8 +66,6 @@ def wrapper(self, *args, **kwargs):
                 'expire_t': now + token_args.get('expiration', 120),
                 'acls': token_args.get('acls', []),
                 'metadata': token_args.get('metadata', {}),
-                'user_agent': token_args.get('user_agent', ''),
-                'remote_addr': token_args.get('remote_addr', ''),
             }
             session = token_args.get('session', {})
 

integration_tests/suite/test_db_token.py

@@ -45,8 +45,6 @@ def test_create(self):
                 'id': 42,
                 'msg': 'a string field',
             },
-            'user_agent': 'my-user-agent',
-            'remote_addr': '192.168.1.1',
         }
         session = {}
         token_uuid, session_uuid = self._token_dao.create(body, session)

wazo_auth/controller.py

@@ -53,7 +53,6 @@ def __init__(self, config):
         self._tenant_tree = services.helpers.CachedTenantTree(dao.tenant)
         self._token_service = services.TokenService(config, dao, self._tenant_tree, self._bus_publisher)
         self._backends = BackendsProxy()
-        authentication_service = services.AuthenticationService(dao, self._backends)
         email_service = services.EmailService(dao, self._tenant_tree, config, template_formatter)
         external_auth_service = services.ExternalAuthService(
             dao, self._tenant_tree, config, self._bus_publisher, config['enabled_external_auth_plugins']
@@ -97,7 +96,6 @@ def __init__(self, config):
         self._config['loaded_plugins'] = self._loaded_plugins_names(self._backends)
         dependencies = {
             'api': api,
-            'authentication_service': authentication_service,
             'backends': self._backends,
             'config': config,
             'email_service': email_service,

wazo_auth/database/models.py

@@ -122,29 +122,11 @@ class Token(Base):
     issued_t = Column(Integer)
     expire_t = Column(Integer)
     metadata_ = Column(Text, name='metadata')
-    user_agent = Column(Text)
-    remote_addr = Column(Text)
 
     acls = relationship('ACL')
     session = relationship('Session')
 
 
-class RefreshToken(Base):
-
-    __tablename__ = 'auth_refresh_token'
-    __table_args__ = (
-        UniqueConstraint('client_id', 'user_uuid'),
-    )
-
-    uuid = Column(String(36), server_default=text('uuid_generate_v4()'), primary_key=True)
-    client_id = Column(Text)
-    user_uuid = Column(String(36), ForeignKey('auth_user.uuid', ondelete='CASCADE'))
-    backend = Column(Text)
-    login = Column(Text)
-    user_agent = Column(Text)
-    remote_addr = Column(Text)
-
-
 class Session(Base):
 
     __tablename__ = 'auth_session'

wazo_auth/database/queries/__init__.py

@@ -10,7 +10,6 @@
 from .tenant import TenantDAO
 from .token import TokenDAO
 from .user import UserDAO
-from .refresh_token import RefreshTokenDAO
 
 from xivo import sqlalchemy_helper
 
@@ -23,7 +22,6 @@ class DAO:
         'external_auth': ExternalAuthDAO,
         'group': GroupDAO,
         'policy': PolicyDAO,
-        'refresh_token': RefreshTokenDAO,
         'session': SessionDAO,
         'tenant': TenantDAO,
         'token': TokenDAO,

wazo_auth/database/queries/token.py

@@ -24,8 +24,6 @@ def create(self, body, session_body):
             xivo_uuid=body['xivo_uuid'],
             issued_t=int(body['issued_t']),
             expire_t=int(body['expire_t']),
-            user_agent=body['user_agent'],
-            remote_addr=body['remote_addr'],
             metadata_=serialized_metadata,
         )
         token.acls = [ACL(token_uuid=token.uuid, value=acl) for acl in body.get('acls') or []]
@@ -58,8 +56,6 @@ def get(self, token_uuid):
                     'acls': [acl.value for acl in token.acls],
                     'metadata': json.loads(token.metadata_) if token.metadata_ else {},
                     'session_uuid': token.session_uuid,
-                    'remote_addr': token.remote_addr,
-                    'user_agent': token.user_agent,
                 }
 
             raise exceptions.UnknownTokenException()

wazo_auth/exceptions.py

@@ -5,24 +5,6 @@
 from xivo.rest_api_helpers import APIException
 
 
-class NoSuchBackendException(Exception):
-
-    def __init__(self, backend_name):
-        super().__init__(f'no such backend {backend_name}')
-
-
-class InvalidUsernamePassword(Exception):
-
-    def __init__(self, login):
-        super().__init__(f'unknown username or password for login {login}')
-
-
-class UnknownRefreshToken(Exception):
-
-    def __init__(self, refresh_token, client_id):
-        super().__init__(f'unknown refresh_token "{refresh_token}" with client_id "{client_id}"')
-
-
 class TokenServiceException(Exception):
     pass
 

wazo_auth/helpers.py

@@ -68,12 +68,7 @@ def get_token(self):
                 return
 
             self._renew_time = time.time() + self._delay - self._threshold
-            self._token = self._new_token({
-                'expiration': 3600,
-                'backend': 'wazo_user',
-                'user_agent': '',
-                'remote_addr': '127.0.0.1',
-            })
+            self._token = self._new_token({'expiration': 3600, 'backend': 'wazo_user'})
 
         return self._token.token
 

wazo_auth/plugins/http/tokens/api.yml

@@ -6,18 +6,9 @@ paths:
       produces:
       - application/json
       summary: Creates a token
-      description: |
-        Creates a valid token for the supplied username and password combination or refresh_token
-        using the specified backend.
-
-        The stock backends are: ``wazo_user``, ``ldap_user``.
-
-        Creating  a token with the `access_type` *offline* will also create a refresh token which can be used
-        to create a new token without specifying the username and password.
-
-        The username/password and refresh_token method of authentication are mutually exclusive
-
-        For more details about the backends, see http://documentation.wazo.community/en/latest/system/wazo-auth/stock_plugins.html#backends-plugins
+      description: 'Creates a valid token for the supplied username and password combination
+        using the specified backend. The stock backends are: ``wazo_user``,
+        ``ldap_user``. For more details about the backends, see http://documentation.wazo.community/en/latest/system/wazo-auth/stock_plugins.html#backends-plugins'
       operationId: createToken
       tags:
       - token
@@ -37,33 +28,6 @@ paths:
               default: wazo_user
             expiration:
               type: integer
-            access_type:
-              type: string
-              description: |
-                The `access_type` indicates whether your application can refresh the tokens when the user is not
-                present at the browser. Valid parameter values are *online*, which is the default value, and *offline*
-
-                Only one refresh token will be created for a given user with a given `client_id`. The old refresh
-                for `client_id` will be revoken when creating a new one.
-
-                The *client_id* field is required when using the `access_type` *offline*
-              default: online
-              enum:
-                - online
-                - offline
-            client_id:
-              type: string
-              description: |
-                The `client_id` is used in conjunction with the `access_type` *offline* to known for which application
-                a refresh token has been emitted.
-
-                *Required when using `access_type: offline`*
-            refresh_token:
-              type: string
-              description: |
-                The `refresh_token` can be used to get a new access token without using the username/password.
-                This is useful for client application that should not store the username and password once the
-                user has logged in a first time.
       responses:
         '200':
           description: "The created token's data"