feat!: remove deprecated Auth methods

ctran88 · ctran88 · commit ddbac29b19f6 · 2024-12-23T16:10:01.000-06:00
diff --git a/lib/passageidentity/auth.rb b/lib/passageidentity/auth.rb
@@ -2,15 +2,12 @@
 
 require 'active_support'
 require 'jwt'
-require 'rubygems/deprecate'
 require_relative 'client'
 require_relative '../openapi_client'
 
 module Passage
   # The Passage::Auth class provides methods for authenticating requests and tokens
   class Auth
-    extend Gem::Deprecate
-
     def initialize(app_id, api_key, auth_strategy)
       @app_cache = ActiveSupport::Cache::MemoryStore.new
       @app_id = app_id
@@ -30,37 +27,6 @@ def initialize(app_id, api_key, auth_strategy)
       @magic_links_client = OpenapiClient::MagicLinksApi.new
     end
 
-    def authenticate_request(request)
-      # Get the token based on the strategy
-      if @auth_strategy == Passage::COOKIE_STRATEGY
-        unless request.cookies.key?('psg_auth_token')
-          raise PassageError.new(
-            status_code: 401,
-            body: {
-              error: 'missing authentication token: expected "psg_auth_token" cookie',
-              code: 'invalid_access_token'
-            }
-          )
-        end
-        @token = request.cookies['psg_auth_token']
-      else
-        headers = request.headers
-        unless headers.key?('Authorization')
-          raise PassageError.new(
-            status_code: 401,
-            body: {
-              error: 'no authentication token in header',
-              code: 'invalid_access_token'
-            }
-          )
-        end
-
-        @token = headers['Authorization'].split(' ').last
-      end
-
-      validate_jwt(@token)
-    end
-
     def validate_jwt(token)
       raise ArgumentError, 'jwt is required.' unless token && !token.empty?
 
@@ -101,19 +67,6 @@ def validate_jwt(token)
       )
     end
 
-    def revoke_user_refresh_tokens(user_id)
-      warn 'NOTE: Passage::Auth#revoke_user_refresh_tokens is deprecated;
-        use Passage::User#revoke_refresh_tokens instead. It will be removed on or after 2024-12.'
-      user_exists?(user_id)
-
-      @tokens_client.revoke_user_refresh_tokens(@app_id, user_id, @req_opts)
-    rescue Faraday::Error => e
-      raise PassageError.new(
-        status_code: e.response[:status],
-        body: e.response[:body]
-      )
-    end
-
     def create_magic_link_with_email(email, type, send, opts = {})
       args = {}
       args['email'] = email
@@ -144,17 +97,7 @@ def create_magic_link_with_user(user_id, channel, type, send, opts = {})
       create_magic_link(args, opts)
     end
 
-    def fetch_app
-      client = OpenapiClient::AppsApi.new
-      response = client.get_app(@app_id)
-
-      response.app
-    rescue Faraday::Error => e
-      raise PassageError.new(
-        status_code: e.response[:status],
-        body: e.response[:body]
-      )
-    end
+    private
 
     def fetch_jwks
       app_cache = get_cache(@app_id)
@@ -180,12 +123,6 @@ def fetch_jwks
       end
     end
 
-    def authenticate_token(token)
-      validate_jwt(token)
-    end
-
-    private
-
     def create_magic_link(args, opts)
       args['language'] = opts['language']
       args['magic_link_path'] = opts['magic_link_path']
@@ -234,9 +171,5 @@ def get_cache(key)
     def set_cache(key:, jwks:)
       @app_cache.write(key, jwks, expires_in: 86_400)
     end
-    deprecate(:authenticate_request, :validate_jwt, 2025, 1)
-    deprecate(:authenticate_token, :validate_jwt, 2025, 1)
-    deprecate(:fetch_app, :none, 2025, 1)
-    deprecate(:fetch_jwks, :none, 2025, 1)
   end
 end
diff --git a/tests/auth_test.rb b/tests/auth_test.rb
@@ -2,32 +2,13 @@
 
 require_relative '../lib/passageidentity/client'
 require 'dotenv'
-require 'faraday'
-require 'rack'
 require 'test/unit'
 
 Dotenv.load('.env')
 
 # This is a test suite for the Passage Auth API using the Test::Unit framework.
 class TestAuthAPI < Test::Unit::TestCase
-  PassageClient =
-    Passage::Client.new(app_id: ENV['APP_ID'], api_key: ENV['API_KEY'])
-  PassageHeaderClient =
-    Passage::Client.new(
-      app_id: ENV['APP_ID'],
-      api_key: ENV['API_KEY'],
-      auth_strategy: Passage::HEADER_STRATEGY
-    )
-
-  def setup
-    @test_user =
-      PassageClient.user.create(
-        email: 'passage+test-ruby@passage.id',
-        user_metadata: {
-          example1: 'cool'
-        }
-      )
-  end
+  PassageClient = Passage::Client.new(app_id: ENV['APP_ID'], api_key: ENV['API_KEY'])
 
   def test_valid_jwt
     user_id = PassageClient.auth.validate_jwt(ENV['PSG_JWT'])
@@ -39,74 +20,4 @@ def test_invalid_jwt
       PassageClient.auth.validate_jwt('invalid_token')
     end
   end
-
-  def test_valid_authenticate_request_cookie
-    env = Rack::MockRequest.env_for('https://test.com')
-    env['HTTP_COOKIE'] = "psg_auth_token=#{ENV['PSG_JWT']}"
-    cookie_request = Rack::Request.new(env)
-    user_id = PassageClient.auth.authenticate_request(cookie_request)
-    assert_equal ENV['TEST_USER_ID'], user_id
-  end
-
-  def test_invalid_authenticate_request_cookie
-    env_bad_cookie = Rack::MockRequest.env_for('https://test.com')
-    env_bad_cookie['HTTP_COOKIE'] = 'psg_auth_token=invalid_token}'
-    bad_cookie_request = Rack::Request.new(env_bad_cookie)
-    assert_raises Passage::PassageError do
-      PassageClient.auth.authenticate_request(bad_cookie_request)
-    end
-    no_cookie_request = Rack::Request.new({})
-    assert_raises Passage::PassageError do
-      PassageClient.auth.authenticate_request(no_cookie_request)
-    end
-  end
-
-  def test_valid_authenticate_request_header
-    headers = { 'Authorization' => "Bearer #{ENV['PSG_JWT']}" }
-    header_request = Faraday.new(url: 'https://test.com', headers: headers)
-    user_id = PassageHeaderClient.auth.authenticate_request(header_request)
-    assert_equal ENV['TEST_USER_ID'], user_id
-  end
-
-  def test_invalid_authenticate_request_header
-    invalid_headers = { 'Authorization' => 'Bearer invalid_token' }
-    no_header_request = Faraday.new(url: 'https://test.com')
-    assert_raises Passage::PassageError do
-      PassageHeaderClient.auth.authenticate_request(no_header_request)
-    end
-    Faraday.new(url: 'https://test.com', headers: invalid_headers)
-    assert_raises Passage::PassageError do
-      PassageHeaderClient.auth.authenticate_request(no_header_request)
-    end
-  end
-
-  def test_create_magic_link
-    magic_link =
-      PassageClient.create_magic_link(
-        email: 'passage@passage.id',
-        channel: Passage::EMAIL_CHANNEL,
-        ttl: 122
-      )
-
-    assert_equal 122, magic_link.ttl
-    assert_equal 'passage@passage.id', magic_link.identifier
-  end
-
-  def test_invalid_create_magic_link
-    assert_raises Passage::PassageError do
-      PassageClient.create_magic_link(
-        email: 'passage@passage.id',
-        ttl: 122
-      )
-    end
-  end
-
-  def test_revoke_user_refresh_tokens
-    success = PassageClient.auth.revoke_user_refresh_tokens(@test_user.id)
-    assert_equal nil, success
-  end
-
-  def teardown
-    PassageClient.user.delete(user_id: @test_user.id)
-  end
 end
