Merge pull request #328 from cultuurnet/III-6410-remove-auth0

III-6410 Cleanup auth0 Code
cultuurnet · Nov 19, 2024 · 8564d05 · 8564d05
2 parents 6045685 + be48e2a
commit 8564d05
Show file tree

Hide file tree

Showing 6 changed files with 51 additions and 229 deletions.
diff --git a/app/JsonDocumentFetcherProvider.php b/app/JsonDocumentFetcherProvider.php
@@ -4,7 +4,6 @@
 
 namespace CultuurNet\UDB3\SearchService;
 
-use CultuurNet\UDB3\Search\Http\Authentication\Auth0\Auth0TokenGenerator;
 use CultuurNet\UDB3\Search\Http\Authentication\Keycloak\KeycloakTokenGenerator;
 use CultuurNet\UDB3\Search\Http\Authentication\Token\TokenGenerator;
 use CultuurNet\UDB3\Search\JsonDocument\GuzzleJsonDocumentFetcher;
@@ -33,24 +32,12 @@ public function register(): void
 
     private function getTokenGenerator(): TokenGenerator
     {
-        if ($this->parameter('keycloak.enabled')) {
-            return new KeycloakTokenGenerator(
-                new Client(),
-                $this->parameter('keycloak.domain'),
-                $this->parameter('keycloak.entry_api_client_id'),
-                $this->parameter('keycloak.entry_api_client_secret'),
-                $this->parameter('keycloak.entry_api_audience')
-            );
-        }
-
-        return new Auth0TokenGenerator(
-            new Client([
-                'http_errors' => false,
-            ]),
-            $this->parameter('auth0.domain'),
-            $this->parameter('auth0.entry_api_client_id'),
-            $this->parameter('auth0.entry_api_client_secret'),
-            $this->parameter('auth0.entry_api_audience')
+        return new KeycloakTokenGenerator(
+            new Client(),
+            $this->parameter('keycloak.domain'),
+            $this->parameter('keycloak.entry_api_client_id'),
+            $this->parameter('keycloak.entry_api_client_secret'),
+            $this->parameter('keycloak.entry_api_audience')
         );
     }
 }
diff --git a/app/RoutingServiceProvider.php b/app/RoutingServiceProvider.php
@@ -7,8 +7,6 @@
 use CultureFeed;
 use CultureFeed_DefaultOAuthClient;
 use CultuurNet\UDB3\Search\FileReader;
-use CultuurNet\UDB3\Search\Http\Authentication\Auth0\Auth0TokenGenerator;
-use CultuurNet\UDB3\Search\Http\Authentication\Auth0\Auth0MetadataGenerator;
 use CultuurNet\UDB3\Search\Http\Authentication\AuthenticateRequest;
 use CultuurNet\UDB3\Search\Http\Authentication\Consumer;
 use CultuurNet\UDB3\Search\Http\Authentication\Keycloak\KeycloakTokenGenerator;
@@ -54,8 +52,7 @@ function (): Router {
 
                     $metadataGenerator = $this->getMetadataGenerator();
 
-                    $pemFile = $this->parameter('keycloak.enabled') ?
-                        $this->parameter('keycloak.pem_file') : $this->parameter('auth0.pem_file');
+                    $pemFile = $this->parameter('keycloak.pem_file');
                     $authenticateRequest = new AuthenticateRequest(
                         $this->getLeagueContainer(),
                         new CultureFeed($oauthClient),
@@ -127,50 +124,26 @@ function (): Router {
 
     private function getManagementTokenProvider(): ManagementTokenProvider
     {
-        if ($this->parameter('keycloak.enabled')) {
-            return new ManagementTokenProvider(
-                new KeycloakTokenGenerator(
-                    new Client(),
-                    $this->parameter('keycloak.domain'),
-                    $this->parameter('keycloak.client_id'),
-                    $this->parameter('keycloak.client_secret'),
-                    $this->parameter('keycloak.domain') . '/api/v2/'
-                ),
-                new ManagementTokenFileRepository(__DIR__ . '/../cache/keycloak-management-token-cache.json'),
-            );
-        }
-
         return new ManagementTokenProvider(
-            new Auth0TokenGenerator(
-                new Client([
-                    'http_errors' => false,
-                ]),
-                $this->parameter('auth0.domain'),
-                $this->parameter('auth0.client_id'),
-                $this->parameter('auth0.client_secret'),
-                $this->parameter('auth0.domain') . '/api/v2/'
+            new KeycloakTokenGenerator(
+                new Client(),
+                $this->parameter('keycloak.domain'),
+                $this->parameter('keycloak.client_id'),
+                $this->parameter('keycloak.client_secret'),
+                $this->parameter('keycloak.domain') . '/api/v2/'
             ),
-            new ManagementTokenFileRepository(__DIR__ . '/../cache/auth0-management-token-cache.json'),
+            new ManagementTokenFileRepository(__DIR__ . '/../cache/keycloak-management-token-cache.json'),
         );
     }
 
     private function getMetadataGenerator(): MetadataGenerator
     {
-        if ($this->parameter('keycloak.enabled')) {
-            return new KeycloakMetadataGenerator(
-                new Client([
-                    'http_errors' => false,
-                ]),
-                $this->parameter('keycloak.domain'),
-                $this->parameter('keycloak.realm'),
-            );
-        }
-
-        return new Auth0MetadataGenerator(
+        return new KeycloakMetadataGenerator(
             new Client([
                 'http_errors' => false,
             ]),
-            $this->parameter('auth0.domain')
+            $this->parameter('keycloak.domain'),
+            $this->parameter('keycloak.realm'),
         );
     }
 }
diff --git a/src/Http/Authentication/Auth0/Auth0MetadataGenerator.php b/src/Http/Authentication/Auth0/Auth0MetadataGenerator.php
diff --git a/src/Http/Authentication/Auth0/Auth0TokenGenerator.php b/src/Http/Authentication/Auth0/Auth0TokenGenerator.php
diff --git a/src/Http/Authentication/AuthenticateRequest.php b/src/Http/Authentication/AuthenticateRequest.php
@@ -92,7 +92,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
 
     private function handleClientId(ServerRequestInterface $request, RequestHandlerInterface $handler, string $clientId): ResponseInterface
     {
-        $auth0Down = false;
+        $oAuthServerDown = false;
         $metadata = [];
 
         try {
@@ -106,11 +106,11 @@ private function handleClientId(ServerRequestInterface $request, RequestHandlerI
             }
         } catch (ConnectException $connectException) {
             $this->logger->error('OAuth server was detected as down, this results in disabling authentication');
-            $auth0Down = true;
+            $oAuthServerDown = true;
         }
 
-        // Bypass the sapi access validation when Auth0 is down to make sure sapi requests are still handled.
-        if (!$auth0Down && !$this->hasSapiAccess($metadata)) {
+        // Bypass the sapi access validation when the oauth server is down to make sure sapi requests are still handled.
+        if (!$oAuthServerDown && !$this->hasSapiAccess($metadata)) {
             return (new NotAllowedToUseSapi($clientId))->toResponse();
         }
 
@@ -145,7 +145,7 @@ private function handleAccessToken(
         }
 
         $config = $this->container->get(Config::class);
-        $jwtUrl = $config->get('keycloak.enabled') ? $config->get('jwt.domain') : null;
+        $jwtUrl = $config->get('jwt.domain');
         if (!$token->isAllowedOnSearchApi($jwtUrl)) {
             return (new NotAllowedToUseSapi())->toResponse();
         }