feat: remove authz token

implement ENG-3799
indykite · Jun 20, 2024 · f6f5ef6 · f6f5ef6
1 parent ba414aa
commit f6f5ef6
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 161 deletions.
diff --git a/authorization/authorization_integration_test.go b/authorization/authorization_integration_test.go
@@ -891,86 +891,6 @@ var _ = Describe("Authorized", func() {
 				}),
 			})))
 		})
-
-		It("IsAuthorizedTokenNonValid", func() {
-			var err error
-			authorizationClient, err := integration.InitConfigAuthorization()
-			Expect(err).To(Succeed())
-
-			token := integration.TokenBad
-			resources := integration.Resource1
-			// To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier.
-			noAuditLogEntry = true
-			inputParams := map[string]*authorizationpb.InputParam{
-				"auditLog": {
-					Value: &authorizationpb.InputParam_StringValue{
-						StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier),
-					},
-				},
-			}
-			var policyTags []string
-
-			resp, err := authorizationClient.IsAuthorizedByToken(
-				context.Background(),
-				token,
-				resources,
-				inputParams,
-				policyTags,
-				retry.WithMax(5),
-			)
-			Expect(err).To(MatchError(ContainSubstring("invalid JWT")))
-			Expect(resp).To(BeNil())
-		})
-
-		It("IsAuthorizedTokenNotInDB", func() {
-			var err error
-			authorizationClient, err := integration.InitConfigAuthorization()
-			Expect(err).To(Succeed())
-
-			token := integration.TokenGoodFormat
-			resources := integration.Resource1
-			// To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier.
-			inputParams := map[string]*authorizationpb.InputParam{
-				"auditLog": {
-					Value: &authorizationpb.InputParam_StringValue{
-						StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier),
-					},
-				},
-			}
-			var policyTags []string
-
-			resp, err := authorizationClient.IsAuthorizedByToken(
-				context.Background(),
-				token,
-				resources,
-				inputParams,
-				policyTags,
-				retry.WithMax(5),
-			)
-			Expect(err).To(Succeed())
-			Expect(resp).NotTo(BeNil())
-
-			decision := resources[0].Type
-			resource := resources[0].ExternalId
-			action := resources[0].Actions[0]
-
-			Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{
-				"DecisionTime": Not(BeNil()),
-				"Decisions": MatchAllKeys(Keys{
-					decision: PointTo(MatchFields(IgnoreExtras, Fields{
-						"Resources": MatchAllKeys(Keys{
-							resource: PointTo(MatchFields(IgnoreExtras, Fields{
-								"Actions": MatchAllKeys(Keys{
-									action: PointTo(MatchFields(IgnoreExtras, Fields{
-										"Allow": Equal(false),
-									})),
-								}),
-							})),
-						}),
-					})),
-				}),
-			})))
-		})
 	})
 
 	Describe("WhatAuthorized", func() {
@@ -1453,81 +1373,6 @@ var _ = Describe("Authorized", func() {
 				}),
 			})))
 		})
-
-		It("WhatAuthorizedTokenNonValid", func() {
-			var err error
-			authorizationClient, err := integration.InitConfigAuthorization()
-			Expect(err).To(Succeed())
-
-			resourcesTypes := integration.ResourceType1
-			// To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier.
-			noAuditLogEntry = true
-			inputParams := map[string]*authorizationpb.InputParam{
-				"auditLog": {
-					Value: &authorizationpb.InputParam_StringValue{
-						StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier),
-					},
-				},
-			}
-			var policyTags []string
-
-			resp, err := authorizationClient.WhatAuthorizedByToken(
-				context.Background(),
-				integration.TokenBad,
-				resourcesTypes,
-				inputParams,
-				policyTags,
-				retry.WithMax(5),
-			)
-
-			Expect(err).To(MatchError(ContainSubstring("invalid JWT")))
-			Expect(resp).To(BeNil())
-		})
-
-		It("WhatAuthorizedPropertyNotInDB", func() {
-			var err error
-			authorizationClient, err := integration.InitConfigAuthorization()
-			Expect(err).To(Succeed())
-
-			resourcesTypes := integration.ResourceType1
-			// To make sure that the proper audit log was queried from BigQuery, need to add a unique identifier.
-			inputParams := map[string]*authorizationpb.InputParam{
-				"auditLog": {
-					Value: &authorizationpb.InputParam_StringValue{
-						StringValue: fmt.Sprintf("\"%v\"", auditLogIdentifier),
-					},
-				},
-			}
-			var policyTags []string
-
-			resp, err := authorizationClient.WhatAuthorizedByToken(
-				context.Background(),
-				integration.TokenGoodFormat,
-				resourcesTypes,
-				inputParams,
-				policyTags,
-				retry.WithMax(5),
-			)
-
-			Expect(err).To(Succeed())
-			Expect(resp).NotTo(BeNil())
-
-			decision := resourcesTypes[0].Type
-			action := resourcesTypes[0].Actions[0]
-
-			Expect(resp).To(PointTo(MatchFields(IgnoreExtras, Fields{
-				"DecisionTime": Not(BeNil()),
-				"Decisions": MatchAllKeys(Keys{
-					decision: PointTo(MatchFields(IgnoreExtras, Fields{
-						"Actions": MatchAllKeys(Keys{
-							action: PointTo(MatchFields(IgnoreExtras, Fields{
-								"Resources": BeEmpty(),
-							})),
-						}),
-					})),
-				}),
-			})))
-		})
 	})
 
 	Describe("WhoAuthorized", func() {

diff --git a/test/constants.go b/test/constants.go
@@ -172,12 +172,6 @@ var (
 	Subject2 = "fVcaUxJqmOkyOTX"
 	Subject3 = "lSPmCXIPRXppszf"
 	Subject4 = "NACTFFKUCcceDIz"
-
-	// TokenGoodFormat is a valid format for jwt.
-	TokenGoodFormat = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9." +
-		"eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9." +
-		"dyt0CoTl4WoVjAHI9Q_CwSKhl6d_9rhM3NrXuJttkao" // #nosec G101
-	TokenBad = "token_invalid_format"
 )
 
 func GenerateRandomString(length int) string {