[#IOPID-2429] API Token Support removal (#1159)

Co-authored-by: Salvatore Laiso <salvatore.laiso@it.ey.com>

.env.example

@@ -34,11 +34,6 @@ FF_IO_SIGN_ENABLED=1
 FF_IO_WALLET_ENABLED=1
 FF_IO_WALLET_TRIAL_ENABLED=1
 
-JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY="-----BEGIN RSA PRIVATE KEY-----\n
-<APrivateRSAKEY>\n
------END RSA PRIVATE KEY-----"
-JWT_SUPPORT_TOKEN_ISSUER=io-backend
-
 # ------------------------------------
 # FnAppMessages Env Variables
 # ------------------------------------

src/app.ts

@@ -95,7 +95,6 @@ import {
 import ServicesAppBackendController from "./controllers/serviceAppBackendController";
 import SessionLockController from "./controllers/sessionLockController";
 import { getUserForMyPortal } from "./controllers/ssoController";
-import SupportController from "./controllers/supportController";
 import UserDataProcessingController from "./controllers/userDataProcessingController";
 import { ISessionStorage } from "./services/ISessionStorage";
 import AuthenticationLockService from "./services/authenticationLockService";
@@ -118,7 +117,6 @@ import ProfileService from "./services/profileService";
 import RedisSessionStorage from "./services/redisSessionStorage";
 import RedisUserMetadataStorage from "./services/redisUserMetadataStorage";
 import ServicesAppBackendService from "./services/servicesAppBackendService";
-import TokenService from "./services/tokenService";
 import UserDataProcessingService from "./services/userDataProcessingService";
 import bearerMyPortalTokenStrategy from "./strategies/bearerMyPortalTokenStrategy";
 import bearerSessionTokenStrategy from "./strategies/bearerSessionTokenStrategy";
@@ -308,9 +306,6 @@ export async function newApp({
   return pipe(
     TE.tryCatch(
       async () => {
-        // Ceate the Token Service
-        const TOKEN_SERVICE = new TokenService();
-
         // Create the profile service
         const tableClient = TableClient.fromConnectionString(
           LOCKED_PROFILES_STORAGE_CONNECTION_STRING,
@@ -460,7 +455,6 @@ export async function newApp({
           PAGOPA_PROXY_SERVICE,
           USER_METADATA_STORAGE,
           USER_DATA_PROCESSING_SERVICE,
-          TOKEN_SERVICE,
           authMiddlewares.bearerSession,
           LOLLIPOP_API_CLIENT
         );
@@ -723,7 +717,6 @@ function registerAPIRoutes(
   pagoPaProxyService: PagoPAProxyService,
   userMetadataStorage: RedisUserMetadataStorage,
   userDataProcessingService: UserDataProcessingService,
-  tokenService: TokenService,
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
   bearerSessionTokenAuth: any,
   lollipopClient: ReturnType<typeof LollipopApiClient>
@@ -762,10 +755,6 @@ function registerAPIRoutes(
   const userDataProcessingController: UserDataProcessingController =
     new UserDataProcessingController(userDataProcessingService);
 
-  const supportController: SupportController = new SupportController(
-    tokenService
-  );
-
   app.get(
     `${basePath}/profile`,
     bearerSessionTokenAuth,
@@ -962,12 +951,6 @@ function registerAPIRoutes(
       pagoPAProxyController
     )
   );
-
-  app.get(
-    `${basePath}/token/support`,
-    bearerSessionTokenAuth,
-    toExpressHandler(supportController.getSupportToken, supportController)
-  );
 }
 
 // eslint-disable-next-line max-params

src/config.ts

@@ -17,10 +17,9 @@ import {
   setFetchTimeout,
   toFetch,
 } from "@pagopa/ts-commons/lib/fetch";
-import { IntegerFromString } from "@pagopa/ts-commons/lib/numbers";
 import { NonEmptyString, Ulid } from "@pagopa/ts-commons/lib/strings";
 import { FiscalCode } from "@pagopa/ts-commons/lib/strings";
-import { Millisecond, Second } from "@pagopa/ts-commons/lib/units";
+import { Millisecond } from "@pagopa/ts-commons/lib/units";
 import { pipe } from "fp-ts/lib/function";
 import { CgnAPIClient } from "./clients/cgn";
 import { log } from "./utils/logger";
@@ -401,44 +400,6 @@ export const FF_IO_SIGN_ENABLED = process.env.FF_IO_SIGN_ENABLED === "1";
 export const FF_EUCOVIDCERT_ENABLED =
   process.env.FF_EUCOVIDCERT_ENABLED === "1";
 
-// Support Token
-export const JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY = pipe(
-  process.env.JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY,
-  NonEmptyString.decode,
-  E.getOrElseW((errs) => {
-    log.error(
-      `Missing or invalid JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY environment variable: ${readableReport(
-        errs
-      )}`
-    );
-    return process.exit(1);
-  })
-);
-export const JWT_SUPPORT_TOKEN_ISSUER = pipe(
-  process.env.JWT_SUPPORT_TOKEN_ISSUER,
-  NonEmptyString.decode,
-  E.getOrElseW((errs) => {
-    log.error(
-      `Missing or invalid JWT_SUPPORT_TOKEN_ISSUER environment variable: ${readableReport(
-        errs
-      )}`
-    );
-    return process.exit(1);
-  })
-);
-
-const DEFAULT_JWT_SUPPORT_TOKEN_EXPIRATION = 604800 as Second;
-export const JWT_SUPPORT_TOKEN_EXPIRATION: Second = pipe(
-  process.env.JWT_SUPPORT_TOKEN_EXPIRATION,
-  IntegerFromString.decode,
-  E.getOrElseW(() => DEFAULT_JWT_SUPPORT_TOKEN_EXPIRATION)
-) as Second;
-
-log.info(
-  "JWT support token expiration set to %s seconds",
-  JWT_SUPPORT_TOKEN_EXPIRATION
-);
-
 export const TEST_CGN_FISCAL_CODES = pipe(
   process.env.TEST_CGN_FISCAL_CODES || "",
   CommaSeparatedListOf(FiscalCode).decode,

src/services/__tests__/redisSessionStorage.test.ts

@@ -74,14 +74,6 @@ const anInvalidUser: User = {
   fiscal_code: anInvalidFiscalCode,
 };
 
-const mockGetNewToken = jest.fn();
-jest.mock("../../services/tokenService", () => {
-  return {
-    default: jest.fn().mockImplementation(() => ({
-      getNewToken: mockGetNewToken,
-    })),
-  };
-});
 mockSetEx.mockImplementation((_, __, ___) => Promise.resolve("OK"));
 mockGet.mockImplementation((_) => Promise.resolve(JSON.stringify(aValidUser)));
 mockDel.mockImplementation((_) => Promise.resolve(1));