chore: remove CreateLoginRequest*

GitOrigin-RevId: 869ab94dc08fd760523dcee330bc5426fc5503f6

Author: aeneasr

cmd/cli/handler_janitor_test.go

@@ -57,36 +57,6 @@ func TestJanitorHandler_PurgeTokenNotAfter(t *testing.T) {
 	}
 }
 
-func TestJanitorHandler_PurgeLoginConsentNotAfter(t *testing.T) {
-	ctx := context.Background()
-
-	for k, v := range testhelpers.NotAfterTestCycles {
-		jt := testhelpers.NewConsentJanitorTestHelper(t, k)
-		reg, err := jt.GetRegistry(ctx, k)
-		require.NoError(t, err)
-
-		t.Run(fmt.Sprintf("case=%s", k), func(t *testing.T) {
-			// Setup the test
-			t.Run("step=setup", jt.LoginConsentNotAfterSetup(ctx, reg.ConsentManager(), reg.ClientManager()))
-			// Run the cleanup routine
-			t.Run("step=cleanup", func(t *testing.T) {
-				cmdx.ExecNoErr(t, newJanitorCmd(),
-					"janitor",
-					fmt.Sprintf("--%s=%s", cli.KeepIfYounger, v.String()),
-					fmt.Sprintf("--%s=%s", cli.ConsentRequestLifespan, jt.GetConsentRequestLifespan(ctx).String()),
-					fmt.Sprintf("--%s", cli.OnlyRequests),
-					jt.GetDSN(),
-				)
-			})
-
-			notAfter := time.Now().Round(time.Second).Add(-v)
-			consentLifespan := time.Now().Round(time.Second).Add(-jt.GetConsentRequestLifespan(ctx))
-			t.Run("step=validate", jt.LoginConsentNotAfterValidate(ctx, notAfter, consentLifespan, reg))
-		})
-	}
-
-}
-
 func TestJanitorHandler_Arguments(t *testing.T) {
 	cmdx.ExecNoErr(t, cmd.NewRootCmd(nil, nil),
 		"janitor",

consent/handler_test.go

@@ -105,13 +105,17 @@ func TestGetLoginRequest(t *testing.T) {
 			if tc.exists {
 				cl := &client.Client{ID: "client" + key}
 				require.NoError(t, reg.ClientManager().CreateClient(context.Background(), cl))
-				f, err := reg.ConsentManager().CreateLoginRequest(context.Background(), &flow.LoginRequest{
-					Client:      cl,
+
+				f := &flow.Flow{
 					ID:          challenge,
+					Client:      cl,
 					RequestURL:  requestURL,
 					RequestedAt: time.Now(),
-				})
-				require.NoError(t, err)
+					State:       flow.FlowStateLoginInitialized,
+					NID:         reg.Persister().NetworkID(ctx),
+				}
+
+				var err error
 				challenge, err = f.ToLoginChallenge(ctx, reg)
 				require.NoError(t, err)
 
@@ -170,14 +174,17 @@ func TestGetConsentRequest(t *testing.T) {
 			if tc.exists {
 				cl := &client.Client{ID: "client" + key}
 				require.NoError(t, reg.ClientManager().CreateClient(ctx, cl))
-				lr := &flow.LoginRequest{
+
+				f := &flow.Flow{
 					ID:          "login-" + challenge,
 					Client:      cl,
 					RequestURL:  requestURL,
 					RequestedAt: time.Now(),
+					State:       flow.FlowStateLoginInitialized,
+					NID:         reg.Persister().NetworkID(ctx),
 				}
-				f, err := reg.ConsentManager().CreateLoginRequest(ctx, lr)
-				require.NoError(t, err)
+
+				var err error
 				challenge, err = f.ToLoginChallenge(ctx, reg)
 				require.NoError(t, err)
 				_, err = reg.ConsentManager().HandleLoginRequest(ctx, f, challenge, &flow.HandledLoginRequest{
@@ -242,14 +249,15 @@ func TestGetLoginRequestWithDuplicateAccept(t *testing.T) {
 
 		cl := &client.Client{ID: "client"}
 		require.NoError(t, reg.ClientManager().CreateClient(ctx, cl))
-		f, err := reg.ConsentManager().CreateLoginRequest(ctx, &flow.LoginRequest{
+		f := flow.Flow{
 			Client:      cl,
 			ID:          challenge,
 			RequestURL:  requestURL,
 			RequestedAt: time.Now(),
-		})
-		require.NoError(t, err)
-		challenge, err = f.ToLoginChallenge(ctx, reg)
+			NID:         reg.Persister().NetworkID(ctx),
+			State:       flow.FlowStateLoginInitialized,
+		}
+		challenge, err := f.ToLoginChallenge(ctx, reg)
 		require.NoError(t, err)
 
 		h := NewHandler(reg, reg.Config())

consent/manager.go

@@ -46,8 +46,6 @@ type (
 		RevokeSubjectLoginSession(ctx context.Context, user string) error
 		ConfirmLoginSession(ctx context.Context, loginSession *flow.LoginSession) error
 
-		CreateLoginRequest(ctx context.Context, req *flow.LoginRequest) (*flow.Flow, error)
-		CreateLoginRequestFromDeviceRequest(ctx context.Context, f *flow.Flow, req *flow.LoginRequest) (*flow.Flow, error)
 		GetLoginRequest(ctx context.Context, challenge string) (*flow.LoginRequest, error)
 		HandleLoginRequest(ctx context.Context, f *flow.Flow, challenge string, r *flow.HandledLoginRequest) (*flow.LoginRequest, error)
 		VerifyAndInvalidateLoginRequest(ctx context.Context, verifier string) (*flow.HandledLoginRequest, error)
@@ -68,6 +66,8 @@ type (
 		GetDeviceUserAuthRequest(ctx context.Context, challenge string) (*flow.DeviceUserAuthRequest, error)
 		HandleDeviceUserAuthRequest(ctx context.Context, f *flow.Flow, challenge string, r *flow.HandledDeviceUserAuthRequest) (*flow.DeviceUserAuthRequest, error)
 		VerifyAndInvalidateDeviceUserAuthRequest(ctx context.Context, verifier string) (*flow.HandledDeviceUserAuthRequest, error)
+
+		NetworkID(ctx context.Context) uuid.UUID
 	}
 
 	ManagerProvider interface {

consent/strategy_default.go

@@ -256,35 +256,46 @@ func (s *DefaultStrategy) forwardAuthenticationRequest(
 
 	// Set the session
 	cl := sanitizeClientFromRequest(ar)
-	loginRequest := &flow.LoginRequest{
-		ID:                challenge,
-		Verifier:          verifier,
-		CSRF:              csrf,
-		Skip:              skip,
-		RequestedScope:    []string(ar.GetRequestedScopes()),
-		RequestedAudience: []string(ar.GetRequestedAudience()),
-		Subject:           subject,
-		Client:            cl,
-		RequestURL:        requestURL,
-		AuthenticatedAt:   sqlxx.NullTime(authenticatedAt),
-		RequestedAt:       time.Now().Truncate(time.Second).UTC(),
-		SessionID:         sqlxx.NullString(sessionID),
-		OpenIDConnectContext: &flow.OAuth2ConsentRequestOpenIDConnectContext{
-			IDTokenHintClaims: idTokenHintClaims,
-			ACRValues:         stringsx.Splitx(ar.GetRequestForm().Get("acr_values"), " "),
-			UILocales:         stringsx.Splitx(ar.GetRequestForm().Get("ui_locales"), " "),
-			Display:           ar.GetRequestForm().Get("display"),
-			LoginHint:         ar.GetRequestForm().Get("login_hint"),
-		},
-	}
-	var err error
+
 	if f == nil {
-		f, err = s.r.ConsentManager().CreateLoginRequest(ctx, loginRequest)
+		// Regular grant
+		f = &flow.Flow{
+			ID:                challenge,
+			RequestedScope:    []string(ar.GetRequestedScopes()),
+			RequestedAudience: []string(ar.GetRequestedAudience()),
+			LoginSkip:         skip,
+			Subject:           subject,
+			OpenIDConnectContext: &flow.OAuth2ConsentRequestOpenIDConnectContext{
+				IDTokenHintClaims: idTokenHintClaims,
+				ACRValues:         stringsx.Splitx(ar.GetRequestForm().Get("acr_values"), " "),
+				UILocales:         stringsx.Splitx(ar.GetRequestForm().Get("ui_locales"), " "),
+				Display:           ar.GetRequestForm().Get("display"),
+				LoginHint:         ar.GetRequestForm().Get("login_hint"),
+			},
+			Client:               cl,
+			ClientID:             cl.ID,
+			RequestURL:           requestURL,
+			SessionID:            sqlxx.NullString(sessionID),
+			LoginWasUsed:         false,
+			LoginVerifier:        verifier,
+			LoginCSRF:            csrf,
+			LoginAuthenticatedAt: sqlxx.NullTime(authenticatedAt),
+			RequestedAt:          time.Now().Truncate(time.Second).UTC(),
+			State:                flow.FlowStateLoginInitialized,
+			NID:                  s.r.ConsentManager().NetworkID(ctx),
+		}
 	} else {
-		f, err = s.r.ConsentManager().CreateLoginRequestFromDeviceRequest(ctx, f, loginRequest)
-	}
-	if err != nil {
-		return err
+		// Device auth grant
+		f.ID = challenge
+		f.LoginSkip = skip
+		f.Subject = subject
+		f.SessionID = sqlxx.NullString(sessionID)
+		f.LoginVerifier = verifier
+		f.LoginCSRF = csrf
+		f.LoginAuthenticatedAt = sqlxx.NullTime(authenticatedAt)
+		f.RequestedAt = time.Now().Truncate(time.Second).UTC()
+		f.State = flow.FlowStateLoginInitialized
+		f.NID = s.r.ConsentManager().NetworkID(ctx)
 	}
 
 	store, err := s.r.CookieStore(ctx)

consent/test/manager_test_helpers.go

@@ -183,6 +183,7 @@ func MockAuthRequest(key string, authAt bool, network string) (c *flow.LoginRequ
 	}
 
 	f = flow.NewFlow(c)
+	f.NID = uuid.FromStringOrNil(network)
 
 	var err = &flow.RequestDeniedError{
 		Name:        "error_name" + key,
@@ -305,8 +306,6 @@ func SaneMockAuthRequest(t *testing.T, m consent.Manager, ls *flow.LoginSession,
 		ID:       uuid.Must(uuid.NewV4()).String(),
 		Verifier: uuid.Must(uuid.NewV4()).String(),
 	}
-	_, err := m.CreateLoginRequest(context.Background(), c)
-	require.NoError(t, err)
 	return c
 }
 
@@ -323,15 +322,16 @@ func TestHelperNID(r interface {
 		ID:      "2022-03-11-ls-nid-test-1",
 		Subject: "2022-03-11-test-1-sub",
 	}
-	testLR := flow.LoginRequest{
-		ID:          "2022-03-11-lr-nid-test-1",
-		Subject:     "2022-03-11-test-1-sub",
-		Verifier:    "2022-03-11-test-1-ver",
-		RequestedAt: time.Now(),
-		Client:      &client.Client{ID: "2022-03-11-client-nid-test-1"},
+	testLR := flow.Flow{
+		ID:            "2022-03-11-lr-nid-test-1",
+		Subject:       "2022-03-11-test-1-sub",
+		LoginVerifier: "2022-03-11-test-1-ver",
+		RequestedAt:   time.Now(),
+		Client:        &client.Client{ID: "2022-03-11-client-nid-test-1"},
+		NID:           t1ValidNID.NetworkID(context.Background()),
+		State:         flow.FlowStateLoginInitialized,
 	}
 	testHLR := flow.HandledLoginRequest{
-		LoginRequest:           &testLR,
 		RememberFor:            120,
 		Remember:               true,
 		ID:                     testLR.ID,
@@ -350,19 +350,16 @@ func TestHelperNID(r interface {
 		require.Error(t, t2InvalidNID.CreateLoginSession(ctx, &testLS))
 		require.NoError(t, t1ValidNID.CreateLoginSession(ctx, &testLS))
 
-		_, err := t2InvalidNID.CreateLoginRequest(ctx, &testLR)
-		require.Error(t, err)
-		f, err := t1ValidNID.CreateLoginRequest(ctx, &testLR)
+		var err error
+		testLR.ID, err = testLR.ToLoginChallenge(ctx, r)
 		require.NoError(t, err)
-
-		testLR.ID = x.Must(f.ToLoginChallenge(ctx, r))
 		_, err = t2InvalidNID.GetLoginRequest(ctx, testLR.ID)
 		require.Error(t, err)
 		_, err = t1ValidNID.GetLoginRequest(ctx, testLR.ID)
 		require.NoError(t, err)
-		_, err = t2InvalidNID.HandleLoginRequest(ctx, f, testLR.ID, &testHLR)
+		_, err = t2InvalidNID.HandleLoginRequest(ctx, &testLR, testLR.ID, &testHLR)
 		require.Error(t, err)
-		_, err = t1ValidNID.HandleLoginRequest(ctx, f, testLR.ID, &testHLR)
+		_, err = t1ValidNID.HandleLoginRequest(ctx, &testLR, testLR.ID, &testHLR)
 		require.NoError(t, err)
 		require.Error(t, t2InvalidNID.ConfirmLoginSession(ctx, &testLS))
 		require.NoError(t, t1ValidNID.ConfirmLoginSession(ctx, &testLS))
@@ -409,9 +406,6 @@ func ManagerTests(deps Deps, m consent.Manager, clientManager client.Manager, fo
 					AuthenticatedAt: sqlxx.NullTime(time.Now()),
 					RequestedAt:     time.Now(),
 				}
-
-				_, err := m.CreateLoginRequest(ctx, lr[k])
-				require.NoError(t, err)
 			}
 		})
 
@@ -585,9 +579,7 @@ func ManagerTests(deps Deps, m consent.Manager, clientManager client.Manager, fo
 					_, err := m.GetLoginRequest(ctx, loginChallenge)
 					require.Error(t, err)
 
-					f, err = m.CreateLoginRequest(ctx, c)
-					require.NoError(t, err)
-
+					f.NID = deps.Contextualizer().Network(context.Background(), uuid.Nil)
 					loginChallenge = x.Must(f.ToLoginChallenge(ctx, deps))
 
 					got1, err := m.GetLoginRequest(ctx, loginChallenge)
@@ -847,10 +839,10 @@ func ManagerTests(deps Deps, m consent.Manager, clientManager client.Manager, fo
 		})
 
 		t.Run("case=list-used-consent-requests", func(t *testing.T) {
-			f1, err := m.CreateLoginRequest(ctx, lr["rv1"])
-			require.NoError(t, err)
-			f2, err := m.CreateLoginRequest(ctx, lr["rv2"])
-			require.NoError(t, err)
+			f1 := flow.NewFlow(lr["rv1"])
+			f1.NID = deps.Contextualizer().Network(context.Background(), uuid.Nil)
+			f2 := flow.NewFlow(lr["rv2"])
+			f2.NID = deps.Contextualizer().Network(context.Background(), uuid.Nil)
 
 			cr1, hcr1, _ := MockConsentRequest("rv1", true, 0, false, false, false, "fk-login-challenge", network)
 			cr2, hcr2, _ := MockConsentRequest("rv2", false, 0, false, false, false, "fk-login-challenge", network)
@@ -873,7 +865,7 @@ func ManagerTests(deps Deps, m consent.Manager, clientManager client.Manager, fo
 				flow.WithConsentCSRF(cr2.CSRF),
 			)
 
-			_, err = m.HandleConsentRequest(ctx, f1, hcr1)
+			_, err := m.HandleConsentRequest(ctx, f1, hcr1)
 			require.NoError(t, err)
 			_, err = m.HandleConsentRequest(ctx, f2, hcr2)
 			require.NoError(t, err)
@@ -1169,18 +1161,17 @@ func ManagerTests(deps Deps, m consent.Manager, clientManager client.Manager, fo
 			require.NoError(t, m.CreateLoginSession(ctx, &s))
 			require.NoError(t, m.ConfirmLoginSession(ctx, &s))
 
-			lr := &flow.LoginRequest{
-				ID:              uuid.Must(uuid.NewV4()).String(),
-				Subject:         uuid.Must(uuid.NewV4()).String(),
-				Verifier:        uuid.Must(uuid.NewV4()).String(),
-				Client:          cl,
-				AuthenticatedAt: sqlxx.NullTime(time.Now()),
-				RequestedAt:     time.Now(),
-				SessionID:       sqlxx.NullString(s.ID),
+			f := &flow.Flow{
+				ID:                   uuid.Must(uuid.NewV4()).String(),
+				Subject:              uuid.Must(uuid.NewV4()).String(),
+				LoginVerifier:        uuid.Must(uuid.NewV4()).String(),
+				Client:               cl,
+				LoginAuthenticatedAt: sqlxx.NullTime(time.Now()),
+				RequestedAt:          time.Now(),
+				SessionID:            sqlxx.NullString(s.ID),
+				NID:                  deps.Contextualizer().Network(ctx, uuid.Nil),
 			}
 
-			f, err := m.CreateLoginRequest(ctx, lr)
-			require.NoError(t, err)
 			expected := &flow.OAuth2ConsentRequest{
 				ConsentRequestID:     uuid.Must(uuid.NewV4()).String(),
 				Skip:                 true,
@@ -1189,7 +1180,7 @@ func ManagerTests(deps Deps, m consent.Manager, clientManager client.Manager, fo
 				Client:               cl,
 				ClientID:             cl.ID,
 				RequestURL:           "",
-				LoginChallenge:       sqlxx.NullString(lr.ID),
+				LoginChallenge:       sqlxx.NullString(f.ID),
 				LoginSessionID:       sqlxx.NullString(s.ID),
 				Verifier:             uuid.Must(uuid.NewV4()).String(),
 				CSRF:                 uuid.Must(uuid.NewV4()).String(),