remove expiration code for oauth tokens

test-plan: when you get an access via oauth2 token you shouldn't get an expiration, and it shouldn't be set in the db Change-Id: Ie0b15b54ef789b9a94b726026c09fe9497f0adc5 Reviewed-on: https://gerrit.instructure.com/64749 Reviewed-by: Brad Horrocks <bhorrocks@instructure.com> Tested-by: Jenkins QA-Review: August Thornton <august@instructure.com> Product-Review: Nathan Mills <nathanm@instructure.com>
2015-10-07 12:33:18 -06:00 · 2015-10-07 12:33:18 -06:00 · 7e4ffb6ffc
parent 82399ff885
commit 7e4ffb6ffc
3 changed files with 3 additions and 47 deletions
--- a/lib/canvas/oauth/token.rb
+++ b/lib/canvas/oauth/token.rb
@ -54,7 +54,7 @@ module Canvas::Oauth
        user.access_tokens.where(developer_key_id: key).destroy_all if replace_tokens || key.replace_tokens

        # Then create a new one
-        @access_token = user.access_tokens.create!({:developer_key => key, :remember_access => remember_access?, :scopes => scopes, :purpose => purpose, expires_at: expiration_date})
+        @access_token = user.access_tokens.create!({:developer_key => key, :remember_access => remember_access?, :scopes => scopes, :purpose => purpose})

        @access_token.clear_full_token! if @access_token.scoped_to?(['userinfo'])
        @access_token.clear_plaintext_refresh_token! if @access_token.scoped_to?(['userinfo'])
@ -80,7 +80,6 @@ module Canvas::Oauth
        'refresh_token' => access_token.plaintext_refresh_token,
        'user' => user.as_json(:only => [:id, :name], :include_root => false)
      }
-      json['expires_in'] = access_token.expires_at.utc.to_time.to_i - Time.now.utc.to_i if access_token.expires_at
      json
    end

@ -112,20 +111,5 @@ module Canvas::Oauth
      Canvas.redis.del "#{REDIS_PREFIX}#{code}"
    end

-    private
-
-    # This is a temporary measure to start letting developers know that they will need to start using refresh tokens on
-    # June 30th 2016. It will short circuit starting June 29th 2016 at 23:00 UTC. It should be removed after that
-    # date, and have tokens expire an hour after generation.
-    def expiration_date
-      now = DateTime.now
-      if now > DateTime.parse('2016-06-29T00:00:00+00:00')  #This should be the default behaviour after June 30th 2016
-        now + 1.hour
-      else
-        expires_at = DateTime.parse('2016-06-30T00:00:00+00:00')
-        expires_at.change(hour: now.hour, min: now.minute)
-      end
-    end
-
  end
 end
--- a/spec/controllers/oauth2_provider_controller_spec.rb
+++ b/spec/controllers/oauth2_provider_controller_spec.rb
@ -133,7 +133,7 @@ describe Oauth2ProviderController do
      Canvas.stubs(:redis => redis)
      get :token, :client_id => key.id, :client_secret => key.api_key, :code => valid_code
      expect(response).to be_success
-      expect(JSON.parse(response.body).keys.sort).to eq ['access_token',  'expires_in', 'refresh_token', 'user']
+      expect(JSON.parse(response.body).keys.sort).to match_array(['access_token',  'refresh_token', 'user'])
    end

    it 'deletes existing tokens for the same key when replace_tokens=1' do
--- a/spec/lib/canvas/oauth/token_spec.rb
+++ b/spec/lib/canvas/oauth/token_spec.rb
@ -148,16 +148,8 @@ module Canvas::Oauth
        expect(json['user']).to eq user.as_json(:only => [:id, :name], :include_root => false)
      end

-      it 'returns the expires_in parameter' do
-        Time.stubs(:now).returns(DateTime.parse('2015-07-10T09:29:00+00:00').utc.to_time)
-        access_token = token.access_token
-        access_token.expires_at = DateTime.parse('2015-07-10T10:29:00+00:00')
-        access_token.save!
-        expect(json['expires_in']).to eq 3600
-      end
-
      it 'does not put anything else into the json' do
-        expect(json.keys.sort).to eq ['access_token', 'expires_in', 'refresh_token', 'user']
+        expect(json.keys.sort).to match_array(['access_token', 'refresh_token', 'user'])
      end

    end
@ -191,25 +183,5 @@ module Canvas::Oauth
      end
    end

-    context "token expiration" do
-      context "interim June 30th 2016 expiration default" do
-        it "sets the default expiration for new tokens to be on June 30th 2016 before 2016-06-29T23:00:00+00:00" do
-          DateTime.stubs(:now).returns(DateTime.parse('2016-06-20T00:00:00+00:00'))
-          expect(token.access_token.expires_at.utc.iso8601).to eq('2016-06-30T00:00:00+00:00')
-        end
-
-        it "uses the curent hour and minute for setting the expiration on June 30th 2016" do
-          DateTime.stubs(:now).returns(DateTime.parse('2015-07-10T09:29:00+00:00'))
-          expect(token.access_token.expires_at.utc.iso8601).to eq('2016-06-30T09:29:00+00:00')
-        end
-
-        it "starts expiring tokens in 1 hour intervals at 2016-06-29T23:00:00+00:00" do
-          DateTime.stubs(:now).returns(DateTime.parse('2016-06-29T23:01:00+00:00'))
-          expect(token.access_token.expires_at.utc.iso8601).to eq('2016-06-30T00:01:00+00:00')
-        end
-
-      end
-    end
-
  end
 end