Remove backward compat with Google Sign-In. (#1883)

2022-05-13 07:58:47 -07:00 · 2022-05-13 07:58:47 -07:00 · d10158d9f5
--- a/api/login_api.py
+++ b/api/login_api.py
@ -24,7 +24,7 @@ import settings


 class LoginAPI(basehandlers.APIHandler):
-  """Create a session using the credential generated by Google Sign-In."""
+  """Create a session using the credential generated by Sign-In With Google."""

  def do_post(self):
    # TODO(jrobbins): Remove id_token after next deployment.
--- a/api/logout_api.py
+++ b/api/logout_api.py
@ -13,25 +13,16 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-
-
-
 import logging

-from google.oauth2 import id_token
-from google.auth.transport import requests
 from flask import session

-
 from framework import basehandlers
-# from framework import permissions
-# from framework import ramcache
-# from internals import models
+

 class LogoutAPI(basehandlers.APIHandler):
-  """Create a session using the id_token generated by Google Sign-In."""
+  """Clear the session when the user signs out."""

  def do_post(self):
    session.clear()
    return {'message': 'Done'}
-
--- a/framework/users.py
+++ b/framework/users.py
@ -181,9 +181,9 @@ class User(object):
        """

        # This env variable was set by GAE based on a GAE session cookie.
-        # With Google Sign-In, it will probably never be present.
-        # Hence, currently is always False
-        # TODO (jrobbins): Implement this method
+        # Using Sign-In With Google, it will probably never be present.
+        # Hence, currently is always False.
+        # We don't use this.  We check a boolean in the AppUser model.
        return (os.environ.get('USER_IS_ADMIN', '0')) == '1'


@ -194,20 +194,6 @@ def get_current_user():
        user_via_env = User(email=os.environ['USER_EMAIL'])
      return user_via_env

-    # TODO(jrobbins): Remove this code path after 30 days.
-    jwt = session.get('id_token')
-    if jwt:
-      try:
-        idinfo = id_token.verify_oauth2_token(
-            jwt, requests.Request(), settings.GOOGLE_SIGN_IN_CLIENT_ID)
-        user_via_jwt = User(email=idinfo['email'])
-        return user_via_jwt
-
-      except ValueError:
-        # If anything is not right, give the user a fresh session.
-        session.clear()
-        pass
-
    user_info, signature = session.get('signed_user_info', (None, None))
    if user_info:
      try:
--- a/framework/users_test.py
+++ b/framework/users_test.py
@ -40,29 +40,6 @@ class UsersTest(testing_config.CustomTestCase):
    actual_user = users.get_current_user()
    self.assertIsNone(actual_user)

-  @mock.patch('settings.UNIT_TEST_MODE', False)
-  @mock.patch('google.oauth2.id_token.verify_oauth2_token')
-  def test_get_current_user__signed_in_jwt(self, mock_verify):
-    """A valid jwt means the user is signed in."""
-    mock_verify.return_value = {'email': 'user_222@example.com'}
-    with test_app.test_request_context('/any-path'):
-      session.clear()
-      session['id_token'] = 'fake good token'
-      actual_user = users.get_current_user()
-      self.assertEqual('user_222@example.com', actual_user.email())
-
-  @mock.patch('settings.UNIT_TEST_MODE', False)
-  @mock.patch('google.oauth2.id_token.verify_oauth2_token')
-  def test_get_current_user__bad_jwt(self, mock_verify):
-    """We reject bad JWTs and clear the session."""
-    mock_verify.side_effect = ValueError()
-    with test_app.test_request_context('/any-path'):
-      session.clear()
-      session['id_token'] = 'fake bad token'
-      actual_user = users.get_current_user()
-      self.assertIsNone(actual_user)
-      self.assertEqual(0, len(session))
-
  @mock.patch('settings.UNIT_TEST_MODE', False)
  @mock.patch('framework.xsrf.validate_token')
  def test_get_current_user__signed_in_sui(self, mock_validate):
--- a/static/elements/chromedash-roadmap.js
+++ b/static/elements/chromedash-roadmap.js
@ -59,7 +59,6 @@ class ChromedashRoadmap extends LitElement {
      // Assigned in roadmap-page.js,
      channels: {attribute: false},
      signedIn: {type: Boolean},
-      loginUrl: {type: String},
      starredFeatures: {type: Object}, // will contain a set of starred features
      cardWidth: {type: Number}, // width of each milestone card
      lastFutureFetchedOn: {type: Number}, // milestone number rendering of which caused fetching of next milestones
--- a/templates/roadmap.html
+++ b/templates/roadmap.html
@ -22,8 +22,6 @@

    <chromedash-roadmap class="animate"
      {% if user %}signedin{% endif %}
-      {# TODO(jrobbins): Fix to work with google sign-in #}
-      loginurl="#"
      aria-label="List of milestone releases"
    ></chromedash-roadmap>