Auth: remove root did:web metadata endpoint (#3269)

nuts-foundation · Jul 29, 2024 · a530a5c · a530a5c
1 parent aae779b
commit a530a5c
Show file tree

Hide file tree

Showing 4 changed files with 0 additions and 125 deletions.
diff --git a/auth/api/iam/api.go b/auth/api/iam/api.go
@@ -77,7 +77,6 @@ const oid4vciSessionValidity = 15 * time.Minute
 var cacheControlMaxAgeURLs = []string{
 	"/oauth2/:did/presentation_definition",
 	"/.well-known/oauth-authorization-server/oauth2/:did",
-	"/.well-known/oauth-authorization-server",
 	"/oauth2/:did/oauth-client",
 	"/statuslist/:did/:page",
 }
@@ -588,15 +587,6 @@ func (r Wrapper) OAuthAuthorizationServerMetadata(ctx context.Context, request O
 	return OAuthAuthorizationServerMetadata200JSONResponse(*md), nil
 }
 
-func (r Wrapper) RootOAuthAuthorizationServerMetadata(ctx context.Context, request RootOAuthAuthorizationServerMetadataRequestObject) (RootOAuthAuthorizationServerMetadataResponseObject, error) {
-	rootDID, _ := didweb.URLToDID(*r.auth.PublicURL())
-	md, err := r.oauthAuthorizationServerMetadata(ctx, rootDID.String())
-	if err != nil {
-		return nil, err
-	}
-	return RootOAuthAuthorizationServerMetadata200JSONResponse(*md), nil
-}
-
 func (r Wrapper) oauthAuthorizationServerMetadata(ctx context.Context, didAsString string) (*oauth.AuthorizationServerMetadata, error) {
 	ownDID, err := r.toOwnedDID(ctx, didAsString)
 	if err != nil {

diff --git a/auth/api/iam/api_test.go b/auth/api/iam/api_test.go
@@ -109,20 +109,6 @@ func TestWrapper_OAuthAuthorizationServerMetadata(t *testing.T) {
 	})
 }
 
-func TestWrapper_RootOAuthAuthorizationServerMetadata(t *testing.T) {
-	t.Run("ok", func(t *testing.T) {
-		ctx := newTestClient(t)
-		ctx.documentOwner.EXPECT().IsOwner(nil, rootWebDID).Return(true, nil)
-
-		res, err := ctx.client.RootOAuthAuthorizationServerMetadata(nil, RootOAuthAuthorizationServerMetadataRequestObject{})
-
-		require.NoError(t, err)
-		assert.IsType(t, RootOAuthAuthorizationServerMetadata200JSONResponse{}, res)
-		actualIssuer := res.(RootOAuthAuthorizationServerMetadata200JSONResponse).Issuer
-		assert.Equal(t, rootURL.String(), actualIssuer)
-	})
-}
-
 func TestWrapper_GetOAuthClientMetadata(t *testing.T) {
 	t.Run("ok", func(t *testing.T) {
 		ctx := newTestClient(t)

diff --git a/auth/api/iam/generated.go b/auth/api/iam/generated.go
diff --git a/docs/_static/auth/iam.partial.yaml b/docs/_static/auth/iam.partial.yaml
@@ -339,29 +339,6 @@ paths:
                 "$ref": "#/components/schemas/OAuthAuthorizationServerMetadata"
         default:
           $ref: '../common/error_response.yaml'
-  /.well-known/oauth-authorization-server:
-    get:
-      tags:
-        - well-known
-      summary: Get the OAuth2 Authorization Server metadata of a root did:web DID.
-      description: >
-        Specified by https://www.rfc-editor.org/info/rfc8414
-        The well-known path is the default specified by https://www.rfc-editor.org/rfc/rfc8414.html#section-3
-
-        error returns:
-        * 400 - invalid input
-        * 404 - did not found; possibly be non-existing, deactivated, or not managed by this node
-        * 500 - internal server error
-      operationId: RootOAuthAuthorizationServerMetadata
-      responses:
-        "200":
-          description: OK
-          content:
-            application/json:
-              schema:
-                "$ref": "#/components/schemas/OAuthAuthorizationServerMetadata"
-        default:
-          $ref: '../common/error_response.yaml'
   /oauth2/{did}/oauth-client:
     get:
       tags: