Revert "Add option to logout all previous JWTS (#476)"

This reverts commit 3c37e51.
descope · Nov 14, 2024 · 16b5c38 · 16b5c38
1 parent 3c37e51
commit 16b5c38
Show file tree

Hide file tree

Showing 6 changed files with 20 additions and 113 deletions.
diff --git a/README.md b/README.md
@@ -642,14 +642,6 @@ invalidate all user's refresh tokens. After calling this function, you must inva
 descopeClient.Auth.LogoutAll(request, w)
 ```
 
-It is also possible to sign the user out of previous session. Calling `logoutPrevious` will
-invalidate all user's refresh tokens that were generated prior to the given session.
-
-```go
-// Refresh token will be taken from the request header or cookies automatically
-descopeClient.Auth.LogoutPrevious(request)
-```
-
 ### History
 
 You can get the current session user history.

diff --git a/descope/api/client.go b/descope/api/client.go
@@ -203,32 +203,30 @@ var (
 			fgaDeleteRelations:                 "mgmt/fga/relations/delete",
 			fgaCheck:                           "mgmt/fga/check",
 		},
-		logout:         "auth/logout",
-		logoutAll:      "auth/logoutall",
-		logoutPrevious: "auth/logoutprevious",
-		keys:           "/keys/",
-		refresh:        "auth/refresh",
-		selectTenant:   "auth/tenant/select",
-		me:             "auth/me",
-		meTenants:      "auth/me/tenants",
-		history:        "auth/me/history",
+		logout:       "auth/logout",
+		logoutAll:    "auth/logoutall",
+		keys:         "/keys/",
+		refresh:      "auth/refresh",
+		selectTenant: "auth/tenant/select",
+		me:           "auth/me",
+		meTenants:    "auth/me/tenants",
+		history:      "auth/me/history",
 	}
 )
 
 type endpoints struct {
-	version        string
-	versionV2      string
-	auth           authEndpoints
-	mgmt           mgmtEndpoints
-	logout         string
-	logoutAll      string
-	logoutPrevious string
-	keys           string
-	refresh        string
-	selectTenant   string
-	me             string
-	meTenants      string
-	history        string
+	version      string
+	versionV2    string
+	auth         authEndpoints
+	mgmt         mgmtEndpoints
+	logout       string
+	logoutAll    string
+	keys         string
+	refresh      string
+	selectTenant string
+	me           string
+	meTenants    string
+	history      string
 }
 
 type authEndpoints struct {
@@ -603,10 +601,6 @@ func (e *endpoints) LogoutAll() string {
 	return path.Join(e.version, e.logoutAll)
 }
 
-func (e *endpoints) LogoutPrevious() string {
-	return path.Join(e.version, e.logoutPrevious)
-}
-
 func (e *endpoints) Me() string {
 	return path.Join(e.version, e.me)
 }

diff --git a/descope/internal/auth/auth.go b/descope/internal/auth/auth.go
@@ -231,37 +231,6 @@ func (auth *authenticationService) logoutAll(request *http.Request, w http.Respo
 	return nil
 }
 
-func (auth *authenticationService) LogoutPrevious(request *http.Request) error {
-	return auth.logoutPrevious(request)
-}
-
-func (auth *authenticationService) LogoutPreviousWithToken(refreshToken string) error {
-	request := &http.Request{Header: http.Header{}}
-	request.AddCookie(&http.Cookie{Name: descope.RefreshCookieName, Value: refreshToken})
-	return auth.logoutPrevious(request)
-}
-
-func (auth *authenticationService) logoutPrevious(request *http.Request) error {
-	if request == nil {
-		return utils.NewInvalidArgumentError("request")
-	}
-
-	_, refreshToken := provideTokens(request)
-	if refreshToken == "" {
-		logger.LogDebug("Unable to find tokens from cookies")
-		return descope.ErrRefreshToken.WithMessage("Unable to find tokens from cookies")
-	}
-
-	_, err := auth.validateJWT(refreshToken)
-	if err != nil {
-		logger.LogDebug("Invalid refresh token")
-		return descope.ErrRefreshToken.WithMessage("Invalid refresh token")
-	}
-
-	_, err = auth.client.DoPostRequest(request.Context(), api.Routes.LogoutPrevious(), nil, &api.HTTPRequest{}, refreshToken)
-	return err
-}
-
 func (auth *authenticationService) Me(request *http.Request) (*descope.UserResponse, error) {
 	if request == nil {
 		return nil, utils.NewInvalidArgumentError("request")

diff --git a/descope/internal/auth/auth_test.go b/descope/internal/auth/auth_test.go
@@ -762,28 +762,6 @@ func TestLogoutAllWithToken(t *testing.T) {
 	require.NoError(t, err)
 }
 
-func TestLogoutPrevious(t *testing.T) {
-	a, err := newTestAuth(nil, func(_ *http.Request) (*http.Response, error) {
-		return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(bytes.NewBufferString(mockAuthSessionBody))}, nil
-	})
-	require.NoError(t, err)
-	request := &http.Request{Header: http.Header{}}
-	request.AddCookie(&http.Cookie{Name: descope.RefreshCookieName, Value: jwtRTokenValid})
-
-	err = a.LogoutPrevious(request)
-	require.NoError(t, err)
-}
-
-func TestLogoutPreviousWithToken(t *testing.T) {
-	a, err := newTestAuth(nil, func(_ *http.Request) (*http.Response, error) {
-		return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(bytes.NewBufferString(mockAuthSessionBody))}, nil
-	})
-	require.NoError(t, err)
-
-	err = a.LogoutPreviousWithToken(jwtRTokenValid)
-	require.NoError(t, err)
-}
-
 func TestLogoutNoClaims(t *testing.T) {
 	a, err := newTestAuth(nil, func(_ *http.Request) (*http.Response, error) {
 		return &http.Response{StatusCode: http.StatusOK}, nil

diff --git a/descope/sdk/auth.go b/descope/sdk/auth.go
@@ -424,12 +424,6 @@ type Authentication interface {
 	// Use the ResponseWriter (optional) to apply the cookies to the response automatically.
 	LogoutAllWithToken(refreshToken string, w http.ResponseWriter) error
 
-	// LogoutPrevious - Use to perform logout from all active sessions that were created prior to the given token.
-	LogoutPrevious(request *http.Request) error
-
-	// LogoutPreviousWithToken - Use to perform logout from all active sessions that were created prior to the given token.
-	LogoutPreviousWithToken(refreshToken string) error
-
 	// Me - Use to retrieve current session user details. The request requires a valid refresh token.
 	// returns the user details or error if the refresh token is not valid.
 	Me(request *http.Request) (*descope.UserResponse, error)

diff --git a/descope/tests/mocks/auth/authenticationmock.go b/descope/tests/mocks/auth/authenticationmock.go
@@ -692,12 +692,6 @@ type MockSession struct {
 	LogoutAllWithTokenAssert func(refreshToken string, w http.ResponseWriter)
 	LogoutAllWithTokenError  error
 
-	LogoutPreviousAssert func(r *http.Request)
-	LogoutPreviousError  error
-
-	LogoutPreviousWithTokenAssert func(refreshToken string)
-	LogoutPreviousWithTokenError  error
-
 	MeAssert   func(r *http.Request)
 	MeError    error
 	MeResponse *descope.UserResponse
@@ -891,20 +885,6 @@ func (m *MockSession) LogoutAllWithToken(refreshToken string, w http.ResponseWri
 	return m.LogoutAllWithTokenError
 }
 
-func (m *MockSession) LogoutPrevious(r *http.Request) error {
-	if m.LogoutPreviousAssert != nil {
-		m.LogoutPreviousAssert(r)
-	}
-	return m.LogoutPreviousError
-}
-
-func (m *MockSession) LogoutPreviousWithToken(refreshToken string) error {
-	if m.LogoutPreviousWithTokenAssert != nil {
-		m.LogoutPreviousWithTokenAssert(refreshToken)
-	}
-	return m.LogoutPreviousWithTokenError
-}
-
 func (m *MockSession) Me(r *http.Request) (*descope.UserResponse, error) {
 	if m.MeAssert != nil {
 		m.MeAssert(r)