ROX-26360: OCM AuthType Deleted and Replaced

e2e/e2e_auth_test.go

@@ -66,26 +66,6 @@ var _ = Describe("AuthN/Z Fleet* components", Ordered, func() {
 		}
 	}
 
-	Describe("OCM auth type", func() {
-		BeforeEach(func() {
-			auth, err := fmImpl.NewOCMAuth(context.Background(), authOption.Ocm)
-			Expect(err).ToNot(HaveOccurred())
-			fmClient, err := fmImpl.NewClient(fleetManagerEndpoint, auth)
-			Expect(err).ToNot(HaveOccurred())
-			client = fmClient
-		})
-
-		DescribeTable("AuthN/Z tests",
-			testCase,
-			Entry("should allow access to fleet manager's public API endpoints",
-				publicAPI, false, 0, false),
-			Entry("should not allow access to fleet manager's internal API endpoints",
-				internalAPI, true, http.StatusNotFound, false),
-			Entry("should not allow access to fleet manager's admin API endpoints",
-				adminAPI, true, http.StatusNotFound, false),
-		)
-	})
-
 	Describe("Static token auth type", func() {
 		BeforeEach(func() {
 			auth, err := fmImpl.NewStaticAuth(context.Background(), authOption.Static)

e2e/e2e_suite_test.go

@@ -36,7 +36,6 @@ var (
 	extendedWaitTimeout   = getWaitTimeout() * 3
 	dpCloudProvider       = getEnvDefault("DP_CLOUD_PROVIDER", "standalone")
 	dpRegion              = getEnvDefault("DP_REGION", "standalone")
-	authType              = "OCM"
 	fleetManagerEndpoint  = "http://localhost:8000"
 	runAuthTests          bool
 	runCentralTests       bool
@@ -103,11 +102,6 @@ var _ = BeforeSuite(func() {
 		route53Client = route53.New(sess)
 	}
 
-	if val := os.Getenv("AUTH_TYPE"); val != "" {
-		authType = val
-	}
-	GinkgoWriter.Printf("AUTH_TYPE: %q\n", authType)
-
 	if val := os.Getenv("FLEET_MANAGER_ENDPOINT"); val != "" {
 		fleetManagerEndpoint = val
 	}

internal/dinosaur/pkg/cmd/centrals/create.go

@@ -19,7 +19,7 @@ func NewCreateCommand() *cobra.Command {
 		Short: "Create a new central request",
 		Long:  "Create a new central request.",
 		Run: func(cmd *cobra.Command, args []string) {
-			runCreate(fleetmanagerclient.AuthenticatedClientWithOCM(cmd.Context()), cmd, args)
+			runCreate(fleetmanagerclient.AuthenticatedClientWithStaticToken(cmd.Context()), cmd, args)
 		},
 	}
 

internal/dinosaur/pkg/cmd/centrals/delete.go

@@ -17,7 +17,7 @@ func NewDeleteCommand() *cobra.Command {
 		Short: "Delete a central request",
 		Long:  "Delete a central request.",
 		Run: func(cmd *cobra.Command, args []string) {
-			runDelete(fleetmanagerclient.AuthenticatedClientWithOCM(cmd.Context()), cmd, args)
+			runDelete(fleetmanagerclient.AuthenticatedClientWithStaticToken(cmd.Context()), cmd, args)
 		},
 	}
 

internal/dinosaur/pkg/cmd/centrals/get.go

@@ -18,7 +18,7 @@ func NewGetCommand() *cobra.Command {
 		Short: "Get a central request",
 		Long:  "Get a central request.",
 		Run: func(cmd *cobra.Command, args []string) {
-			runGet(fleetmanagerclient.AuthenticatedClientWithOCM(cmd.Context()), cmd, args)
+			runGet(fleetmanagerclient.AuthenticatedClientWithStaticToken(cmd.Context()), cmd, args)
 		},
 	}
 	cmd.Flags().String(FlagID, "", "Central ID (required)")

internal/dinosaur/pkg/cmd/centrals/list.go

@@ -24,7 +24,7 @@ func NewListCommand() *cobra.Command {
 		Short: "lists all managed central requests",
 		Long:  "lists all managed central requests",
 		Run: func(cmd *cobra.Command, args []string) {
-			runList(fleetmanagerclient.AuthenticatedClientWithOCM(cmd.Context()), cmd, args)
+			runList(fleetmanagerclient.AuthenticatedClientWithStaticToken(cmd.Context()), cmd, args)
 		},
 	}
 	cmd.Flags().String(FlagOwner, "test-user", "Username")

internal/dinosaur/pkg/cmd/fleetmanagerclient/client.go

@@ -14,8 +14,8 @@ import (
 )
 
 var (
-	singletonOCMRefreshTokenInstance sync.Once
-	fmClientAuthWithOCMRefreshToken  *fleetmanager.Client
+	singletonStaticTokenInstance         sync.Once
+	fmAuthenticatedClientWithStaticToken *fleetmanager.Client
 
 	fmClientAuthWithRHOASToken  *fleetmanager.Client
 	singletonRHOASTokenInstance sync.Once
@@ -24,7 +24,7 @@ var (
 const (
 	defaultFleetManagerEndpoint = "http://localhost:8000"
 	fleetManagerEndpointEnvVar  = "FMCLI_FLEET_MANAGER_ENDPOINT"
-	ocmRefreshTokenEnvVar       = "OCM_TOKEN"
+	StaticTokenEnvVar           = "STATIC_TOKEN"
 	rhoasTokenEnvVar            = "RHOAS_TOKEN"
 )
 
@@ -67,31 +67,31 @@ func AuthenticatedClientWithRHOASToken(ctx context.Context) *fleetmanager.Client
 	return fmClientAuthWithRHOASToken
 }
 
-// AuthenticatedClientWithOCM returns a rest client to the fleet-manager and receives the OCM refresh token.
+// AuthenticatedClientWithStaticToken returns a rest client to the fleet-manager and receives the static refresh token.
 // This function will panic on an error, designed to be used by the fleet-manager CLI.
-func AuthenticatedClientWithOCM(ctx context.Context) *fleetmanager.Client {
-	ocmRefreshToken := os.Getenv(ocmRefreshTokenEnvVar)
-	if ocmRefreshToken == "" {
-		panic(fmt.Sprintf("%s not set. Please set OCM token with 'export %s=$(ocm token --refresh)'", ocmRefreshTokenEnvVar, ocmRefreshTokenEnvVar))
+func AuthenticatedClientWithStaticToken(ctx context.Context) *fleetmanager.Client {
+	staticToken := os.Getenv(StaticTokenEnvVar)
+	if staticToken == "" {
+		panic(fmt.Sprintf("%s not set. Please set OCM token with 'export %s=$(ocm token --refresh)'", StaticTokenEnvVar, StaticTokenEnvVar))
 	}
 
 	fleetManagerEndpoint := os.Getenv(fleetManagerEndpointEnvVar)
 	if fleetManagerEndpoint == "" {
 		fleetManagerEndpoint = defaultFleetManagerEndpoint
 	}
 
-	singletonOCMRefreshTokenInstance.Do(func() {
-		auth, err := impl.NewAuth(ctx, impl.OCMAuthName, impl.Option{
-			Ocm: impl.OCMOption{
-				RefreshToken: ocmRefreshToken,
+	singletonStaticTokenInstance.Do(func() {
+		auth, err := impl.NewAuth(ctx, impl.StaticTokenAuthName, impl.Option{
+			Static: impl.StaticOption{
+				StaticToken: staticToken,
 			},
 		})
 		if err != nil {
 			glog.Fatalf("Failed to create connection: %s", err)
 			return
 		}
 
-		fmClientAuthWithOCMRefreshToken, err = impl.NewClient(fleetManagerEndpoint, auth)
+		fmAuthenticatedClientWithStaticToken, err = impl.NewClient(fleetManagerEndpoint, auth)
 		if err != nil {
 			glog.Fatalf("Failed to create connection: %s", err)
 			return
@@ -103,5 +103,5 @@ func AuthenticatedClientWithOCM(ctx context.Context) *fleetmanager.Client {
 	if fleetManagerEndpoint == defaultFleetManagerEndpoint {
 		time.Sleep(5 * time.Second)
 	}
-	return fmClientAuthWithOCMRefreshToken
+	return fmAuthenticatedClientWithStaticToken
 }

pkg/client/fleetmanager/impl/auth.go

@@ -27,7 +27,6 @@ type authFactory interface {
 // Option for the different Auth types.
 type Option struct {
 	Sso            RHSSOOption
-	Ocm            OCMOption
 	Static         StaticOption
 	ServiceAccount ServiceAccountOption
 }
@@ -40,12 +39,6 @@ type RHSSOOption struct {
 	Endpoint     string `env:"RHSSO_ENDPOINT" envDefault:"https://sso.redhat.com"`
 }
 
-// OCMOption for the OCM Auth type.
-type OCMOption struct {
-	RefreshToken string `env:"OCM_TOKEN"`
-	EnableLogger bool   `env:"OCM_ENABLE_LOGGER"`
-}
-
 // StaticOption for the Static Auth type.
 type StaticOption struct {
 	StaticToken string `env:"STATIC_TOKEN"`
@@ -60,7 +53,6 @@ var authFactoryRegistry map[string]authFactory
 
 func init() {
 	authFactoryRegistry = map[string]authFactory{
-		ocmFactory.GetName():                 ocmFactory,
 		rhSSOFactory.GetName():               rhSSOFactory,
 		staticTokenFactory.GetName():         staticTokenFactory,
 		serviceAccountTokenFactory.GetName(): serviceAccountTokenFactory,
@@ -91,11 +83,6 @@ func NewRHSSOAuth(ctx context.Context, opt RHSSOOption) (Auth, error) {
 	return newAuth(ctx, rhSSOFactory.GetName(), Option{Sso: opt})
 }
 
-// NewOCMAuth will return Auth that uses OCM to provide authentication for HTTP requests.
-func NewOCMAuth(ctx context.Context, opt OCMOption) (Auth, error) {
-	return newAuth(ctx, ocmFactory.GetName(), Option{Ocm: opt})
-}
-
 // NewStaticAuth will return Auth that uses a static token to provide authentication for HTTP requests.
 func NewStaticAuth(ctx context.Context, opt StaticOption) (Auth, error) {
 	return newAuth(ctx, staticTokenFactory.GetName(), Option{Static: opt})

pkg/client/fleetmanager/impl/auth_test.go

@@ -18,6 +18,5 @@ func TestAuthOptions(t *testing.T) {
 	assert.Equal(t, "https://sso.redhat.com", authOpt.Sso.Endpoint)
 	assert.Equal(t, "redhat-external", authOpt.Sso.Realm)
 	assert.Equal(t, tokenValue, authOpt.Static.StaticToken)
-	assert.Equal(t, tokenValue, authOpt.Ocm.RefreshToken)
 	assert.Equal(t, tokenFile, authOpt.ServiceAccount.TokenFile)
 }