From 9124b1f111f507a081274cf8931ebd1fe3c8f267 Mon Sep 17 00:00:00 2001 From: Idan Novogroder <43949240+idanovo@users.noreply.github.com> Date: Thu, 14 Sep 2023 10:31:36 +0300 Subject: [PATCH] Remove update and forgot password APIs (#6591) --- api/swagger.yml | 70 +---- clients/java/README.md | 4 - clients/java/api/openapi.yaml | 101 +------ clients/java/docs/AuthApi.md | 131 --------- clients/java/docs/ForgotPasswordRequest.md | 13 - clients/java/docs/UpdatePasswordByToken.md | 15 - clients/java/docs/User.md | 3 +- clients/java/docs/UserCreation.md | 2 +- .../java/io/lakefs/clients/api/AuthApi.java | 232 --------------- .../api/model/ForgotPasswordRequest.java | 98 ------- .../api/model/UpdatePasswordByToken.java | 156 ---------- .../io/lakefs/clients/api/model/User.java | 37 +-- .../clients/api/model/UserCreation.java | 4 +- .../io/lakefs/clients/api/AuthApiTest.java | 32 --- .../api/model/ForgotPasswordRequestTest.java | 51 ---- .../api/model/UpdatePasswordByTokenTest.java | 67 ----- .../io/lakefs/clients/api/model/UserTest.java | 8 - clients/python/.openapi-generator/FILES | 6 - clients/python/README.md | 4 - clients/python/docs/AuthApi.md | 153 ---------- clients/python/docs/ForgotPasswordRequest.md | 12 - clients/python/docs/UpdatePasswordByToken.md | 14 - clients/python/docs/User.md | 3 +- clients/python/docs/UserCreation.md | 2 +- clients/python/lakefs_client/api/auth_api.py | 234 --------------- .../model/forgot_password_request.py | 262 ----------------- .../model/update_password_by_token.py | 272 ------------------ clients/python/lakefs_client/model/user.py | 8 +- .../lakefs_client/model/user_creation.py | 4 +- .../python/lakefs_client/models/__init__.py | 2 - clients/python/test/test_auth_api.py | 14 - .../test/test_forgot_password_request.py | 36 --- .../test/test_update_password_by_token.py | 36 --- docs/assets/js/swagger.yml | 69 +---- pkg/api/controller.go | 78 ----- pkg/auth/service.go | 41 --- webui/src/lib/api/index.js | 30 -- webui/src/pages/auth/index.jsx | 2 - webui/src/pages/auth/login.tsx | 9 +- webui/src/pages/auth/reset-password.jsx | 161 ----------- 40 files changed, 22 insertions(+), 2454 deletions(-) delete mode 100644 clients/java/docs/ForgotPasswordRequest.md delete mode 100644 clients/java/docs/UpdatePasswordByToken.md delete mode 100644 clients/java/src/main/java/io/lakefs/clients/api/model/ForgotPasswordRequest.java delete mode 100644 clients/java/src/main/java/io/lakefs/clients/api/model/UpdatePasswordByToken.java delete mode 100644 clients/java/src/test/java/io/lakefs/clients/api/model/ForgotPasswordRequestTest.java delete mode 100644 clients/java/src/test/java/io/lakefs/clients/api/model/UpdatePasswordByTokenTest.java delete mode 100644 clients/python/docs/ForgotPasswordRequest.md delete mode 100644 clients/python/docs/UpdatePasswordByToken.md delete mode 100644 clients/python/lakefs_client/model/forgot_password_request.py delete mode 100644 clients/python/lakefs_client/model/update_password_by_token.py delete mode 100644 clients/python/test/test_forgot_password_request.py delete mode 100644 clients/python/test/test_update_password_by_token.py delete mode 100644 webui/src/pages/auth/reset-password.jsx diff --git a/api/swagger.yml b/api/swagger.yml index 9ebc23a52eb..9fdccb8c131 100644 --- a/api/swagger.yml +++ b/api/swagger.yml @@ -691,15 +691,13 @@ components: properties: id: type: string - description: a unique identifier for the user. In password-based authentication, this is the email. + description: a unique identifier for the user. creation_date: type: integer format: int64 description: Unix Epoch in seconds friendly_name: type: string - email: - type: string CurrentUser: type: object @@ -709,20 +707,12 @@ components: user: $ref: "#/components/schemas/User" - ForgotPasswordRequest: - type: object - required: - - email - properties: - email: - type: string - UserCreation: type: object properties: id: type: string - description: a unique identifier for the user. In password-based authentication, this is the email. + description: a unique identifier for the user. invite_user: type: boolean required: @@ -821,21 +811,6 @@ components: - featureUpdates - securityUpdates - UpdatePasswordByToken: - type: object - properties: - token: - description: token used for authentication - type: string - newPassword: - description: new password to update - type: string - email: - description: optional user email to match the token for verification - type: string - required: - - token - - newPassword Credentials: type: object @@ -1587,48 +1562,7 @@ paths: default: $ref: "#/components/responses/ServerError" - /auth/password: - post: - tags: - - auth - operationId: updatePassword - summary: Update user password by reset_password token - security: - - cookie_auth: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UpdatePasswordByToken" - responses: - 201: - description: successful reset - 401: - $ref: "#/components/responses/Unauthorized" - default: - $ref: "#/components/responses/ServerError" - /auth/password/forgot: - post: - tags: - - auth - operationId: forgotPassword - summary: forgot password request initiates the password reset process - security: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ForgotPasswordRequest" - responses: - 204: - description: No content - 400: - $ref: "#/components/responses/BadRequest" - default: - $ref: "#/components/responses/ServerError" /auth/capabilities: get: diff --git a/clients/java/README.md b/clients/java/README.md index e16dc594fc8..7d09749cb3f 100644 --- a/clients/java/README.md +++ b/clients/java/README.md @@ -153,7 +153,6 @@ Class | Method | HTTP request | Description *AuthApi* | [**deleteUser**](docs/AuthApi.md#deleteUser) | **DELETE** /auth/users/{userId} | delete user *AuthApi* | [**detachPolicyFromGroup**](docs/AuthApi.md#detachPolicyFromGroup) | **DELETE** /auth/groups/{groupId}/policies/{policyId} | detach policy from group *AuthApi* | [**detachPolicyFromUser**](docs/AuthApi.md#detachPolicyFromUser) | **DELETE** /auth/users/{userId}/policies/{policyId} | detach policy from user -*AuthApi* | [**forgotPassword**](docs/AuthApi.md#forgotPassword) | **POST** /auth/password/forgot | forgot password request initiates the password reset process *AuthApi* | [**getCredentials**](docs/AuthApi.md#getCredentials) | **GET** /auth/users/{userId}/credentials/{accessKeyId} | get credentials *AuthApi* | [**getCurrentUser**](docs/AuthApi.md#getCurrentUser) | **GET** /user | get current user *AuthApi* | [**getGroup**](docs/AuthApi.md#getGroup) | **GET** /auth/groups/{groupId} | get group @@ -170,7 +169,6 @@ Class | Method | HTTP request | Description *AuthApi* | [**listUsers**](docs/AuthApi.md#listUsers) | **GET** /auth/users | list users *AuthApi* | [**login**](docs/AuthApi.md#login) | **POST** /auth/login | perform a login *AuthApi* | [**setGroupACL**](docs/AuthApi.md#setGroupACL) | **POST** /auth/groups/{groupId}/acl | set ACL of group -*AuthApi* | [**updatePassword**](docs/AuthApi.md#updatePassword) | **POST** /auth/password | Update user password by reset_password token *AuthApi* | [**updatePolicy**](docs/AuthApi.md#updatePolicy) | **PUT** /auth/policies/{policyId} | update policy *BranchesApi* | [**cherryPick**](docs/BranchesApi.md#cherryPick) | **POST** /repositories/{repository}/branches/{branch}/cherry-pick | Replay the changes from the given commit on the branch *BranchesApi* | [**createBranch**](docs/BranchesApi.md#createBranch) | **POST** /repositories/{repository}/branches | create branch @@ -267,7 +265,6 @@ Class | Method | HTTP request | Description - [Error](docs/Error.md) - [ErrorNoACL](docs/ErrorNoACL.md) - [FindMergeBaseResult](docs/FindMergeBaseResult.md) - - [ForgotPasswordRequest](docs/ForgotPasswordRequest.md) - [GarbageCollectionConfig](docs/GarbageCollectionConfig.md) - [GarbageCollectionPrepareRequest](docs/GarbageCollectionPrepareRequest.md) - [GarbageCollectionPrepareResponse](docs/GarbageCollectionPrepareResponse.md) @@ -328,7 +325,6 @@ Class | Method | HTTP request | Description - [StorageURI](docs/StorageURI.md) - [TagCreation](docs/TagCreation.md) - [UnderlyingObjectProperties](docs/UnderlyingObjectProperties.md) - - [UpdatePasswordByToken](docs/UpdatePasswordByToken.md) - [UpdateToken](docs/UpdateToken.md) - [User](docs/User.md) - [UserCreation](docs/UserCreation.md) diff --git a/clients/java/api/openapi.yaml b/clients/java/api/openapi.yaml index e4085851a66..3761872ef7b 100644 --- a/clients/java/api/openapi.yaml +++ b/clients/java/api/openapi.yaml @@ -166,67 +166,6 @@ paths: - auth x-contentType: application/json x-accepts: application/json - /auth/password: - post: - operationId: updatePassword - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/UpdatePasswordByToken' - required: true - responses: - "201": - description: successful reset - "401": - content: - application/json: - schema: - $ref: '#/components/schemas/Error' - description: Unauthorized - default: - content: - application/json: - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error - security: - - cookie_auth: [] - summary: Update user password by reset_password token - tags: - - auth - x-contentType: application/json - x-accepts: application/json - /auth/password/forgot: - post: - operationId: forgotPassword - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/ForgotPasswordRequest' - required: true - responses: - "204": - description: No content - "400": - content: - application/json: - schema: - $ref: '#/components/schemas/Error' - description: Bad Request - default: - content: - application/json: - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error - security: [] - summary: forgot password request initiates the password reset process - tags: - - auth - x-contentType: application/json - x-accepts: application/json /auth/capabilities: get: operationId: getAuthCapabilities @@ -6431,11 +6370,9 @@ components: friendly_name: friendly_name id: id creation_date: 0 - email: email properties: id: - description: a unique identifier for the user. In password-based authentication, - this is the email. + description: a unique identifier for the user. type: string creation_date: description: Unix Epoch in seconds @@ -6443,8 +6380,6 @@ components: type: integer friendly_name: type: string - email: - type: string required: - creation_date - id @@ -6455,30 +6390,19 @@ components: friendly_name: friendly_name id: id creation_date: 0 - email: email properties: user: $ref: '#/components/schemas/User' required: - user type: object - ForgotPasswordRequest: - example: - email: email - properties: - email: - type: string - required: - - email - type: object UserCreation: example: invite_user: true id: id properties: id: - description: a unique identifier for the user. In password-based authentication, - this is the email. + description: a unique identifier for the user. type: string invite_user: type: boolean @@ -6611,25 +6535,6 @@ components: - featureUpdates - securityUpdates type: object - UpdatePasswordByToken: - example: - newPassword: newPassword - email: email - token: token - properties: - token: - description: token used for authentication - type: string - newPassword: - description: new password to update - type: string - email: - description: optional user email to match the token for verification - type: string - required: - - newPassword - - token - type: object Credentials: example: access_key_id: access_key_id @@ -6746,11 +6651,9 @@ components: - friendly_name: friendly_name id: id creation_date: 0 - email: email - friendly_name: friendly_name id: id creation_date: 0 - email: email properties: pagination: $ref: '#/components/schemas/Pagination' diff --git a/clients/java/docs/AuthApi.md b/clients/java/docs/AuthApi.md index 02dd8998e57..f8afed299a9 100644 --- a/clients/java/docs/AuthApi.md +++ b/clients/java/docs/AuthApi.md @@ -18,7 +18,6 @@ Method | HTTP request | Description [**deleteUser**](AuthApi.md#deleteUser) | **DELETE** /auth/users/{userId} | delete user [**detachPolicyFromGroup**](AuthApi.md#detachPolicyFromGroup) | **DELETE** /auth/groups/{groupId}/policies/{policyId} | detach policy from group [**detachPolicyFromUser**](AuthApi.md#detachPolicyFromUser) | **DELETE** /auth/users/{userId}/policies/{policyId} | detach policy from user -[**forgotPassword**](AuthApi.md#forgotPassword) | **POST** /auth/password/forgot | forgot password request initiates the password reset process [**getCredentials**](AuthApi.md#getCredentials) | **GET** /auth/users/{userId}/credentials/{accessKeyId} | get credentials [**getCurrentUser**](AuthApi.md#getCurrentUser) | **GET** /user | get current user [**getGroup**](AuthApi.md#getGroup) | **GET** /auth/groups/{groupId} | get group @@ -35,7 +34,6 @@ Method | HTTP request | Description [**listUsers**](AuthApi.md#listUsers) | **GET** /auth/users | list users [**login**](AuthApi.md#login) | **POST** /auth/login | perform a login [**setGroupACL**](AuthApi.md#setGroupACL) | **POST** /auth/groups/{groupId}/acl | set ACL of group -[**updatePassword**](AuthApi.md#updatePassword) | **POST** /auth/password | Update user password by reset_password token [**updatePolicy**](AuthApi.md#updatePolicy) | **PUT** /auth/policies/{policyId} | update policy @@ -1319,67 +1317,6 @@ null (empty response body) **404** | Resource Not Found | - | **0** | Internal Server Error | - | - -# **forgotPassword** -> forgotPassword(forgotPasswordRequest) - -forgot password request initiates the password reset process - -### Example -```java -// Import classes: -import io.lakefs.clients.api.ApiClient; -import io.lakefs.clients.api.ApiException; -import io.lakefs.clients.api.Configuration; -import io.lakefs.clients.api.models.*; -import io.lakefs.clients.api.AuthApi; - -public class Example { - public static void main(String[] args) { - ApiClient defaultClient = Configuration.getDefaultApiClient(); - defaultClient.setBasePath("http://localhost/api/v1"); - - AuthApi apiInstance = new AuthApi(defaultClient); - ForgotPasswordRequest forgotPasswordRequest = new ForgotPasswordRequest(); // ForgotPasswordRequest | - try { - apiInstance.forgotPassword(forgotPasswordRequest); - } catch (ApiException e) { - System.err.println("Exception when calling AuthApi#forgotPassword"); - System.err.println("Status code: " + e.getCode()); - System.err.println("Reason: " + e.getResponseBody()); - System.err.println("Response headers: " + e.getResponseHeaders()); - e.printStackTrace(); - } - } -} -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **forgotPasswordRequest** | [**ForgotPasswordRequest**](ForgotPasswordRequest.md)| | - -### Return type - -null (empty response body) - -### Authorization - -No authorization required - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - -### HTTP response details -| Status code | Description | Response headers | -|-------------|-------------|------------------| -**204** | No content | - | -**400** | Bad Request | - | -**0** | Internal Server Error | - | - # **getCredentials** > Credentials getCredentials(userId, accessKeyId) @@ -2843,74 +2780,6 @@ null (empty response body) **404** | Resource Not Found | - | **0** | Internal Server Error | - | - -# **updatePassword** -> updatePassword(updatePasswordByToken) - -Update user password by reset_password token - -### Example -```java -// Import classes: -import io.lakefs.clients.api.ApiClient; -import io.lakefs.clients.api.ApiException; -import io.lakefs.clients.api.Configuration; -import io.lakefs.clients.api.auth.*; -import io.lakefs.clients.api.models.*; -import io.lakefs.clients.api.AuthApi; - -public class Example { - public static void main(String[] args) { - ApiClient defaultClient = Configuration.getDefaultApiClient(); - defaultClient.setBasePath("http://localhost/api/v1"); - - // Configure API key authorization: cookie_auth - ApiKeyAuth cookie_auth = (ApiKeyAuth) defaultClient.getAuthentication("cookie_auth"); - cookie_auth.setApiKey("YOUR API KEY"); - // Uncomment the following line to set a prefix for the API key, e.g. "Token" (defaults to null) - //cookie_auth.setApiKeyPrefix("Token"); - - AuthApi apiInstance = new AuthApi(defaultClient); - UpdatePasswordByToken updatePasswordByToken = new UpdatePasswordByToken(); // UpdatePasswordByToken | - try { - apiInstance.updatePassword(updatePasswordByToken); - } catch (ApiException e) { - System.err.println("Exception when calling AuthApi#updatePassword"); - System.err.println("Status code: " + e.getCode()); - System.err.println("Reason: " + e.getResponseBody()); - System.err.println("Response headers: " + e.getResponseHeaders()); - e.printStackTrace(); - } - } -} -``` - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **updatePasswordByToken** | [**UpdatePasswordByToken**](UpdatePasswordByToken.md)| | - -### Return type - -null (empty response body) - -### Authorization - -[cookie_auth](../README.md#cookie_auth) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - -### HTTP response details -| Status code | Description | Response headers | -|-------------|-------------|------------------| -**201** | successful reset | - | -**401** | Unauthorized | - | -**0** | Internal Server Error | - | - # **updatePolicy** > Policy updatePolicy(policyId, policy) diff --git a/clients/java/docs/ForgotPasswordRequest.md b/clients/java/docs/ForgotPasswordRequest.md deleted file mode 100644 index 075dbc408d0..00000000000 --- a/clients/java/docs/ForgotPasswordRequest.md +++ /dev/null @@ -1,13 +0,0 @@ - - -# ForgotPasswordRequest - - -## Properties - -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**email** | **String** | | - - - diff --git a/clients/java/docs/UpdatePasswordByToken.md b/clients/java/docs/UpdatePasswordByToken.md deleted file mode 100644 index 401c7b16338..00000000000 --- a/clients/java/docs/UpdatePasswordByToken.md +++ /dev/null @@ -1,15 +0,0 @@ - - -# UpdatePasswordByToken - - -## Properties - -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**token** | **String** | token used for authentication | -**newPassword** | **String** | new password to update | -**email** | **String** | optional user email to match the token for verification | [optional] - - - diff --git a/clients/java/docs/User.md b/clients/java/docs/User.md index 53510057b23..fe543e554df 100644 --- a/clients/java/docs/User.md +++ b/clients/java/docs/User.md @@ -7,10 +7,9 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**id** | **String** | a unique identifier for the user. In password-based authentication, this is the email. | +**id** | **String** | a unique identifier for the user. | **creationDate** | **Long** | Unix Epoch in seconds | **friendlyName** | **String** | | [optional] -**email** | **String** | | [optional] diff --git a/clients/java/docs/UserCreation.md b/clients/java/docs/UserCreation.md index a384671ee29..12d8a5af0a7 100644 --- a/clients/java/docs/UserCreation.md +++ b/clients/java/docs/UserCreation.md @@ -7,7 +7,7 @@ Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**id** | **String** | a unique identifier for the user. In password-based authentication, this is the email. | +**id** | **String** | a unique identifier for the user. | **inviteUser** | **Boolean** | | [optional] diff --git a/clients/java/src/main/java/io/lakefs/clients/api/AuthApi.java b/clients/java/src/main/java/io/lakefs/clients/api/AuthApi.java index 520cb2bab47..6bf7a89ef65 100644 --- a/clients/java/src/main/java/io/lakefs/clients/api/AuthApi.java +++ b/clients/java/src/main/java/io/lakefs/clients/api/AuthApi.java @@ -35,14 +35,12 @@ import io.lakefs.clients.api.model.CurrentUser; import io.lakefs.clients.api.model.Error; import io.lakefs.clients.api.model.ErrorNoACL; -import io.lakefs.clients.api.model.ForgotPasswordRequest; import io.lakefs.clients.api.model.Group; import io.lakefs.clients.api.model.GroupCreation; import io.lakefs.clients.api.model.GroupList; import io.lakefs.clients.api.model.LoginInformation; import io.lakefs.clients.api.model.Policy; import io.lakefs.clients.api.model.PolicyList; -import io.lakefs.clients.api.model.UpdatePasswordByToken; import io.lakefs.clients.api.model.User; import io.lakefs.clients.api.model.UserCreation; import io.lakefs.clients.api.model.UserList; @@ -1833,121 +1831,6 @@ public okhttp3.Call detachPolicyFromUserAsync(String userId, String policyId, fi localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } - /** - * Build call for forgotPassword - * @param forgotPasswordRequest (required) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
204 No content -
400 Bad Request -
0 Internal Server Error -
- */ - public okhttp3.Call forgotPasswordCall(ForgotPasswordRequest forgotPasswordRequest, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = forgotPasswordRequest; - - // create path and map variables - String localVarPath = "/auth/password/forgot"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "application/json" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call forgotPasswordValidateBeforeCall(ForgotPasswordRequest forgotPasswordRequest, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'forgotPasswordRequest' is set - if (forgotPasswordRequest == null) { - throw new ApiException("Missing the required parameter 'forgotPasswordRequest' when calling forgotPassword(Async)"); - } - - - okhttp3.Call localVarCall = forgotPasswordCall(forgotPasswordRequest, _callback); - return localVarCall; - - } - - /** - * forgot password request initiates the password reset process - * - * @param forgotPasswordRequest (required) - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
204 No content -
400 Bad Request -
0 Internal Server Error -
- */ - public void forgotPassword(ForgotPasswordRequest forgotPasswordRequest) throws ApiException { - forgotPasswordWithHttpInfo(forgotPasswordRequest); - } - - /** - * forgot password request initiates the password reset process - * - * @param forgotPasswordRequest (required) - * @return ApiResponse<Void> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
204 No content -
400 Bad Request -
0 Internal Server Error -
- */ - public ApiResponse forgotPasswordWithHttpInfo(ForgotPasswordRequest forgotPasswordRequest) throws ApiException { - okhttp3.Call localVarCall = forgotPasswordValidateBeforeCall(forgotPasswordRequest, null); - return localVarApiClient.execute(localVarCall); - } - - /** - * forgot password request initiates the password reset process (asynchronously) - * - * @param forgotPasswordRequest (required) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
204 No content -
400 Bad Request -
0 Internal Server Error -
- */ - public okhttp3.Call forgotPasswordAsync(ForgotPasswordRequest forgotPasswordRequest, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = forgotPasswordValidateBeforeCall(forgotPasswordRequest, _callback); - localVarApiClient.executeAsync(localVarCall, _callback); - return localVarCall; - } /** * Build call for getCredentials * @param userId (required) @@ -4069,121 +3952,6 @@ public okhttp3.Call setGroupACLAsync(String groupId, ACL ACL, final ApiCallback< localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } - /** - * Build call for updatePassword - * @param updatePasswordByToken (required) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
201 successful reset -
401 Unauthorized -
0 Internal Server Error -
- */ - public okhttp3.Call updatePasswordCall(UpdatePasswordByToken updatePasswordByToken, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = updatePasswordByToken; - - // create path and map variables - String localVarPath = "/auth/password"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "application/json" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "cookie_auth" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call updatePasswordValidateBeforeCall(UpdatePasswordByToken updatePasswordByToken, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'updatePasswordByToken' is set - if (updatePasswordByToken == null) { - throw new ApiException("Missing the required parameter 'updatePasswordByToken' when calling updatePassword(Async)"); - } - - - okhttp3.Call localVarCall = updatePasswordCall(updatePasswordByToken, _callback); - return localVarCall; - - } - - /** - * Update user password by reset_password token - * - * @param updatePasswordByToken (required) - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
201 successful reset -
401 Unauthorized -
0 Internal Server Error -
- */ - public void updatePassword(UpdatePasswordByToken updatePasswordByToken) throws ApiException { - updatePasswordWithHttpInfo(updatePasswordByToken); - } - - /** - * Update user password by reset_password token - * - * @param updatePasswordByToken (required) - * @return ApiResponse<Void> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
201 successful reset -
401 Unauthorized -
0 Internal Server Error -
- */ - public ApiResponse updatePasswordWithHttpInfo(UpdatePasswordByToken updatePasswordByToken) throws ApiException { - okhttp3.Call localVarCall = updatePasswordValidateBeforeCall(updatePasswordByToken, null); - return localVarApiClient.execute(localVarCall); - } - - /** - * Update user password by reset_password token (asynchronously) - * - * @param updatePasswordByToken (required) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
201 successful reset -
401 Unauthorized -
0 Internal Server Error -
- */ - public okhttp3.Call updatePasswordAsync(UpdatePasswordByToken updatePasswordByToken, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = updatePasswordValidateBeforeCall(updatePasswordByToken, _callback); - localVarApiClient.executeAsync(localVarCall, _callback); - return localVarCall; - } /** * Build call for updatePolicy * @param policyId (required) diff --git a/clients/java/src/main/java/io/lakefs/clients/api/model/ForgotPasswordRequest.java b/clients/java/src/main/java/io/lakefs/clients/api/model/ForgotPasswordRequest.java deleted file mode 100644 index 4aecfceeb90..00000000000 --- a/clients/java/src/main/java/io/lakefs/clients/api/model/ForgotPasswordRequest.java +++ /dev/null @@ -1,98 +0,0 @@ -/* - * lakeFS API - * lakeFS HTTP API - * - * The version of the OpenAPI document: 0.1.0 - * - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package io.lakefs.clients.api.model; - -import java.util.Objects; -import java.util.Arrays; -import com.google.gson.TypeAdapter; -import com.google.gson.annotations.JsonAdapter; -import com.google.gson.annotations.SerializedName; -import com.google.gson.stream.JsonReader; -import com.google.gson.stream.JsonWriter; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import java.io.IOException; - -/** - * ForgotPasswordRequest - */ -@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen") -public class ForgotPasswordRequest { - public static final String SERIALIZED_NAME_EMAIL = "email"; - @SerializedName(SERIALIZED_NAME_EMAIL) - private String email; - - - public ForgotPasswordRequest email(String email) { - - this.email = email; - return this; - } - - /** - * Get email - * @return email - **/ - @javax.annotation.Nonnull - @ApiModelProperty(required = true, value = "") - - public String getEmail() { - return email; - } - - - public void setEmail(String email) { - this.email = email; - } - - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o == null || getClass() != o.getClass()) { - return false; - } - ForgotPasswordRequest forgotPasswordRequest = (ForgotPasswordRequest) o; - return Objects.equals(this.email, forgotPasswordRequest.email); - } - - @Override - public int hashCode() { - return Objects.hash(email); - } - - @Override - public String toString() { - StringBuilder sb = new StringBuilder(); - sb.append("class ForgotPasswordRequest {\n"); - sb.append(" email: ").append(toIndentedString(email)).append("\n"); - sb.append("}"); - return sb.toString(); - } - - /** - * Convert the given object to string with each line indented by 4 spaces - * (except the first line). - */ - private String toIndentedString(Object o) { - if (o == null) { - return "null"; - } - return o.toString().replace("\n", "\n "); - } - -} - diff --git a/clients/java/src/main/java/io/lakefs/clients/api/model/UpdatePasswordByToken.java b/clients/java/src/main/java/io/lakefs/clients/api/model/UpdatePasswordByToken.java deleted file mode 100644 index 41bf91425fb..00000000000 --- a/clients/java/src/main/java/io/lakefs/clients/api/model/UpdatePasswordByToken.java +++ /dev/null @@ -1,156 +0,0 @@ -/* - * lakeFS API - * lakeFS HTTP API - * - * The version of the OpenAPI document: 0.1.0 - * - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package io.lakefs.clients.api.model; - -import java.util.Objects; -import java.util.Arrays; -import com.google.gson.TypeAdapter; -import com.google.gson.annotations.JsonAdapter; -import com.google.gson.annotations.SerializedName; -import com.google.gson.stream.JsonReader; -import com.google.gson.stream.JsonWriter; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import java.io.IOException; - -/** - * UpdatePasswordByToken - */ -@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen") -public class UpdatePasswordByToken { - public static final String SERIALIZED_NAME_TOKEN = "token"; - @SerializedName(SERIALIZED_NAME_TOKEN) - private String token; - - public static final String SERIALIZED_NAME_NEW_PASSWORD = "newPassword"; - @SerializedName(SERIALIZED_NAME_NEW_PASSWORD) - private String newPassword; - - public static final String SERIALIZED_NAME_EMAIL = "email"; - @SerializedName(SERIALIZED_NAME_EMAIL) - private String email; - - - public UpdatePasswordByToken token(String token) { - - this.token = token; - return this; - } - - /** - * token used for authentication - * @return token - **/ - @javax.annotation.Nonnull - @ApiModelProperty(required = true, value = "token used for authentication") - - public String getToken() { - return token; - } - - - public void setToken(String token) { - this.token = token; - } - - - public UpdatePasswordByToken newPassword(String newPassword) { - - this.newPassword = newPassword; - return this; - } - - /** - * new password to update - * @return newPassword - **/ - @javax.annotation.Nonnull - @ApiModelProperty(required = true, value = "new password to update") - - public String getNewPassword() { - return newPassword; - } - - - public void setNewPassword(String newPassword) { - this.newPassword = newPassword; - } - - - public UpdatePasswordByToken email(String email) { - - this.email = email; - return this; - } - - /** - * optional user email to match the token for verification - * @return email - **/ - @javax.annotation.Nullable - @ApiModelProperty(value = "optional user email to match the token for verification") - - public String getEmail() { - return email; - } - - - public void setEmail(String email) { - this.email = email; - } - - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o == null || getClass() != o.getClass()) { - return false; - } - UpdatePasswordByToken updatePasswordByToken = (UpdatePasswordByToken) o; - return Objects.equals(this.token, updatePasswordByToken.token) && - Objects.equals(this.newPassword, updatePasswordByToken.newPassword) && - Objects.equals(this.email, updatePasswordByToken.email); - } - - @Override - public int hashCode() { - return Objects.hash(token, newPassword, email); - } - - @Override - public String toString() { - StringBuilder sb = new StringBuilder(); - sb.append("class UpdatePasswordByToken {\n"); - sb.append(" token: ").append(toIndentedString(token)).append("\n"); - sb.append(" newPassword: ").append(toIndentedString(newPassword)).append("\n"); - sb.append(" email: ").append(toIndentedString(email)).append("\n"); - sb.append("}"); - return sb.toString(); - } - - /** - * Convert the given object to string with each line indented by 4 spaces - * (except the first line). - */ - private String toIndentedString(Object o) { - if (o == null) { - return "null"; - } - return o.toString().replace("\n", "\n "); - } - -} - diff --git a/clients/java/src/main/java/io/lakefs/clients/api/model/User.java b/clients/java/src/main/java/io/lakefs/clients/api/model/User.java index 0655e621207..24379fc6410 100644 --- a/clients/java/src/main/java/io/lakefs/clients/api/model/User.java +++ b/clients/java/src/main/java/io/lakefs/clients/api/model/User.java @@ -41,10 +41,6 @@ public class User { @SerializedName(SERIALIZED_NAME_FRIENDLY_NAME) private String friendlyName; - public static final String SERIALIZED_NAME_EMAIL = "email"; - @SerializedName(SERIALIZED_NAME_EMAIL) - private String email; - public User id(String id) { @@ -53,11 +49,11 @@ public User id(String id) { } /** - * a unique identifier for the user. In password-based authentication, this is the email. + * a unique identifier for the user. * @return id **/ @javax.annotation.Nonnull - @ApiModelProperty(required = true, value = "a unique identifier for the user. In password-based authentication, this is the email.") + @ApiModelProperty(required = true, value = "a unique identifier for the user.") public String getId() { return id; @@ -115,29 +111,6 @@ public void setFriendlyName(String friendlyName) { } - public User email(String email) { - - this.email = email; - return this; - } - - /** - * Get email - * @return email - **/ - @javax.annotation.Nullable - @ApiModelProperty(value = "") - - public String getEmail() { - return email; - } - - - public void setEmail(String email) { - this.email = email; - } - - @Override public boolean equals(Object o) { if (this == o) { @@ -149,13 +122,12 @@ public boolean equals(Object o) { User user = (User) o; return Objects.equals(this.id, user.id) && Objects.equals(this.creationDate, user.creationDate) && - Objects.equals(this.friendlyName, user.friendlyName) && - Objects.equals(this.email, user.email); + Objects.equals(this.friendlyName, user.friendlyName); } @Override public int hashCode() { - return Objects.hash(id, creationDate, friendlyName, email); + return Objects.hash(id, creationDate, friendlyName); } @Override @@ -165,7 +137,6 @@ public String toString() { sb.append(" id: ").append(toIndentedString(id)).append("\n"); sb.append(" creationDate: ").append(toIndentedString(creationDate)).append("\n"); sb.append(" friendlyName: ").append(toIndentedString(friendlyName)).append("\n"); - sb.append(" email: ").append(toIndentedString(email)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/clients/java/src/main/java/io/lakefs/clients/api/model/UserCreation.java b/clients/java/src/main/java/io/lakefs/clients/api/model/UserCreation.java index f3d7a9eb482..7af62d415c8 100644 --- a/clients/java/src/main/java/io/lakefs/clients/api/model/UserCreation.java +++ b/clients/java/src/main/java/io/lakefs/clients/api/model/UserCreation.java @@ -45,11 +45,11 @@ public UserCreation id(String id) { } /** - * a unique identifier for the user. In password-based authentication, this is the email. + * a unique identifier for the user. * @return id **/ @javax.annotation.Nonnull - @ApiModelProperty(required = true, value = "a unique identifier for the user. In password-based authentication, this is the email.") + @ApiModelProperty(required = true, value = "a unique identifier for the user.") public String getId() { return id; diff --git a/clients/java/src/test/java/io/lakefs/clients/api/AuthApiTest.java b/clients/java/src/test/java/io/lakefs/clients/api/AuthApiTest.java index 83ba7f1aff3..d1450bf29d8 100644 --- a/clients/java/src/test/java/io/lakefs/clients/api/AuthApiTest.java +++ b/clients/java/src/test/java/io/lakefs/clients/api/AuthApiTest.java @@ -22,14 +22,12 @@ import io.lakefs.clients.api.model.CurrentUser; import io.lakefs.clients.api.model.Error; import io.lakefs.clients.api.model.ErrorNoACL; -import io.lakefs.clients.api.model.ForgotPasswordRequest; import io.lakefs.clients.api.model.Group; import io.lakefs.clients.api.model.GroupCreation; import io.lakefs.clients.api.model.GroupList; import io.lakefs.clients.api.model.LoginInformation; import io.lakefs.clients.api.model.Policy; import io.lakefs.clients.api.model.PolicyList; -import io.lakefs.clients.api.model.UpdatePasswordByToken; import io.lakefs.clients.api.model.User; import io.lakefs.clients.api.model.UserCreation; import io.lakefs.clients.api.model.UserList; @@ -267,21 +265,6 @@ public void detachPolicyFromUserTest() throws ApiException { // TODO: test validations } - /** - * forgot password request initiates the password reset process - * - * - * - * @throws ApiException - * if the Api call fails - */ - @Test - public void forgotPasswordTest() throws ApiException { - ForgotPasswordRequest forgotPasswordRequest = null; - api.forgotPassword(forgotPasswordRequest); - // TODO: test validations - } - /** * get credentials * @@ -545,21 +528,6 @@ public void setGroupACLTest() throws ApiException { // TODO: test validations } - /** - * Update user password by reset_password token - * - * - * - * @throws ApiException - * if the Api call fails - */ - @Test - public void updatePasswordTest() throws ApiException { - UpdatePasswordByToken updatePasswordByToken = null; - api.updatePassword(updatePasswordByToken); - // TODO: test validations - } - /** * update policy * diff --git a/clients/java/src/test/java/io/lakefs/clients/api/model/ForgotPasswordRequestTest.java b/clients/java/src/test/java/io/lakefs/clients/api/model/ForgotPasswordRequestTest.java deleted file mode 100644 index b0628f03581..00000000000 --- a/clients/java/src/test/java/io/lakefs/clients/api/model/ForgotPasswordRequestTest.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * lakeFS API - * lakeFS HTTP API - * - * The version of the OpenAPI document: 0.1.0 - * - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package io.lakefs.clients.api.model; - -import com.google.gson.TypeAdapter; -import com.google.gson.annotations.JsonAdapter; -import com.google.gson.annotations.SerializedName; -import com.google.gson.stream.JsonReader; -import com.google.gson.stream.JsonWriter; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import java.io.IOException; -import org.junit.Assert; -import org.junit.Ignore; -import org.junit.Test; - - -/** - * Model tests for ForgotPasswordRequest - */ -public class ForgotPasswordRequestTest { - private final ForgotPasswordRequest model = new ForgotPasswordRequest(); - - /** - * Model tests for ForgotPasswordRequest - */ - @Test - public void testForgotPasswordRequest() { - // TODO: test ForgotPasswordRequest - } - - /** - * Test the property 'email' - */ - @Test - public void emailTest() { - // TODO: test email - } - -} diff --git a/clients/java/src/test/java/io/lakefs/clients/api/model/UpdatePasswordByTokenTest.java b/clients/java/src/test/java/io/lakefs/clients/api/model/UpdatePasswordByTokenTest.java deleted file mode 100644 index d4537f35c5c..00000000000 --- a/clients/java/src/test/java/io/lakefs/clients/api/model/UpdatePasswordByTokenTest.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * lakeFS API - * lakeFS HTTP API - * - * The version of the OpenAPI document: 0.1.0 - * - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package io.lakefs.clients.api.model; - -import com.google.gson.TypeAdapter; -import com.google.gson.annotations.JsonAdapter; -import com.google.gson.annotations.SerializedName; -import com.google.gson.stream.JsonReader; -import com.google.gson.stream.JsonWriter; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import java.io.IOException; -import org.junit.Assert; -import org.junit.Ignore; -import org.junit.Test; - - -/** - * Model tests for UpdatePasswordByToken - */ -public class UpdatePasswordByTokenTest { - private final UpdatePasswordByToken model = new UpdatePasswordByToken(); - - /** - * Model tests for UpdatePasswordByToken - */ - @Test - public void testUpdatePasswordByToken() { - // TODO: test UpdatePasswordByToken - } - - /** - * Test the property 'token' - */ - @Test - public void tokenTest() { - // TODO: test token - } - - /** - * Test the property 'newPassword' - */ - @Test - public void newPasswordTest() { - // TODO: test newPassword - } - - /** - * Test the property 'email' - */ - @Test - public void emailTest() { - // TODO: test email - } - -} diff --git a/clients/java/src/test/java/io/lakefs/clients/api/model/UserTest.java b/clients/java/src/test/java/io/lakefs/clients/api/model/UserTest.java index 9ca002a8bb6..d347ee8a5b6 100644 --- a/clients/java/src/test/java/io/lakefs/clients/api/model/UserTest.java +++ b/clients/java/src/test/java/io/lakefs/clients/api/model/UserTest.java @@ -64,12 +64,4 @@ public void friendlyNameTest() { // TODO: test friendlyName } - /** - * Test the property 'email' - */ - @Test - public void emailTest() { - // TODO: test email - } - } diff --git a/clients/python/.openapi-generator/FILES b/clients/python/.openapi-generator/FILES index e77e0047b14..62467335172 100644 --- a/clients/python/.openapi-generator/FILES +++ b/clients/python/.openapi-generator/FILES @@ -30,7 +30,6 @@ docs/Error.md docs/ErrorNoACL.md docs/ExperimentalApi.md docs/FindMergeBaseResult.md -docs/ForgotPasswordRequest.md docs/GarbageCollectionConfig.md docs/GarbageCollectionPrepareRequest.md docs/GarbageCollectionPrepareResponse.md @@ -103,7 +102,6 @@ docs/StorageURI.md docs/TagCreation.md docs/TagsApi.md docs/UnderlyingObjectProperties.md -docs/UpdatePasswordByToken.md docs/UpdateToken.md docs/User.md docs/UserCreation.md @@ -156,7 +154,6 @@ lakefs_client/model/diff_properties.py lakefs_client/model/error.py lakefs_client/model/error_no_acl.py lakefs_client/model/find_merge_base_result.py -lakefs_client/model/forgot_password_request.py lakefs_client/model/garbage_collection_config.py lakefs_client/model/garbage_collection_prepare_request.py lakefs_client/model/garbage_collection_prepare_response.py @@ -219,7 +216,6 @@ lakefs_client/model/storage_config.py lakefs_client/model/storage_uri.py lakefs_client/model/tag_creation.py lakefs_client/model/underlying_object_properties.py -lakefs_client/model/update_password_by_token.py lakefs_client/model/update_token.py lakefs_client/model/user.py lakefs_client/model/user_creation.py @@ -262,7 +258,6 @@ test/test_error.py test/test_error_no_acl.py test/test_experimental_api.py test/test_find_merge_base_result.py -test/test_forgot_password_request.py test/test_garbage_collection_config.py test/test_garbage_collection_prepare_request.py test/test_garbage_collection_prepare_response.py @@ -335,7 +330,6 @@ test/test_storage_uri.py test/test_tag_creation.py test/test_tags_api.py test/test_underlying_object_properties.py -test/test_update_password_by_token.py test/test_update_token.py test/test_user.py test/test_user_creation.py diff --git a/clients/python/README.md b/clients/python/README.md index d40a5a0406d..fb718049cc7 100644 --- a/clients/python/README.md +++ b/clients/python/README.md @@ -134,7 +134,6 @@ Class | Method | HTTP request | Description *AuthApi* | [**delete_user**](docs/AuthApi.md#delete_user) | **DELETE** /auth/users/{userId} | delete user *AuthApi* | [**detach_policy_from_group**](docs/AuthApi.md#detach_policy_from_group) | **DELETE** /auth/groups/{groupId}/policies/{policyId} | detach policy from group *AuthApi* | [**detach_policy_from_user**](docs/AuthApi.md#detach_policy_from_user) | **DELETE** /auth/users/{userId}/policies/{policyId} | detach policy from user -*AuthApi* | [**forgot_password**](docs/AuthApi.md#forgot_password) | **POST** /auth/password/forgot | forgot password request initiates the password reset process *AuthApi* | [**get_credentials**](docs/AuthApi.md#get_credentials) | **GET** /auth/users/{userId}/credentials/{accessKeyId} | get credentials *AuthApi* | [**get_current_user**](docs/AuthApi.md#get_current_user) | **GET** /user | get current user *AuthApi* | [**get_group**](docs/AuthApi.md#get_group) | **GET** /auth/groups/{groupId} | get group @@ -151,7 +150,6 @@ Class | Method | HTTP request | Description *AuthApi* | [**list_users**](docs/AuthApi.md#list_users) | **GET** /auth/users | list users *AuthApi* | [**login**](docs/AuthApi.md#login) | **POST** /auth/login | perform a login *AuthApi* | [**set_group_acl**](docs/AuthApi.md#set_group_acl) | **POST** /auth/groups/{groupId}/acl | set ACL of group -*AuthApi* | [**update_password**](docs/AuthApi.md#update_password) | **POST** /auth/password | Update user password by reset_password token *AuthApi* | [**update_policy**](docs/AuthApi.md#update_policy) | **PUT** /auth/policies/{policyId} | update policy *BranchesApi* | [**cherry_pick**](docs/BranchesApi.md#cherry_pick) | **POST** /repositories/{repository}/branches/{branch}/cherry-pick | Replay the changes from the given commit on the branch *BranchesApi* | [**create_branch**](docs/BranchesApi.md#create_branch) | **POST** /repositories/{repository}/branches | create branch @@ -248,7 +246,6 @@ Class | Method | HTTP request | Description - [Error](docs/Error.md) - [ErrorNoACL](docs/ErrorNoACL.md) - [FindMergeBaseResult](docs/FindMergeBaseResult.md) - - [ForgotPasswordRequest](docs/ForgotPasswordRequest.md) - [GarbageCollectionConfig](docs/GarbageCollectionConfig.md) - [GarbageCollectionPrepareRequest](docs/GarbageCollectionPrepareRequest.md) - [GarbageCollectionPrepareResponse](docs/GarbageCollectionPrepareResponse.md) @@ -311,7 +308,6 @@ Class | Method | HTTP request | Description - [StorageURI](docs/StorageURI.md) - [TagCreation](docs/TagCreation.md) - [UnderlyingObjectProperties](docs/UnderlyingObjectProperties.md) - - [UpdatePasswordByToken](docs/UpdatePasswordByToken.md) - [UpdateToken](docs/UpdateToken.md) - [User](docs/User.md) - [UserCreation](docs/UserCreation.md) diff --git a/clients/python/docs/AuthApi.md b/clients/python/docs/AuthApi.md index 4f83baa0045..9502b89365e 100644 --- a/clients/python/docs/AuthApi.md +++ b/clients/python/docs/AuthApi.md @@ -18,7 +18,6 @@ Method | HTTP request | Description [**delete_user**](AuthApi.md#delete_user) | **DELETE** /auth/users/{userId} | delete user [**detach_policy_from_group**](AuthApi.md#detach_policy_from_group) | **DELETE** /auth/groups/{groupId}/policies/{policyId} | detach policy from group [**detach_policy_from_user**](AuthApi.md#detach_policy_from_user) | **DELETE** /auth/users/{userId}/policies/{policyId} | detach policy from user -[**forgot_password**](AuthApi.md#forgot_password) | **POST** /auth/password/forgot | forgot password request initiates the password reset process [**get_credentials**](AuthApi.md#get_credentials) | **GET** /auth/users/{userId}/credentials/{accessKeyId} | get credentials [**get_current_user**](AuthApi.md#get_current_user) | **GET** /user | get current user [**get_group**](AuthApi.md#get_group) | **GET** /auth/groups/{groupId} | get group @@ -35,7 +34,6 @@ Method | HTTP request | Description [**list_users**](AuthApi.md#list_users) | **GET** /auth/users | list users [**login**](AuthApi.md#login) | **POST** /auth/login | perform a login [**set_group_acl**](AuthApi.md#set_group_acl) | **POST** /auth/groups/{groupId}/acl | set ACL of group -[**update_password**](AuthApi.md#update_password) | **POST** /auth/password | Update user password by reset_password token [**update_policy**](AuthApi.md#update_policy) | **PUT** /auth/policies/{policyId} | update policy @@ -1554,75 +1552,6 @@ void (empty response body) [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) -# **forgot_password** -> forgot_password(forgot_password_request) - -forgot password request initiates the password reset process - -### Example - - -```python -import time -import lakefs_client -from lakefs_client.api import auth_api -from lakefs_client.model.forgot_password_request import ForgotPasswordRequest -from lakefs_client.model.error import Error -from pprint import pprint -# Defining the host is optional and defaults to http://localhost/api/v1 -# See configuration.py for a list of all supported configuration parameters. -configuration = lakefs_client.Configuration( - host = "http://localhost/api/v1" -) - - -# Enter a context with an instance of the API client -with lakefs_client.ApiClient() as api_client: - # Create an instance of the API class - api_instance = auth_api.AuthApi(api_client) - forgot_password_request = ForgotPasswordRequest( - email="email_example", - ) # ForgotPasswordRequest | - - # example passing only required values which don't have defaults set - try: - # forgot password request initiates the password reset process - api_instance.forgot_password(forgot_password_request) - except lakefs_client.ApiException as e: - print("Exception when calling AuthApi->forgot_password: %s\n" % e) -``` - - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **forgot_password_request** | [**ForgotPasswordRequest**](ForgotPasswordRequest.md)| | - -### Return type - -void (empty response body) - -### Authorization - -No authorization required - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - -### HTTP response details - -| Status code | Description | Response headers | -|-------------|-------------|------------------| -**204** | No content | - | -**400** | Bad Request | - | -**0** | Internal Server Error | - | - -[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) - # **get_credentials** > Credentials get_credentials(user_id, access_key_id) @@ -3387,88 +3316,6 @@ void (empty response body) [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) -# **update_password** -> update_password(update_password_by_token) - -Update user password by reset_password token - -### Example - -* Api Key Authentication (cookie_auth): - -```python -import time -import lakefs_client -from lakefs_client.api import auth_api -from lakefs_client.model.update_password_by_token import UpdatePasswordByToken -from lakefs_client.model.error import Error -from pprint import pprint -# Defining the host is optional and defaults to http://localhost/api/v1 -# See configuration.py for a list of all supported configuration parameters. -configuration = lakefs_client.Configuration( - host = "http://localhost/api/v1" -) - -# The client must configure the authentication and authorization parameters -# in accordance with the API server security policy. -# Examples for each auth method are provided below, use the example that -# satisfies your auth use case. - -# Configure API key authorization: cookie_auth -configuration.api_key['cookie_auth'] = 'YOUR_API_KEY' - -# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed -# configuration.api_key_prefix['cookie_auth'] = 'Bearer' - -# Enter a context with an instance of the API client -with lakefs_client.ApiClient(configuration) as api_client: - # Create an instance of the API class - api_instance = auth_api.AuthApi(api_client) - update_password_by_token = UpdatePasswordByToken( - token="token_example", - new_password="new_password_example", - email="email_example", - ) # UpdatePasswordByToken | - - # example passing only required values which don't have defaults set - try: - # Update user password by reset_password token - api_instance.update_password(update_password_by_token) - except lakefs_client.ApiException as e: - print("Exception when calling AuthApi->update_password: %s\n" % e) -``` - - -### Parameters - -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- - **update_password_by_token** | [**UpdatePasswordByToken**](UpdatePasswordByToken.md)| | - -### Return type - -void (empty response body) - -### Authorization - -[cookie_auth](../README.md#cookie_auth) - -### HTTP request headers - - - **Content-Type**: application/json - - **Accept**: application/json - - -### HTTP response details - -| Status code | Description | Response headers | -|-------------|-------------|------------------| -**201** | successful reset | - | -**401** | Unauthorized | - | -**0** | Internal Server Error | - | - -[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) - # **update_policy** > Policy update_policy(policy_id, policy) diff --git a/clients/python/docs/ForgotPasswordRequest.md b/clients/python/docs/ForgotPasswordRequest.md deleted file mode 100644 index ab61e973795..00000000000 --- a/clients/python/docs/ForgotPasswordRequest.md +++ /dev/null @@ -1,12 +0,0 @@ -# ForgotPasswordRequest - - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**email** | **str** | | -**any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/clients/python/docs/UpdatePasswordByToken.md b/clients/python/docs/UpdatePasswordByToken.md deleted file mode 100644 index 7a7ffebee6f..00000000000 --- a/clients/python/docs/UpdatePasswordByToken.md +++ /dev/null @@ -1,14 +0,0 @@ -# UpdatePasswordByToken - - -## Properties -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**token** | **str** | token used for authentication | -**new_password** | **str** | new password to update | -**email** | **str** | optional user email to match the token for verification | [optional] -**any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/clients/python/docs/User.md b/clients/python/docs/User.md index fd8ec228439..dd570f69395 100644 --- a/clients/python/docs/User.md +++ b/clients/python/docs/User.md @@ -4,10 +4,9 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**id** | **str** | a unique identifier for the user. In password-based authentication, this is the email. | +**id** | **str** | a unique identifier for the user. | **creation_date** | **int** | Unix Epoch in seconds | **friendly_name** | **str** | | [optional] -**email** | **str** | | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) diff --git a/clients/python/docs/UserCreation.md b/clients/python/docs/UserCreation.md index a0dca37f28d..c3a70a16228 100644 --- a/clients/python/docs/UserCreation.md +++ b/clients/python/docs/UserCreation.md @@ -4,7 +4,7 @@ ## Properties Name | Type | Description | Notes ------------ | ------------- | ------------- | ------------- -**id** | **str** | a unique identifier for the user. In password-based authentication, this is the email. | +**id** | **str** | a unique identifier for the user. | **invite_user** | **bool** | | [optional] **any string name** | **bool, date, datetime, dict, float, int, list, str, none_type** | any string name can be used but the value must be the correct type | [optional] diff --git a/clients/python/lakefs_client/api/auth_api.py b/clients/python/lakefs_client/api/auth_api.py index e69508ba528..7ce6c4bfc84 100644 --- a/clients/python/lakefs_client/api/auth_api.py +++ b/clients/python/lakefs_client/api/auth_api.py @@ -30,14 +30,12 @@ from lakefs_client.model.current_user import CurrentUser from lakefs_client.model.error import Error from lakefs_client.model.error_no_acl import ErrorNoACL -from lakefs_client.model.forgot_password_request import ForgotPasswordRequest from lakefs_client.model.group import Group from lakefs_client.model.group_creation import GroupCreation from lakefs_client.model.group_list import GroupList from lakefs_client.model.login_information import LoginInformation from lakefs_client.model.policy import Policy from lakefs_client.model.policy_list import PolicyList -from lakefs_client.model.update_password_by_token import UpdatePasswordByToken from lakefs_client.model.user import User from lakefs_client.model.user_creation import UserCreation from lakefs_client.model.user_list import UserList @@ -865,56 +863,6 @@ def __init__(self, api_client=None): }, api_client=api_client ) - self.forgot_password_endpoint = _Endpoint( - settings={ - 'response_type': None, - 'auth': [], - 'endpoint_path': '/auth/password/forgot', - 'operation_id': 'forgot_password', - 'http_method': 'POST', - 'servers': None, - }, - params_map={ - 'all': [ - 'forgot_password_request', - ], - 'required': [ - 'forgot_password_request', - ], - 'nullable': [ - ], - 'enum': [ - ], - 'validation': [ - ] - }, - root_map={ - 'validations': { - }, - 'allowed_values': { - }, - 'openapi_types': { - 'forgot_password_request': - (ForgotPasswordRequest,), - }, - 'attribute_map': { - }, - 'location_map': { - 'forgot_password_request': 'body', - }, - 'collection_format_map': { - } - }, - headers_map={ - 'accept': [ - 'application/json' - ], - 'content_type': [ - 'application/json' - ] - }, - api_client=api_client - ) self.get_credentials_endpoint = _Endpoint( settings={ 'response_type': (Credentials,), @@ -1946,58 +1894,6 @@ def __init__(self, api_client=None): }, api_client=api_client ) - self.update_password_endpoint = _Endpoint( - settings={ - 'response_type': None, - 'auth': [ - 'cookie_auth' - ], - 'endpoint_path': '/auth/password', - 'operation_id': 'update_password', - 'http_method': 'POST', - 'servers': None, - }, - params_map={ - 'all': [ - 'update_password_by_token', - ], - 'required': [ - 'update_password_by_token', - ], - 'nullable': [ - ], - 'enum': [ - ], - 'validation': [ - ] - }, - root_map={ - 'validations': { - }, - 'allowed_values': { - }, - 'openapi_types': { - 'update_password_by_token': - (UpdatePasswordByToken,), - }, - 'attribute_map': { - }, - 'location_map': { - 'update_password_by_token': 'body', - }, - 'collection_format_map': { - } - }, - headers_map={ - 'accept': [ - 'application/json' - ], - 'content_type': [ - 'application/json' - ] - }, - api_client=api_client - ) self.update_policy_endpoint = _Endpoint( settings={ 'response_type': (Policy,), @@ -2991,71 +2887,6 @@ def detach_policy_from_user( policy_id return self.detach_policy_from_user_endpoint.call_with_http_info(**kwargs) - def forgot_password( - self, - forgot_password_request, - **kwargs - ): - """forgot password request initiates the password reset process # noqa: E501 - - This method makes a synchronous HTTP request by default. To make an - asynchronous HTTP request, please pass async_req=True - - >>> thread = api.forgot_password(forgot_password_request, async_req=True) - >>> result = thread.get() - - Args: - forgot_password_request (ForgotPasswordRequest): - - Keyword Args: - _return_http_data_only (bool): response data without head status - code and headers. Default is True. - _preload_content (bool): if False, the urllib3.HTTPResponse object - will be returned without reading/decoding response data. - Default is True. - _request_timeout (int/float/tuple): timeout setting for this request. If - one number provided, it will be total request timeout. It can also - be a pair (tuple) of (connection, read) timeouts. - Default is None. - _check_input_type (bool): specifies if type checking - should be done one the data sent to the server. - Default is True. - _check_return_type (bool): specifies if type checking - should be done one the data received from the server. - Default is True. - _host_index (int/None): specifies the index of the server - that we want to use. - Default is read from the configuration. - async_req (bool): execute request asynchronously - - Returns: - None - If the method is called asynchronously, returns the request - thread. - """ - kwargs['async_req'] = kwargs.get( - 'async_req', False - ) - kwargs['_return_http_data_only'] = kwargs.get( - '_return_http_data_only', True - ) - kwargs['_preload_content'] = kwargs.get( - '_preload_content', True - ) - kwargs['_request_timeout'] = kwargs.get( - '_request_timeout', None - ) - kwargs['_check_input_type'] = kwargs.get( - '_check_input_type', True - ) - kwargs['_check_return_type'] = kwargs.get( - '_check_return_type', True - ) - kwargs['_host_index'] = kwargs.get('_host_index') - kwargs['forgot_password_request'] = \ - forgot_password_request - return self.forgot_password_endpoint.call_with_http_info(**kwargs) - def get_credentials( self, user_id, @@ -4105,71 +3936,6 @@ def set_group_acl( acl return self.set_group_acl_endpoint.call_with_http_info(**kwargs) - def update_password( - self, - update_password_by_token, - **kwargs - ): - """Update user password by reset_password token # noqa: E501 - - This method makes a synchronous HTTP request by default. To make an - asynchronous HTTP request, please pass async_req=True - - >>> thread = api.update_password(update_password_by_token, async_req=True) - >>> result = thread.get() - - Args: - update_password_by_token (UpdatePasswordByToken): - - Keyword Args: - _return_http_data_only (bool): response data without head status - code and headers. Default is True. - _preload_content (bool): if False, the urllib3.HTTPResponse object - will be returned without reading/decoding response data. - Default is True. - _request_timeout (int/float/tuple): timeout setting for this request. If - one number provided, it will be total request timeout. It can also - be a pair (tuple) of (connection, read) timeouts. - Default is None. - _check_input_type (bool): specifies if type checking - should be done one the data sent to the server. - Default is True. - _check_return_type (bool): specifies if type checking - should be done one the data received from the server. - Default is True. - _host_index (int/None): specifies the index of the server - that we want to use. - Default is read from the configuration. - async_req (bool): execute request asynchronously - - Returns: - None - If the method is called asynchronously, returns the request - thread. - """ - kwargs['async_req'] = kwargs.get( - 'async_req', False - ) - kwargs['_return_http_data_only'] = kwargs.get( - '_return_http_data_only', True - ) - kwargs['_preload_content'] = kwargs.get( - '_preload_content', True - ) - kwargs['_request_timeout'] = kwargs.get( - '_request_timeout', None - ) - kwargs['_check_input_type'] = kwargs.get( - '_check_input_type', True - ) - kwargs['_check_return_type'] = kwargs.get( - '_check_return_type', True - ) - kwargs['_host_index'] = kwargs.get('_host_index') - kwargs['update_password_by_token'] = \ - update_password_by_token - return self.update_password_endpoint.call_with_http_info(**kwargs) - def update_policy( self, policy_id, diff --git a/clients/python/lakefs_client/model/forgot_password_request.py b/clients/python/lakefs_client/model/forgot_password_request.py deleted file mode 100644 index 318b9fa3d72..00000000000 --- a/clients/python/lakefs_client/model/forgot_password_request.py +++ /dev/null @@ -1,262 +0,0 @@ -""" - lakeFS API - - lakeFS HTTP API # noqa: E501 - - The version of the OpenAPI document: 0.1.0 - Contact: services@treeverse.io - Generated by: https://openapi-generator.tech -""" - - -import re # noqa: F401 -import sys # noqa: F401 - -from lakefs_client.model_utils import ( # noqa: F401 - ApiTypeError, - ModelComposed, - ModelNormal, - ModelSimple, - cached_property, - change_keys_js_to_python, - convert_js_args_to_python_args, - date, - datetime, - file_type, - none_type, - validate_get_composed_info, -) -from ..model_utils import OpenApiModel -from lakefs_client.exceptions import ApiAttributeError - - - -class ForgotPasswordRequest(ModelNormal): - """NOTE: This class is auto generated by OpenAPI Generator. - Ref: https://openapi-generator.tech - - Do not edit the class manually. - - Attributes: - allowed_values (dict): The key is the tuple path to the attribute - and the for var_name this is (var_name,). The value is a dict - with a capitalized key describing the allowed value and an allowed - value. These dicts store the allowed enum values. - attribute_map (dict): The key is attribute name - and the value is json key in definition. - discriminator_value_class_map (dict): A dict to go from the discriminator - variable value to the discriminator class name. - validations (dict): The key is the tuple path to the attribute - and the for var_name this is (var_name,). The value is a dict - that stores validations for max_length, min_length, max_items, - min_items, exclusive_maximum, inclusive_maximum, exclusive_minimum, - inclusive_minimum, and regex. - additional_properties_type (tuple): A tuple of classes accepted - as additional properties values. - """ - - allowed_values = { - } - - validations = { - } - - @cached_property - def additional_properties_type(): - """ - This must be a method because a model may have properties that are - of type self, this must run after the class is loaded - """ - return (bool, date, datetime, dict, float, int, list, str, none_type,) # noqa: E501 - - _nullable = False - - @cached_property - def openapi_types(): - """ - This must be a method because a model may have properties that are - of type self, this must run after the class is loaded - - Returns - openapi_types (dict): The key is attribute name - and the value is attribute type. - """ - return { - 'email': (str,), # noqa: E501 - } - - @cached_property - def discriminator(): - return None - - - attribute_map = { - 'email': 'email', # noqa: E501 - } - - read_only_vars = { - } - - _composed_schemas = {} - - @classmethod - @convert_js_args_to_python_args - def _from_openapi_data(cls, email, *args, **kwargs): # noqa: E501 - """ForgotPasswordRequest - a model defined in OpenAPI - - Args: - email (str): - - Keyword Args: - _check_type (bool): if True, values for parameters in openapi_types - will be type checked and a TypeError will be - raised if the wrong type is input. - Defaults to True - _path_to_item (tuple/list): This is a list of keys or values to - drill down to the model in received_data - when deserializing a response - _spec_property_naming (bool): True if the variable names in the input data - are serialized names, as specified in the OpenAPI document. - False if the variable names in the input data - are pythonic names, e.g. snake case (default) - _configuration (Configuration): the instance to use when - deserializing a file_type parameter. - If passed, type conversion is attempted - If omitted no type conversion is done. - _visited_composed_classes (tuple): This stores a tuple of - classes that we have traveled through so that - if we see that class again we will not use its - discriminator again. - When traveling through a discriminator, the - composed schema that is - is traveled through is added to this set. - For example if Animal has a discriminator - petType and we pass in "Dog", and the class Dog - allOf includes Animal, we move through Animal - once using the discriminator, and pick Dog. - Then in Dog, we will make an instance of the - Animal class but this time we won't travel - through its discriminator because we passed in - _visited_composed_classes = (Animal,) - """ - - _check_type = kwargs.pop('_check_type', True) - _spec_property_naming = kwargs.pop('_spec_property_naming', False) - _path_to_item = kwargs.pop('_path_to_item', ()) - _configuration = kwargs.pop('_configuration', None) - _visited_composed_classes = kwargs.pop('_visited_composed_classes', ()) - - self = super(OpenApiModel, cls).__new__(cls) - - if args: - raise ApiTypeError( - "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % ( - args, - self.__class__.__name__, - ), - path_to_item=_path_to_item, - valid_classes=(self.__class__,), - ) - - self._data_store = {} - self._check_type = _check_type - self._spec_property_naming = _spec_property_naming - self._path_to_item = _path_to_item - self._configuration = _configuration - self._visited_composed_classes = _visited_composed_classes + (self.__class__,) - - self.email = email - for var_name, var_value in kwargs.items(): - if var_name not in self.attribute_map and \ - self._configuration is not None and \ - self._configuration.discard_unknown_keys and \ - self.additional_properties_type is None: - # discard variable. - continue - setattr(self, var_name, var_value) - return self - - required_properties = set([ - '_data_store', - '_check_type', - '_spec_property_naming', - '_path_to_item', - '_configuration', - '_visited_composed_classes', - ]) - - @convert_js_args_to_python_args - def __init__(self, email, *args, **kwargs): # noqa: E501 - """ForgotPasswordRequest - a model defined in OpenAPI - - Args: - email (str): - - Keyword Args: - _check_type (bool): if True, values for parameters in openapi_types - will be type checked and a TypeError will be - raised if the wrong type is input. - Defaults to True - _path_to_item (tuple/list): This is a list of keys or values to - drill down to the model in received_data - when deserializing a response - _spec_property_naming (bool): True if the variable names in the input data - are serialized names, as specified in the OpenAPI document. - False if the variable names in the input data - are pythonic names, e.g. snake case (default) - _configuration (Configuration): the instance to use when - deserializing a file_type parameter. - If passed, type conversion is attempted - If omitted no type conversion is done. - _visited_composed_classes (tuple): This stores a tuple of - classes that we have traveled through so that - if we see that class again we will not use its - discriminator again. - When traveling through a discriminator, the - composed schema that is - is traveled through is added to this set. - For example if Animal has a discriminator - petType and we pass in "Dog", and the class Dog - allOf includes Animal, we move through Animal - once using the discriminator, and pick Dog. - Then in Dog, we will make an instance of the - Animal class but this time we won't travel - through its discriminator because we passed in - _visited_composed_classes = (Animal,) - """ - - _check_type = kwargs.pop('_check_type', True) - _spec_property_naming = kwargs.pop('_spec_property_naming', False) - _path_to_item = kwargs.pop('_path_to_item', ()) - _configuration = kwargs.pop('_configuration', None) - _visited_composed_classes = kwargs.pop('_visited_composed_classes', ()) - - if args: - raise ApiTypeError( - "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % ( - args, - self.__class__.__name__, - ), - path_to_item=_path_to_item, - valid_classes=(self.__class__,), - ) - - self._data_store = {} - self._check_type = _check_type - self._spec_property_naming = _spec_property_naming - self._path_to_item = _path_to_item - self._configuration = _configuration - self._visited_composed_classes = _visited_composed_classes + (self.__class__,) - - self.email = email - for var_name, var_value in kwargs.items(): - if var_name not in self.attribute_map and \ - self._configuration is not None and \ - self._configuration.discard_unknown_keys and \ - self.additional_properties_type is None: - # discard variable. - continue - setattr(self, var_name, var_value) - if var_name in self.read_only_vars: - raise ApiAttributeError(f"`{var_name}` is a read-only attribute. Use `from_openapi_data` to instantiate " - f"class with read only attributes.") diff --git a/clients/python/lakefs_client/model/update_password_by_token.py b/clients/python/lakefs_client/model/update_password_by_token.py deleted file mode 100644 index f6b5cd5fe0c..00000000000 --- a/clients/python/lakefs_client/model/update_password_by_token.py +++ /dev/null @@ -1,272 +0,0 @@ -""" - lakeFS API - - lakeFS HTTP API # noqa: E501 - - The version of the OpenAPI document: 0.1.0 - Contact: services@treeverse.io - Generated by: https://openapi-generator.tech -""" - - -import re # noqa: F401 -import sys # noqa: F401 - -from lakefs_client.model_utils import ( # noqa: F401 - ApiTypeError, - ModelComposed, - ModelNormal, - ModelSimple, - cached_property, - change_keys_js_to_python, - convert_js_args_to_python_args, - date, - datetime, - file_type, - none_type, - validate_get_composed_info, -) -from ..model_utils import OpenApiModel -from lakefs_client.exceptions import ApiAttributeError - - - -class UpdatePasswordByToken(ModelNormal): - """NOTE: This class is auto generated by OpenAPI Generator. - Ref: https://openapi-generator.tech - - Do not edit the class manually. - - Attributes: - allowed_values (dict): The key is the tuple path to the attribute - and the for var_name this is (var_name,). The value is a dict - with a capitalized key describing the allowed value and an allowed - value. These dicts store the allowed enum values. - attribute_map (dict): The key is attribute name - and the value is json key in definition. - discriminator_value_class_map (dict): A dict to go from the discriminator - variable value to the discriminator class name. - validations (dict): The key is the tuple path to the attribute - and the for var_name this is (var_name,). The value is a dict - that stores validations for max_length, min_length, max_items, - min_items, exclusive_maximum, inclusive_maximum, exclusive_minimum, - inclusive_minimum, and regex. - additional_properties_type (tuple): A tuple of classes accepted - as additional properties values. - """ - - allowed_values = { - } - - validations = { - } - - @cached_property - def additional_properties_type(): - """ - This must be a method because a model may have properties that are - of type self, this must run after the class is loaded - """ - return (bool, date, datetime, dict, float, int, list, str, none_type,) # noqa: E501 - - _nullable = False - - @cached_property - def openapi_types(): - """ - This must be a method because a model may have properties that are - of type self, this must run after the class is loaded - - Returns - openapi_types (dict): The key is attribute name - and the value is attribute type. - """ - return { - 'token': (str,), # noqa: E501 - 'new_password': (str,), # noqa: E501 - 'email': (str,), # noqa: E501 - } - - @cached_property - def discriminator(): - return None - - - attribute_map = { - 'token': 'token', # noqa: E501 - 'new_password': 'newPassword', # noqa: E501 - 'email': 'email', # noqa: E501 - } - - read_only_vars = { - } - - _composed_schemas = {} - - @classmethod - @convert_js_args_to_python_args - def _from_openapi_data(cls, token, new_password, *args, **kwargs): # noqa: E501 - """UpdatePasswordByToken - a model defined in OpenAPI - - Args: - token (str): token used for authentication - new_password (str): new password to update - - Keyword Args: - _check_type (bool): if True, values for parameters in openapi_types - will be type checked and a TypeError will be - raised if the wrong type is input. - Defaults to True - _path_to_item (tuple/list): This is a list of keys or values to - drill down to the model in received_data - when deserializing a response - _spec_property_naming (bool): True if the variable names in the input data - are serialized names, as specified in the OpenAPI document. - False if the variable names in the input data - are pythonic names, e.g. snake case (default) - _configuration (Configuration): the instance to use when - deserializing a file_type parameter. - If passed, type conversion is attempted - If omitted no type conversion is done. - _visited_composed_classes (tuple): This stores a tuple of - classes that we have traveled through so that - if we see that class again we will not use its - discriminator again. - When traveling through a discriminator, the - composed schema that is - is traveled through is added to this set. - For example if Animal has a discriminator - petType and we pass in "Dog", and the class Dog - allOf includes Animal, we move through Animal - once using the discriminator, and pick Dog. - Then in Dog, we will make an instance of the - Animal class but this time we won't travel - through its discriminator because we passed in - _visited_composed_classes = (Animal,) - email (str): optional user email to match the token for verification. [optional] # noqa: E501 - """ - - _check_type = kwargs.pop('_check_type', True) - _spec_property_naming = kwargs.pop('_spec_property_naming', False) - _path_to_item = kwargs.pop('_path_to_item', ()) - _configuration = kwargs.pop('_configuration', None) - _visited_composed_classes = kwargs.pop('_visited_composed_classes', ()) - - self = super(OpenApiModel, cls).__new__(cls) - - if args: - raise ApiTypeError( - "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % ( - args, - self.__class__.__name__, - ), - path_to_item=_path_to_item, - valid_classes=(self.__class__,), - ) - - self._data_store = {} - self._check_type = _check_type - self._spec_property_naming = _spec_property_naming - self._path_to_item = _path_to_item - self._configuration = _configuration - self._visited_composed_classes = _visited_composed_classes + (self.__class__,) - - self.token = token - self.new_password = new_password - for var_name, var_value in kwargs.items(): - if var_name not in self.attribute_map and \ - self._configuration is not None and \ - self._configuration.discard_unknown_keys and \ - self.additional_properties_type is None: - # discard variable. - continue - setattr(self, var_name, var_value) - return self - - required_properties = set([ - '_data_store', - '_check_type', - '_spec_property_naming', - '_path_to_item', - '_configuration', - '_visited_composed_classes', - ]) - - @convert_js_args_to_python_args - def __init__(self, token, new_password, *args, **kwargs): # noqa: E501 - """UpdatePasswordByToken - a model defined in OpenAPI - - Args: - token (str): token used for authentication - new_password (str): new password to update - - Keyword Args: - _check_type (bool): if True, values for parameters in openapi_types - will be type checked and a TypeError will be - raised if the wrong type is input. - Defaults to True - _path_to_item (tuple/list): This is a list of keys or values to - drill down to the model in received_data - when deserializing a response - _spec_property_naming (bool): True if the variable names in the input data - are serialized names, as specified in the OpenAPI document. - False if the variable names in the input data - are pythonic names, e.g. snake case (default) - _configuration (Configuration): the instance to use when - deserializing a file_type parameter. - If passed, type conversion is attempted - If omitted no type conversion is done. - _visited_composed_classes (tuple): This stores a tuple of - classes that we have traveled through so that - if we see that class again we will not use its - discriminator again. - When traveling through a discriminator, the - composed schema that is - is traveled through is added to this set. - For example if Animal has a discriminator - petType and we pass in "Dog", and the class Dog - allOf includes Animal, we move through Animal - once using the discriminator, and pick Dog. - Then in Dog, we will make an instance of the - Animal class but this time we won't travel - through its discriminator because we passed in - _visited_composed_classes = (Animal,) - email (str): optional user email to match the token for verification. [optional] # noqa: E501 - """ - - _check_type = kwargs.pop('_check_type', True) - _spec_property_naming = kwargs.pop('_spec_property_naming', False) - _path_to_item = kwargs.pop('_path_to_item', ()) - _configuration = kwargs.pop('_configuration', None) - _visited_composed_classes = kwargs.pop('_visited_composed_classes', ()) - - if args: - raise ApiTypeError( - "Invalid positional arguments=%s passed to %s. Remove those invalid positional arguments." % ( - args, - self.__class__.__name__, - ), - path_to_item=_path_to_item, - valid_classes=(self.__class__,), - ) - - self._data_store = {} - self._check_type = _check_type - self._spec_property_naming = _spec_property_naming - self._path_to_item = _path_to_item - self._configuration = _configuration - self._visited_composed_classes = _visited_composed_classes + (self.__class__,) - - self.token = token - self.new_password = new_password - for var_name, var_value in kwargs.items(): - if var_name not in self.attribute_map and \ - self._configuration is not None and \ - self._configuration.discard_unknown_keys and \ - self.additional_properties_type is None: - # discard variable. - continue - setattr(self, var_name, var_value) - if var_name in self.read_only_vars: - raise ApiAttributeError(f"`{var_name}` is a read-only attribute. Use `from_openapi_data` to instantiate " - f"class with read only attributes.") diff --git a/clients/python/lakefs_client/model/user.py b/clients/python/lakefs_client/model/user.py index f39590763fb..8128380762a 100644 --- a/clients/python/lakefs_client/model/user.py +++ b/clients/python/lakefs_client/model/user.py @@ -85,7 +85,6 @@ def openapi_types(): 'id': (str,), # noqa: E501 'creation_date': (int,), # noqa: E501 'friendly_name': (str,), # noqa: E501 - 'email': (str,), # noqa: E501 } @cached_property @@ -97,7 +96,6 @@ def discriminator(): 'id': 'id', # noqa: E501 'creation_date': 'creation_date', # noqa: E501 'friendly_name': 'friendly_name', # noqa: E501 - 'email': 'email', # noqa: E501 } read_only_vars = { @@ -111,7 +109,7 @@ def _from_openapi_data(cls, id, creation_date, *args, **kwargs): # noqa: E501 """User - a model defined in OpenAPI Args: - id (str): a unique identifier for the user. In password-based authentication, this is the email. + id (str): a unique identifier for the user. creation_date (int): Unix Epoch in seconds Keyword Args: @@ -146,7 +144,6 @@ def _from_openapi_data(cls, id, creation_date, *args, **kwargs): # noqa: E501 through its discriminator because we passed in _visited_composed_classes = (Animal,) friendly_name (str): [optional] # noqa: E501 - email (str): [optional] # noqa: E501 """ _check_type = kwargs.pop('_check_type', True) @@ -200,7 +197,7 @@ def __init__(self, id, creation_date, *args, **kwargs): # noqa: E501 """User - a model defined in OpenAPI Args: - id (str): a unique identifier for the user. In password-based authentication, this is the email. + id (str): a unique identifier for the user. creation_date (int): Unix Epoch in seconds Keyword Args: @@ -235,7 +232,6 @@ def __init__(self, id, creation_date, *args, **kwargs): # noqa: E501 through its discriminator because we passed in _visited_composed_classes = (Animal,) friendly_name (str): [optional] # noqa: E501 - email (str): [optional] # noqa: E501 """ _check_type = kwargs.pop('_check_type', True) diff --git a/clients/python/lakefs_client/model/user_creation.py b/clients/python/lakefs_client/model/user_creation.py index 0ecb59f4033..db179bbfb68 100644 --- a/clients/python/lakefs_client/model/user_creation.py +++ b/clients/python/lakefs_client/model/user_creation.py @@ -107,7 +107,7 @@ def _from_openapi_data(cls, id, *args, **kwargs): # noqa: E501 """UserCreation - a model defined in OpenAPI Args: - id (str): a unique identifier for the user. In password-based authentication, this is the email. + id (str): a unique identifier for the user. Keyword Args: _check_type (bool): if True, values for parameters in openapi_types @@ -193,7 +193,7 @@ def __init__(self, id, *args, **kwargs): # noqa: E501 """UserCreation - a model defined in OpenAPI Args: - id (str): a unique identifier for the user. In password-based authentication, this is the email. + id (str): a unique identifier for the user. Keyword Args: _check_type (bool): if True, values for parameters in openapi_types diff --git a/clients/python/lakefs_client/models/__init__.py b/clients/python/lakefs_client/models/__init__.py index 9b1f2e12104..cf2a403a395 100644 --- a/clients/python/lakefs_client/models/__init__.py +++ b/clients/python/lakefs_client/models/__init__.py @@ -32,7 +32,6 @@ from lakefs_client.model.error import Error from lakefs_client.model.error_no_acl import ErrorNoACL from lakefs_client.model.find_merge_base_result import FindMergeBaseResult -from lakefs_client.model.forgot_password_request import ForgotPasswordRequest from lakefs_client.model.garbage_collection_config import GarbageCollectionConfig from lakefs_client.model.garbage_collection_prepare_request import GarbageCollectionPrepareRequest from lakefs_client.model.garbage_collection_prepare_response import GarbageCollectionPrepareResponse @@ -95,7 +94,6 @@ from lakefs_client.model.storage_uri import StorageURI from lakefs_client.model.tag_creation import TagCreation from lakefs_client.model.underlying_object_properties import UnderlyingObjectProperties -from lakefs_client.model.update_password_by_token import UpdatePasswordByToken from lakefs_client.model.update_token import UpdateToken from lakefs_client.model.user import User from lakefs_client.model.user_creation import UserCreation diff --git a/clients/python/test/test_auth_api.py b/clients/python/test/test_auth_api.py index 364f31b6b0e..1a92c1b8ee1 100644 --- a/clients/python/test/test_auth_api.py +++ b/clients/python/test/test_auth_api.py @@ -122,13 +122,6 @@ def test_detach_policy_from_user(self): """ pass - def test_forgot_password(self): - """Test case for forgot_password - - forgot password request initiates the password reset process # noqa: E501 - """ - pass - def test_get_credentials(self): """Test case for get_credentials @@ -241,13 +234,6 @@ def test_set_group_acl(self): """ pass - def test_update_password(self): - """Test case for update_password - - Update user password by reset_password token # noqa: E501 - """ - pass - def test_update_policy(self): """Test case for update_policy diff --git a/clients/python/test/test_forgot_password_request.py b/clients/python/test/test_forgot_password_request.py deleted file mode 100644 index 217daa1fb2c..00000000000 --- a/clients/python/test/test_forgot_password_request.py +++ /dev/null @@ -1,36 +0,0 @@ -""" - lakeFS API - - lakeFS HTTP API # noqa: E501 - - The version of the OpenAPI document: 0.1.0 - Contact: services@treeverse.io - Generated by: https://openapi-generator.tech -""" - - -import sys -import unittest - -import lakefs_client -from lakefs_client.model.forgot_password_request import ForgotPasswordRequest - - -class TestForgotPasswordRequest(unittest.TestCase): - """ForgotPasswordRequest unit test stubs""" - - def setUp(self): - pass - - def tearDown(self): - pass - - def testForgotPasswordRequest(self): - """Test ForgotPasswordRequest""" - # FIXME: construct object with mandatory attributes with example values - # model = ForgotPasswordRequest() # noqa: E501 - pass - - -if __name__ == '__main__': - unittest.main() diff --git a/clients/python/test/test_update_password_by_token.py b/clients/python/test/test_update_password_by_token.py deleted file mode 100644 index c1779e542de..00000000000 --- a/clients/python/test/test_update_password_by_token.py +++ /dev/null @@ -1,36 +0,0 @@ -""" - lakeFS API - - lakeFS HTTP API # noqa: E501 - - The version of the OpenAPI document: 0.1.0 - Contact: services@treeverse.io - Generated by: https://openapi-generator.tech -""" - - -import sys -import unittest - -import lakefs_client -from lakefs_client.model.update_password_by_token import UpdatePasswordByToken - - -class TestUpdatePasswordByToken(unittest.TestCase): - """UpdatePasswordByToken unit test stubs""" - - def setUp(self): - pass - - def tearDown(self): - pass - - def testUpdatePasswordByToken(self): - """Test UpdatePasswordByToken""" - # FIXME: construct object with mandatory attributes with example values - # model = UpdatePasswordByToken() # noqa: E501 - pass - - -if __name__ == '__main__': - unittest.main() diff --git a/docs/assets/js/swagger.yml b/docs/assets/js/swagger.yml index 9ebc23a52eb..2138338a30b 100644 --- a/docs/assets/js/swagger.yml +++ b/docs/assets/js/swagger.yml @@ -691,7 +691,7 @@ components: properties: id: type: string - description: a unique identifier for the user. In password-based authentication, this is the email. + description: a unique identifier for the user. creation_date: type: integer format: int64 @@ -709,20 +709,13 @@ components: user: $ref: "#/components/schemas/User" - ForgotPasswordRequest: - type: object - required: - - email - properties: - email: - type: string UserCreation: type: object properties: id: type: string - description: a unique identifier for the user. In password-based authentication, this is the email. + description: a unique identifier for the user. invite_user: type: boolean required: @@ -821,22 +814,6 @@ components: - featureUpdates - securityUpdates - UpdatePasswordByToken: - type: object - properties: - token: - description: token used for authentication - type: string - newPassword: - description: new password to update - type: string - email: - description: optional user email to match the token for verification - type: string - required: - - token - - newPassword - Credentials: type: object required: @@ -1587,48 +1564,6 @@ paths: default: $ref: "#/components/responses/ServerError" - /auth/password: - post: - tags: - - auth - operationId: updatePassword - summary: Update user password by reset_password token - security: - - cookie_auth: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UpdatePasswordByToken" - responses: - 201: - description: successful reset - 401: - $ref: "#/components/responses/Unauthorized" - default: - $ref: "#/components/responses/ServerError" - - /auth/password/forgot: - post: - tags: - - auth - operationId: forgotPassword - summary: forgot password request initiates the password reset process - security: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ForgotPasswordRequest" - responses: - 204: - description: No content - 400: - $ref: "#/components/responses/BadRequest" - default: - $ref: "#/components/responses/ServerError" /auth/capabilities: get: diff --git a/pkg/api/controller.go b/pkg/api/controller.go index 30eae107cc4..35b4df62d8d 100644 --- a/pkg/api/controller.go +++ b/pkg/api/controller.go @@ -62,8 +62,6 @@ const ( DefaultMaxDeleteObjects = 1000 - DefaultResetPasswordExpiration = 20 * time.Minute - // httpStatusClientClosedRequest used as internal status code when request context is cancelled httpStatusClientClosedRequest = 499 // httpStatusClientClosedRequestText text used for client closed request status code @@ -705,7 +703,6 @@ func (c *Controller) ListGroupMembers(w http.ResponseWriter, r *http.Request, gr response.Results = append(response.Results, apigen.User{ Id: u.Username, CreationDate: u.CreatedAt.Unix(), - Email: u.Email, }) } writeResponse(w, r, http.StatusOK, response) @@ -1065,18 +1062,11 @@ func (c *Controller) ListUsers(w http.ResponseWriter, r *http.Request, params ap response.Results = append(response.Results, apigen.User{ Id: u.Username, CreationDate: u.CreatedAt.Unix(), - Email: u.Email, }) } writeResponse(w, r, http.StatusOK, response) } -func (c *Controller) generateResetPasswordToken(email string, duration time.Duration) (string, error) { - secret := c.Auth.SecretStore().SharedSecret() - currentTime := time.Now() - return auth.GenerateJWTResetPassword(secret, email, currentTime, currentTime.Add(duration)) -} - func (c *Controller) CreateUser(w http.ResponseWriter, r *http.Request, body apigen.CreateUserJSONRequestBody) { invite := swag.BoolValue(body.InviteUser) username := body.Id @@ -4232,74 +4222,6 @@ func (c *Controller) GetCurrentUser(w http.ResponseWriter, r *http.Request) { writeResponse(w, r, http.StatusOK, response) } -func (c *Controller) resetPasswordRequest(ctx context.Context, emailAddr string) error { - user, err := c.Auth.GetUserByEmail(ctx, emailAddr) - if err != nil { - return err - } - emailAddr = swag.StringValue(user.Email) - token, err := c.generateResetPasswordToken(emailAddr, DefaultResetPasswordExpiration) - if err != nil { - c.Logger.WithError(err).WithField("email_address", emailAddr).Error("reset password - failed generating token") - return err - } - params := map[string]string{ - "token": token, - } - err = c.Emailer.SendResetPasswordEmail([]string{emailAddr}, params) - if err != nil { - c.Logger.WithError(err).WithField("email_address", emailAddr).Error("reset password - failed sending email") - return err - } - c.Logger.WithField("email", emailAddr).Info("reset password email sent") - return nil -} - -func (c *Controller) ForgotPassword(w http.ResponseWriter, r *http.Request, body apigen.ForgotPasswordJSONRequestBody) { - addr, err := mail.ParseAddress(body.Email) - if err != nil { - writeError(w, r, http.StatusBadRequest, "invalid email") - return - } - err = c.resetPasswordRequest(r.Context(), addr.Address) - if err != nil { - c.Logger.WithError(err).WithField("email", body.Email).Debug("failed sending reset password email") - } - writeResponse(w, r, http.StatusNoContent, nil) -} - -func (c *Controller) UpdatePassword(w http.ResponseWriter, r *http.Request, body apigen.UpdatePasswordJSONRequestBody) { - claims, err := VerifyResetPasswordToken(r.Context(), c.Auth, body.Token) - if err != nil { - c.Logger.WithError(err).WithField("token", body.Token).Debug("failed to verify token") - writeError(w, r, http.StatusUnauthorized, ErrAuthenticatingRequest) - return - } - - // verify provided email matched the token - requestEmail := swag.StringValue(body.Email) - if requestEmail != "" && requestEmail != claims.Subject { - c.Logger.WithError(err).WithFields(logging.Fields{ - "token": body.Token, - "request_email": requestEmail, - }).Debug("requested email doesn't match the email provided in verified token") - } - - user, err := c.Auth.GetUserByEmail(r.Context(), claims.Subject) - if err != nil { - c.Logger.WithError(err).WithField("email", claims.Subject).Warn("failed to retrieve user by email") - writeError(w, r, http.StatusNotFound, http.StatusText(http.StatusNotFound)) - return - } - err = c.Auth.HashAndUpdatePassword(r.Context(), user.Username, body.NewPassword) - if err != nil { - c.Logger.WithError(err).WithField("username", user.Username).Debug("failed to update password") - writeError(w, r, http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError)) - return - } - writeResponse(w, r, http.StatusCreated, nil) -} - func (c *Controller) GetLakeFSVersion(w http.ResponseWriter, r *http.Request) { ctx := r.Context() _, err := auth.GetUser(ctx) diff --git a/pkg/auth/service.go b/pkg/auth/service.go index 1dd6973441c..f9a91bbdd6b 100644 --- a/pkg/auth/service.go +++ b/pkg/auth/service.go @@ -28,7 +28,6 @@ import ( "github.com/treeverse/lakefs/pkg/kv" "github.com/treeverse/lakefs/pkg/logging" "github.com/treeverse/lakefs/pkg/permissions" - "golang.org/x/crypto/bcrypt" "google.golang.org/protobuf/proto" "google.golang.org/protobuf/reflect/protoreflect" "google.golang.org/protobuf/types/known/timestamppb" @@ -114,7 +113,6 @@ type Service interface { GetCredentialsForUser(ctx context.Context, username, accessKeyID string) (*model.Credential, error) GetCredentials(ctx context.Context, accessKeyID string) (*model.Credential, error) ListUserCredentials(ctx context.Context, username string, params *model.PaginationParams) ([]*model.Credential, *model.Paginator, error) - HashAndUpdatePassword(ctx context.Context, username string, password string) error // policy<->user attachments AttachPolicyToUser(ctx context.Context, policyDisplayName, username string) error @@ -988,31 +986,6 @@ func (s *AuthService) GetCredentials(ctx context.Context, accessKeyID string) (* }) } -func (s *AuthService) HashAndUpdatePassword(ctx context.Context, username string, password string) error { - user, err := s.GetUser(ctx, username) - if err != nil { - return err - } - pw, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) - if err != nil { - return err - } - userKey := model.UserPath(user.Username) - userUpdatePassword := model.User{ - CreatedAt: user.CreatedAt, - Username: user.Username, - FriendlyName: user.FriendlyName, - Email: user.Email, - EncryptedPassword: pw, - Source: user.Source, - } - err = kv.SetMsgIf(ctx, s.store, model.PartitionKey, userKey, model.ProtoFromUser(&userUpdatePassword), user) - if err != nil { - return fmt.Errorf("update user password (userKey %s): %w", userKey, err) - } - return err -} - func interpolateUser(resource string, username string) string { return strings.ReplaceAll(resource, "${user}", username) } @@ -1351,20 +1324,6 @@ func (a *APIAuthService) ListUsers(ctx context.Context, params *model.Pagination return users, toPagination(pagination), nil } -func (a *APIAuthService) HashAndUpdatePassword(ctx context.Context, username string, password string) error { - encryptedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) - if err != nil { - return err - } - resp, err := a.apiClient.UpdatePasswordWithResponse(ctx, username, UpdatePasswordJSONRequestBody{EncryptedPassword: encryptedPassword}) - if err != nil { - a.logger.WithField("username", username).WithError(err).Error("failed to update password") - return err - } - - return a.validateResponse(resp, http.StatusOK) -} - func (a *APIAuthService) CreateGroup(ctx context.Context, group *model.Group) error { resp, err := a.apiClient.CreateGroupWithResponse(ctx, CreateGroupJSONRequestBody{ Id: group.DisplayName, diff --git a/webui/src/lib/api/index.js b/webui/src/lib/api/index.js index efd10c7108d..c6b6e604317 100644 --- a/webui/src/lib/api/index.js +++ b/webui/src/lib/api/index.js @@ -138,36 +138,6 @@ class Auth { } } - async updatePasswordByToken(token, newPassword, email) { - const response = await fetch(`${API_ENDPOINT}/auth/password`, { - headers: new Headers(defaultAPIHeaders), - method: 'POST', - body: JSON.stringify({token: token, newPassword: newPassword, email: email}) - }); - - if (response.status === 401) { - throw new AuthorizationError('user unauthorized'); - } - if (response.status !== 201) { - throw new Error('failed to update password'); - } - } - - async passwordForgot(email) { - const response = await fetch(`${API_ENDPOINT}/auth/password/forgot`, { - headers: new Headers(defaultAPIHeaders), - method: 'POST', - body: JSON.stringify({email: email}) - }); - - if (response.status === 400) { - throw new BadRequestError("invalid email"); - } - if (response.status !== 204) { - throw new Error('failed to request password reset'); - } - } - async login(accessKeyId, secretAccessKey) { const response = await fetch(`${API_ENDPOINT}/auth/login`, { headers: new Headers(defaultAPIHeaders), diff --git a/webui/src/pages/auth/index.jsx b/webui/src/pages/auth/index.jsx index 41858e523e3..0ff37acb707 100644 --- a/webui/src/pages/auth/index.jsx +++ b/webui/src/pages/auth/index.jsx @@ -6,7 +6,6 @@ import GroupsIndexPage from "./groups"; import UsersIndexPage from "./users"; import PoliciesIndexPage from "./policies"; import LoginPage from "./login"; -import ResetPasswordPage from "./reset-password"; import ActivateInvitedUserPage from "./users/create-user-with-password"; const Auth = () => { @@ -14,7 +13,6 @@ const Auth = () => { } /> } /> - } /> } /> } /> } /> diff --git a/webui/src/pages/auth/login.tsx b/webui/src/pages/auth/login.tsx index a3f2aca2ba9..37fcc1e42c6 100644 --- a/webui/src/pages/auth/login.tsx +++ b/webui/src/pages/auth/login.tsx @@ -27,9 +27,8 @@ const LoginForm = ({loginConfig}: {loginConfig: LoginConfig}) => { return null; } - const showResetPwd = !error && response && response.forgot_password; - const usernamePlaceholder = showResetPwd ? "Email / Access Key ID" : "Access Key ID" - const passwordPlaceholder = showResetPwd ? "Password / Secret Access Key" : "Secret Access Key" + const usernamePlaceholder = "Access Key ID" + const passwordPlaceholder = "Secret Access Key" const { next } = router.query; return ( @@ -65,10 +64,6 @@ const LoginForm = ({loginConfig}: {loginConfig: LoginConfig}) => {
- { showResetPwd ? - - : "" - } { loginConfig.fallback_login_url ? - - - - - - ); - } -} - -const ResetEmailSent = () => { - return ( -
-
- -
-
- Password reset request started.
Please check your email and follow the instructions. -
-
- ) -} - -const ResetPasswordForm = ({token}) => { - const router = useRouter(); - - const onConfirmPasswordChange = () => { - setPwdConfirmValid(true) - if (newPwdField.current !== null) { - const isPasswordMatch = newPwdField.current.value === confirmPasswordField.current.value; - setPwdConfirmValid(isPasswordMatch); - setFormValid(isPasswordMatch) - } - }; - - const [formValid, setFormValid] = useState(false); - const [pwdConfirmValid, setPwdConfirmValid] = useState(null); - - const [resetPwdError, setResetPwdError] = useState(null); - const newPwdField = useRef(null); - const confirmPasswordField = useRef(null); - - return ( - - - - Reset Password - -
{ - e.preventDefault() - try { - setResetPwdError(null); - await auth.updatePasswordByToken(token, e.target.newPassword.value) - router.push('/auth/login'); - } catch (err) { - setResetPwdError(err); - } - }}> - - - - - - - {pwdConfirmValid === false && - - Your password and confirmation password do not match. - - } - - - {(!!resetPwdError) && } - - - -
- - - - ); -} - -const ResetPasswordPage = () => { - const queryString = window.location.search; - const params = new URLSearchParams(queryString); - const token = params.get(TOKEN_PARAM_NAME); - return ( - - {token - ? - : - } - - ); -}; - -export default ResetPasswordPage;