chore(oidc): remove legacy storage methods (#10061)

# Which Problems Are Solved Stabilize the optimized introspection code and cleanup unused code. # How the Problems Are Solved - `oidc_legacy_introspection` feature flag is removed and reserved. - `OPStorage` which are no longer needed have their bodies removed. - The method definitions need to remain in place so the interface remains implemented. - A panic is thrown in case any such method is still called # Additional Changes - A number of `OPStorage` methods related to token creation were already unused. These are also cleaned up. # Additional Context - Closes #10027 - #7822 --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 21:17:32 +00:00 · 2025-06-26 11:08:37 +03:00
parent 27f88a6390
commit 1ebbe275b9
71 changed files with 143 additions and 1884 deletions
--- a/internal/api/oidc/integration_test/token_exchange_test.go
+++ b/internal/api/oidc/integration_test/token_exchange_test.go
@@ -52,13 +52,6 @@ func setTokenExchangeFeature(t *testing.T, instance *integration.Instance, value
 	time.Sleep(time.Second)
 }

-func resetFeatures(t *testing.T, instance *integration.Instance) {
-	iamCTX := instance.WithAuthorization(CTX, integration.UserTypeIAMOwner)
-	_, err := instance.Client.FeatureV2.ResetInstanceFeatures(iamCTX, &feature.ResetInstanceFeaturesRequest{})
-	require.NoError(t, err)
-	time.Sleep(time.Second)
-}
-
 func setImpersonationPolicy(t *testing.T, instance *integration.Instance, value bool) {
 	iamCTX := instance.WithAuthorization(CTX, integration.UserTypeIAMOwner)

--- a/internal/api/oidc/integration_test/userinfo_test.go
+++ b/internal/api/oidc/integration_test/userinfo_test.go
@@ -34,22 +34,11 @@ func TestServer_UserInfo(t *testing.T) {
 	})
 	tests := []struct {
 		name    string
-		legacy  bool
 		trigger bool
 		webKey  bool
 	}{
 		{
-			name:   "legacy enabled",
-			legacy: true,
-		},
-		{
-			name:    "legacy disabled, trigger disabled",
-			legacy:  false,
-			trigger: false,
-		},
-		{
-			name:    "legacy disabled, trigger enabled",
-			legacy:  false,
+			name:    "trigger enabled",
 			trigger: true,
 		},

@@ -59,7 +48,6 @@ func TestServer_UserInfo(t *testing.T) {
 		// - By calling userinfo with the access token as JWT, the Token Verifier with the public key cache is tested.
 		{
 			name:    "web keys",
-			legacy:  false,
 			trigger: false,
 			webKey:  true,
 		},
@@ -68,7 +56,6 @@ func TestServer_UserInfo(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			_, err := Instance.Client.FeatureV2.SetInstanceFeatures(iamOwnerCTX, &feature.SetInstanceFeaturesRequest{
-				OidcLegacyIntrospection:             &tt.legacy,
 				OidcTriggerIntrospectionProjections: &tt.trigger,
 				WebKey:                              &tt.webKey,
 			})