refactor: removed unused Support Token functionality

.env.example

@@ -34,11 +34,6 @@ FF_IO_SIGN_ENABLED=1
 FF_IO_WALLET_ENABLED=1
 FF_IO_WALLET_TRIAL_ENABLED=1
 
-JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY="-----BEGIN RSA PRIVATE KEY-----\n
-<APrivateRSAKEY>\n
------END RSA PRIVATE KEY-----"
-JWT_SUPPORT_TOKEN_ISSUER=io-backend
-
 # ------------------------------------
 # FnAppMessages Env Variables
 # ------------------------------------

src/app.ts

@@ -95,7 +95,6 @@ import {
 import ServicesAppBackendController from "./controllers/serviceAppBackendController";
 import SessionLockController from "./controllers/sessionLockController";
 import { getUserForMyPortal } from "./controllers/ssoController";
-import SupportController from "./controllers/supportController";
 import UserDataProcessingController from "./controllers/userDataProcessingController";
 import { ISessionStorage } from "./services/ISessionStorage";
 import AuthenticationLockService from "./services/authenticationLockService";
@@ -460,7 +459,6 @@ export async function newApp({
           PAGOPA_PROXY_SERVICE,
           USER_METADATA_STORAGE,
           USER_DATA_PROCESSING_SERVICE,
-          TOKEN_SERVICE,
           authMiddlewares.bearerSession,
           LOLLIPOP_API_CLIENT
         );
@@ -723,7 +721,6 @@ function registerAPIRoutes(
   pagoPaProxyService: PagoPAProxyService,
   userMetadataStorage: RedisUserMetadataStorage,
   userDataProcessingService: UserDataProcessingService,
-  tokenService: TokenService,
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
   bearerSessionTokenAuth: any,
   lollipopClient: ReturnType<typeof LollipopApiClient>
@@ -762,10 +759,6 @@ function registerAPIRoutes(
   const userDataProcessingController: UserDataProcessingController =
     new UserDataProcessingController(userDataProcessingService);
 
-  const supportController: SupportController = new SupportController(
-    tokenService
-  );
-
   app.get(
     `${basePath}/profile`,
     bearerSessionTokenAuth,
@@ -962,12 +955,6 @@ function registerAPIRoutes(
       pagoPAProxyController
     )
   );
-
-  app.get(
-    `${basePath}/token/support`,
-    bearerSessionTokenAuth,
-    toExpressHandler(supportController.getSupportToken, supportController)
-  );
 }
 
 // eslint-disable-next-line max-params

src/config.ts

@@ -401,44 +401,6 @@ export const FF_IO_SIGN_ENABLED = process.env.FF_IO_SIGN_ENABLED === "1";
 export const FF_EUCOVIDCERT_ENABLED =
   process.env.FF_EUCOVIDCERT_ENABLED === "1";
 
-// Support Token
-export const JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY = pipe(
-  process.env.JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY,
-  NonEmptyString.decode,
-  E.getOrElseW((errs) => {
-    log.error(
-      `Missing or invalid JWT_SUPPORT_TOKEN_PRIVATE_RSA_KEY environment variable: ${readableReport(
-        errs
-      )}`
-    );
-    return process.exit(1);
-  })
-);
-export const JWT_SUPPORT_TOKEN_ISSUER = pipe(
-  process.env.JWT_SUPPORT_TOKEN_ISSUER,
-  NonEmptyString.decode,
-  E.getOrElseW((errs) => {
-    log.error(
-      `Missing or invalid JWT_SUPPORT_TOKEN_ISSUER environment variable: ${readableReport(
-        errs
-      )}`
-    );
-    return process.exit(1);
-  })
-);
-
-const DEFAULT_JWT_SUPPORT_TOKEN_EXPIRATION = 604800 as Second;
-export const JWT_SUPPORT_TOKEN_EXPIRATION: Second = pipe(
-  process.env.JWT_SUPPORT_TOKEN_EXPIRATION,
-  IntegerFromString.decode,
-  E.getOrElseW(() => DEFAULT_JWT_SUPPORT_TOKEN_EXPIRATION)
-) as Second;
-
-log.info(
-  "JWT support token expiration set to %s seconds",
-  JWT_SUPPORT_TOKEN_EXPIRATION
-);
-
 export const TEST_CGN_FISCAL_CODES = pipe(
   process.env.TEST_CGN_FISCAL_CODES || "",
   CommaSeparatedListOf(FiscalCode).decode,

src/services/__tests__/tokenService.test.ts

@@ -13,15 +13,6 @@ const aLastname = "Rossi" as NonEmptyString;
 const aFiscalCode = "AAAAAAAAAAAAAAA" as FiscalCode;
 const anEmailAddress = "[email protected]" as EmailString;
 const aSharedSecret = "ASHAREDSECRET123" as NonEmptyString;
-const aPrivateRsaKey = `-----BEGIN RSA PRIVATE KEY-----
-MIIBOgIBAAJBAPX91rBDbLk5Pr0/lf4y1a8oz75sYa+slTqpfVHUrYb22qy4rY6Z
-B0rXvTeLPgCAXUfGFJu4qSJcbu7yhBrPx30CAwEAAQJBALRCvEVUU2L0IRabdvXd
-GJuP45ReZcNPS9e+BhimKjcgVFmyrpmiItNBHKFyTM8uL8dHXen1ReUgZOHcPKpV
-MF0CIQD8KxN+ZhrxPIMPEJJJOO/Pn4y3iZRowulkaFDFUMUzzwIhAPm6vD95LAJW
-DyC2relGDbA6h/YrBg38fcr1KQgxe0bzAiAcUL30oIR/+BqDU4oJnNIYz0KezV0T
-0mcgtjHzphkuswIgXbRK1IpUECBYls7VHNXTZw/fWmg0YmUeklxBZDik6C8CIBXl
-niQ7qszA7Uel9+wv2DwzWj+8OUcRzJAGOVD8cy2S
------END RSA PRIVATE KEY-----` as NonEmptyString;
 const tokenTtl = 60 as Second;
 const aTokenIssuer = "ISSUER" as NonEmptyString;
 
@@ -52,32 +43,6 @@ describe("TokenService#getNewTokenAsync", () => {
   });
 });
 
-describe("TokenService#getSupportToken", () => {
-  it("should generate a new support token", async () => {
-    // generate new token
-    const tokenService = new TokenService();
-    const errorOrNewJwtToken = await tokenService.getJwtSupportToken(
-      aPrivateRsaKey,
-      aFiscalCode,
-      tokenTtl,
-      aTokenIssuer
-    )();
-    expect(E.isRight(errorOrNewJwtToken)).toBeTruthy();
-  });
-
-  it("should return an error if an error occurs during token generation", async () => {
-    // generate new token
-    const tokenService = new TokenService();
-    const errorOrNewJwtToken = await tokenService.getJwtSupportToken(
-      "aPrivateRsaKey" as NonEmptyString,
-      aFiscalCode,
-      tokenTtl,
-      aTokenIssuer
-    )();
-    expect(E.isLeft(errorOrNewJwtToken)).toBeTruthy();
-  });
-});
-
 describe("TokenService#getZendeskSupportToken", () => {
   it("should generate a new zendesk support token", async () => {
     // generate new token

src/services/tokenService.ts

@@ -37,38 +37,6 @@ export default class TokenService {
     return asyncRandomBytes(length).then((_) => _.toString("hex"));
   }
 
-  /**
-   * Generates a new support token containing the logged user's fiscalCode.
-   *
-   * @param privateKey: The RSA's private key used to sign this JWT token
-   * @param fiscalCode: The logged user's FiscalCode
-   * @param tokenTtl: Token Time To live (expressed in seconds)
-   * @param issuer: The Token issuer
-   */
-  public getJwtSupportToken(
-    privateKey: NonEmptyString,
-    fiscalCode: FiscalCode,
-    tokenTtl: Second,
-    issuer: NonEmptyString
-  ): TaskEither<Error, string> {
-    return pipe(
-      TE.taskify<Error, string>((cb) =>
-        jwt.sign(
-          { fiscalCode },
-          privateKey,
-          {
-            algorithm: "RS256",
-            expiresIn: `${tokenTtl} seconds`,
-            issuer,
-            jwtid: ulid(),
-          },
-          cb
-        )
-      )(),
-      TE.mapLeft(E.toError)
-    );
-  }
-
   /**
    * Generates a new zendesk support token containing the logged user's fiscalCode and email address.
    *