diff --git a/libs/common/src/auth/services/token.service.spec.ts b/libs/common/src/auth/services/token.service.spec.ts index 6fcc73a0c30..f4f24f99e9d 100644 --- a/libs/common/src/auth/services/token.service.spec.ts +++ b/libs/common/src/auth/services/token.service.spec.ts @@ -2855,12 +2855,7 @@ describe("TokenService", () => { const vaultTimeoutAction: VaultTimeoutAction = VaultTimeoutAction.Lock; const vaultTimeout: VaultTimeout = null; // Act - const result = tokenService.determineStorageLocation( - vaultTimeoutAction, - vaultTimeout, - false, - true, - ); + const result = tokenService.determineStorageLocation(vaultTimeoutAction, vaultTimeout, false); // Assert await expect(result).rejects.toThrow( "TokenService - determineStorageLocation: We expect the vault timeout to always exist at this point.", @@ -2872,12 +2867,7 @@ describe("TokenService", () => { const vaultTimeoutAction: VaultTimeoutAction = null; const vaultTimeout: VaultTimeout = 0; // Act - const result = tokenService.determineStorageLocation( - vaultTimeoutAction, - vaultTimeout, - false, - true, - ); + const result = tokenService.determineStorageLocation(vaultTimeoutAction, vaultTimeout, false); // Assert await expect(result).rejects.toThrow( "TokenService - determineStorageLocation: We expect the vault timeout action to always exist at this point.", @@ -2911,7 +2901,6 @@ describe("TokenService", () => { vaultTimeoutAction, vaultTimeout, useSecureStorage, - true, ); // Assert expect(result).toEqual(TokenStorageLocation.Memory); @@ -2929,7 +2918,6 @@ describe("TokenService", () => { vaultTimeoutAction, vaultTimeout, useSecureStorage, - true, ); // Assert expect(result).toEqual(TokenStorageLocation.Disk); @@ -2946,7 +2934,6 @@ describe("TokenService", () => { vaultTimeoutAction, vaultTimeout, useSecureStorage, - true, ); // Assert expect(result).toEqual(TokenStorageLocation.Disk); @@ -2981,7 +2968,6 @@ describe("TokenService", () => { vaultTimeoutAction, vaultTimeout, useSecureStorage, - true, ); // Assert expect(result).toEqual(TokenStorageLocation.Memory); @@ -2998,7 +2984,6 @@ describe("TokenService", () => { vaultTimeoutAction, vaultTimeout, useSecureStorage, - true, ); // Assert expect(result).toEqual(TokenStorageLocation.SecureStorage); @@ -3014,44 +2999,11 @@ describe("TokenService", () => { vaultTimeoutAction, vaultTimeout, useSecureStorage, - true, ); // Assert expect(result).toEqual(TokenStorageLocation.SecureStorage); }); }); - - describe("Secure storage usage is not-preferred", () => { - beforeEach(() => { - tokenService = createTokenService({ - type: "not-preferred", - service: secureStorageService, - reason: "test", - }); - }); - - it("does use secure storage when used only for reading and clearing", async () => { - const [result, service] = await tokenService.determineStorageLocation( - VaultTimeoutAction.Lock, - VaultTimeoutStringType.OnRestart, - true, - true, - ); - expect(result).toEqual(TokenStorageLocation.SecureStorage); - expect(service).not.toBeNull(); - }); - - it("does use secure storage when used only for reading and clearing", async () => { - const [result, service] = await tokenService.determineStorageLocation( - VaultTimeoutAction.Lock, - VaultTimeoutStringType.OnRestart, - true, - false, - ); - expect(result).toEqual(TokenStorageLocation.Disk); - expect(service).toBeNull(); - }); - }); }); // Helpers diff --git a/libs/common/src/auth/services/token.service.ts b/libs/common/src/auth/services/token.service.ts index 7802af7424f..26f2368a57b 100644 --- a/libs/common/src/auth/services/token.service.ts +++ b/libs/common/src/auth/services/token.service.ts @@ -338,7 +338,6 @@ export class TokenService implements TokenServiceAbstraction { vaultTimeoutAction, vaultTimeout, true, - accessToken == null, // if the access token we are about to set is null then we are using this for clearing ); switch (storageLocation) { @@ -563,7 +562,6 @@ export class TokenService implements TokenServiceAbstraction { vaultTimeoutAction, vaultTimeout, true, - refreshToken == null, // if the refresh token we are about to set is null then we are using this for clearing ); switch (storageLocation) { @@ -743,7 +741,6 @@ export class TokenService implements TokenServiceAbstraction { vaultTimeoutAction, vaultTimeout, false, // don't use secure storage for client id - false, // value doesn't matter since useSecureStorage is false ); if (storageLocation === TokenStorageLocation.Disk) { @@ -820,7 +817,6 @@ export class TokenService implements TokenServiceAbstraction { vaultTimeoutAction, vaultTimeout, false, // don't use secure storage for client secret - false, // Value doesn't matter since useSecureStorage is false ); if (storageLocation === TokenStorageLocation.Disk) { @@ -1114,7 +1110,6 @@ export class TokenService implements TokenServiceAbstraction { vaultTimeoutAction: VaultTimeoutAction, vaultTimeout: VaultTimeout, useSecureStorage: boolean, - forReadingOrClearing: boolean, ): Promise< | [TokenStorageLocation.SecureStorage, AbstractStorageService] | [TokenStorageLocation.Disk | TokenStorageLocation.Memory, null] @@ -1141,15 +1136,6 @@ export class TokenService implements TokenServiceAbstraction { // Check support status const secureStorageSupport = await firstValueFrom(this.secureStorageService.support$); - // If we only need secure storage for reading or clearing, then we are allowed to - // make use of secure storage even when it isn't preferred - if (forReadingOrClearing) { - return secureStorageSupport.type === "supported" || - secureStorageSupport.type === "not-preferred" - ? [TokenStorageLocation.SecureStorage, secureStorageSupport.service] - : [TokenStorageLocation.Disk, null]; - } - // They are attempting to write real data to secure storage, ensure // it is full supported return secureStorageSupport.type === "supported"