okta: removing /me check (#413)

Trusting session cache and removing check with api
Brightspace · Oct 30, 2023 · 76ef79b · 76ef79b
1 parent fd271e0
commit 76ef79b
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 20 deletions.
diff --git a/src/D2L.Bmx/Okta/OktaApi.cs b/src/D2L.Bmx/Okta/OktaApi.cs
@@ -18,7 +18,6 @@ Task<AuthenticateResponse> VerifyMfaChallengeResponseAsync(
 	Task<OktaSession> CreateSessionAsync( string sessionToken );
 	Task<OktaApp[]> GetAwsAccountAppsAsync();
 	Task<string> GetPageAsync( string samlLoginUrl );
-	Task<string?> GetCurrentUserIdAsync( string sessionId );
 }
 
 internal class OktaApi : IOktaApi {
@@ -175,19 +174,4 @@ async Task<OktaApp[]> IOktaApi.GetAwsAccountAppsAsync() {
 	async Task<string> IOktaApi.GetPageAsync( string samlLoginUrl ) {
 		return await _httpClient.GetStringAsync( samlLoginUrl );
 	}
-
-	async Task<string?> IOktaApi.GetCurrentUserIdAsync( string sessionId ) {
-		try {
-			using var meResponse = await _httpClient.GetAsync( "users/me" );
-			if( !meResponse.IsSuccessStatusCode ) {
-				return null;
-			}
-			var me = await meResponse.Content.ReadFromJsonAsync( SourceGenerationContext.Default.OktaMeResponse );
-			return me?.Id;
-		} catch( HttpRequestException ) {
-			return null;
-		} catch( JsonException ) {
-			return null;
-		}
-	}
 }
diff --git a/src/D2L.Bmx/OktaAuthenticator.cs b/src/D2L.Bmx/OktaAuthenticator.cs
@@ -43,7 +43,7 @@ bool ignoreCache
 
 		oktaApi.SetOrganization( org );
 
-		if( !ignoreCache && await TryAuthenticateFromCacheAsync( org, user, oktaApi ) ) {
+		if( !ignoreCache && TryAuthenticateFromCache( org, user, oktaApi ) ) {
 			return new AuthenticatedOktaApi( Org: org, User: user, Api: oktaApi );
 		}
 		if( nonInteractive ) {
@@ -89,7 +89,7 @@ bool ignoreCache
 		throw new BmxException( "Okta authentication failed" );
 	}
 
-	private async Task<bool> TryAuthenticateFromCacheAsync(
+	private bool TryAuthenticateFromCache(
 		string org,
 		string user,
 		IOktaApi oktaApi
@@ -100,8 +100,7 @@ IOktaApi oktaApi
 		}
 
 		oktaApi.AddSession( sessionId );
-		string? userId = await oktaApi.GetCurrentUserIdAsync( sessionId );
-		return !string.IsNullOrEmpty( userId );
+		return true;
 	}
 
 	private void CacheOktaSession( string userId, string org, string sessionId, DateTimeOffset expiresAt ) {