Remove more unused APIs (#3537)

* Remove more unused APIs

* prettier

* Fix Test

* Fix tests

* Remove SSO Integreation

* fix tests

* lint

Author: dvaldivia

.github/workflows/jobs.yaml

@@ -140,56 +140,6 @@ test-replication:
 	@(docker stop minio2 || true)
 	@(docker network rm mynet123 || true)
 
-test-sso-integration:
-	@echo "create the network in bridge mode to communicate all containers"
-	@(docker network create my-net)
-	@echo "run openldap container using MinIO Image: quay.io/minio/openldap:latest"
-	@(docker run \
-		-e LDAP_ORGANIZATION="MinIO Inc" \
-		-e LDAP_DOMAIN="min.io" \
-		-e LDAP_ADMIN_PASSWORD="admin" \
-		--network my-net \
-		-p 389:389 \
-		-p 636:636 \
-		--name openldap \
-		--detach quay.io/minio/openldap:latest)
-	@echo "Run Dex container using MinIO Image: quay.io/minio/dex:latest"
-	@(docker run \
-		-e DEX_ISSUER=http://dex:5556/dex \
-		-e DEX_CLIENT_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
-		-e DEX_LDAP_SERVER=openldap:389 \
-		--network my-net \
-		-p 5556:5556 \
-		--name dex \
-		--detach quay.io/minio/dex:latest)
-	@echo "running minio server"
-	@(docker run \
-	-v /data1 -v /data2 -v /data3 -v /data4 \
-	--network my-net \
-	-d \
-	--name minio \
-	--rm \
-	-p 9000:9000 \
-	-p 9001:9001 \
-	-e MINIO_IDENTITY_OPENID_CLIENT_ID="minio-client-app" \
-	-e MINIO_IDENTITY_OPENID_CLIENT_SECRET="minio-client-app-secret" \
-	-e MINIO_IDENTITY_OPENID_CLAIM_NAME=name \
-	-e MINIO_IDENTITY_OPENID_CONFIG_URL=http://dex:5556/dex/.well-known/openid-configuration \
-	-e MINIO_IDENTITY_OPENID_REDIRECT_URI=http://127.0.0.1:9090/oauth_callback \
-	-e MINIO_ROOT_USER=minio \
-	-e MINIO_ROOT_PASSWORD=minio123 $(MINIO_VERSION) server /data{1...4} --address :9000 --console-address :9001)
-	@echo "run mc commands to set the policy"
-	@(docker run --name minio-client --network my-net -dit --entrypoint=/bin/sh minio/mc)
-	@(docker exec minio-client mc alias set myminio/ http://minio:9000 minio minio123)
-	@echo "adding policy to Dillon Harper to be able to login:"
-	@(cd sso-integration && docker cp allaccess.json minio-client:/ && docker exec minio-client mc admin policy create myminio "Dillon Harper" allaccess.json)
-	@echo "starting bash script"
-	@(env bash $(PWD)/sso-integration/set-sso.sh)
-	@echo "add python module"
-	@(pip3 install bs4)
-	@echo "Executing the test:"
-	@(cd sso-integration && go test -coverpkg=../api -c -tags testrunmain . && mkdir -p coverage && ./sso-integration.test -test.v -test.run "^Test*" -test.coverprofile=coverage/sso-system.out)
-
 test-permissions-1:
 	@(docker run -v /data1 -v /data2 -v /data3 -v /data4 -d --name minio --rm -p 9000:9000 quay.io/minio/minio:latest server /data{1...4})
 	@(env bash $(PWD)/web-app/tests/scripts/permissions.sh "web-app/tests/permissions-1/")

Makefile

@@ -31,8 +31,6 @@ import (
 
 	"github.com/minio/console/models"
 	"github.com/minio/console/pkg"
-	"github.com/minio/console/pkg/auth"
-	"github.com/minio/console/pkg/auth/ldap"
 	xjwt "github.com/minio/console/pkg/auth/token"
 	mc "github.com/minio/mc/cmd"
 	"github.com/minio/mc/pkg/probe"
@@ -333,44 +331,6 @@ func stsCredentials(minioURL, accessKey, secretKey, location string, client *htt
 func NewConsoleCredentials(accessKey, secretKey, location string, client *http.Client) (*credentials.Credentials, error) {
 	minioURL := getMinIOServer()
 
-	// LDAP authentication for Console
-	if ldap.GetLDAPEnabled() {
-		creds, err := auth.GetCredentialsFromLDAP(client, minioURL, accessKey, secretKey)
-		if err != nil {
-			return nil, err
-		}
-
-		credContext := &credentials.CredContext{
-			Client: client,
-		}
-
-		// We verify if LDAP credentials are correct and no error is returned
-		_, err = creds.GetWithContext(credContext)
-
-		if err != nil && strings.Contains(strings.ToLower(err.Error()), "not found") {
-			// We try to use STS Credentials in case LDAP credentials are incorrect.
-			stsCreds, errSTS := stsCredentials(minioURL, accessKey, secretKey, location, client)
-
-			// If there is an error with STS too, then we return the original LDAP error
-			if errSTS != nil {
-				LogError("error in STS credentials for LDAP case: %v ", errSTS)
-
-				// We return LDAP result
-				return creds, nil
-			}
-
-			_, err := stsCreds.GetWithContext(credContext)
-			// There is an error with STS credentials, We return the result of LDAP as STS is not a priority in this case.
-			if err != nil {
-				return creds, nil
-			}
-
-			return stsCreds, nil
-		}
-
-		return creds, nil
-	}
-
 	return stsCredentials(minioURL, accessKey, secretKey, location, client)
 }
 

api/client.go

@@ -227,11 +227,6 @@ func GetSecureSTSPreload() bool {
 	return strings.ToLower(env.Get(ConsoleSecureSTSPreload, "off")) == "on"
 }
 
-// If TLSTemporaryRedirect is true, the a 302 will be used while redirecting. Default is false (301).
-func GetSecureTLSTemporaryRedirect() bool {
-	return strings.ToLower(env.Get(ConsoleSecureTLSTemporaryRedirect, "off")) == "on"
-}
-
 // STS header is only included when the connection is HTTPS.
 func GetSecureForceSTSHeader() bool {
 	return strings.ToLower(env.Get(ConsoleSecureForceSTSHeader, "off")) == "on"
@@ -254,18 +249,6 @@ func getLogSearchAPIToken() string {
 	return env.Get(LogSearchQueryAuthToken, "")
 }
 
-func getLogSearchURL() string {
-	return env.Get(ConsoleLogQueryURL, "")
-}
-
-func getPrometheusURL() string {
-	return env.Get(PrometheusURL, "")
-}
-
-func getPrometheusJobID() string {
-	return env.Get(PrometheusJobID, "minio-job")
-}
-
 func getMaxConcurrentUploadsLimit() int64 {
 	cu, err := strconv.ParseInt(env.Get(ConsoleMaxConcurrentUploads, "10"), 10, 64)
 	if err != nil {

api/config.go

@@ -227,72 +227,6 @@ func Test_getLogSearchAPIToken(t *testing.T) {
 	}
 }
 
-func Test_getPrometheusURL(t *testing.T) {
-	type args struct {
-		env string
-	}
-	tests := []struct {
-		name string
-		args args
-		want string
-	}{
-		{
-			name: "env set",
-			args: args{
-				env: "value",
-			},
-			want: "value",
-		},
-		{
-			name: "env not set",
-			args: args{
-				env: "",
-			},
-			want: "",
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(_ *testing.T) {
-			os.Setenv(PrometheusURL, tt.args.env)
-			assert.Equalf(t, tt.want, getPrometheusURL(), "getPrometheusURL()")
-			os.Setenv(PrometheusURL, tt.args.env)
-		})
-	}
-}
-
-func Test_getPrometheusJobID(t *testing.T) {
-	type args struct {
-		env string
-	}
-	tests := []struct {
-		name string
-		args args
-		want string
-	}{
-		{
-			name: "env set",
-			args: args{
-				env: "value",
-			},
-			want: "value",
-		},
-		{
-			name: "env not set",
-			args: args{
-				env: "",
-			},
-			want: "minio-job",
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(_ *testing.T) {
-			os.Setenv(PrometheusJobID, tt.args.env)
-			assert.Equalf(t, tt.want, getPrometheusJobID(), "getPrometheusJobID()")
-			os.Setenv(PrometheusJobID, tt.args.env)
-		})
-	}
-}
-
 func Test_getMaxConcurrentUploadsLimit(t *testing.T) {
 	type args struct {
 		env string

api/config_test.go

@@ -20,7 +20,6 @@ package api
 const (
 	// Constants for common configuration
 	ConsoleMinIOServer = "CONSOLE_MINIO_SERVER"
-	ConsoleSubnetProxy = "CONSOLE_SUBNET_PROXY"
 	ConsoleMinIORegion = "CONSOLE_MINIO_REGION"
 	ConsoleHostname    = "CONSOLE_HOSTNAME"
 	ConsolePort        = "CONSOLE_PORT"
@@ -40,16 +39,9 @@ const (
 	ConsoleSecureSTSPreload                      = "CONSOLE_SECURE_STS_PRELOAD"
 	ConsoleSecureTLSRedirect                     = "CONSOLE_SECURE_TLS_REDIRECT"
 	ConsoleSecureTLSHost                         = "CONSOLE_SECURE_TLS_HOST"
-	ConsoleSecureTLSTemporaryRedirect            = "CONSOLE_SECURE_TLS_TEMPORARY_REDIRECT"
 	ConsoleSecureForceSTSHeader                  = "CONSOLE_SECURE_FORCE_STS_HEADER"
-	ConsoleSecurePublicKey                       = "CONSOLE_SECURE_PUBLIC_KEY"
 	ConsoleSecureReferrerPolicy                  = "CONSOLE_SECURE_REFERRER_POLICY"
 	ConsoleSecureFeaturePolicy                   = "CONSOLE_SECURE_FEATURE_POLICY"
-	ConsoleSecureExpectCTHeader                  = "CONSOLE_SECURE_EXPECT_CT_HEADER"
-	PrometheusURL                                = "CONSOLE_PROMETHEUS_URL"
-	PrometheusAuthToken                          = "CONSOLE_PROMETHEUS_AUTH_TOKEN"
-	PrometheusJobID                              = "CONSOLE_PROMETHEUS_JOB_ID"
-	PrometheusExtraLabels                        = "CONSOLE_PROMETHEUS_EXTRA_LABELS"
 	ConsoleLogQueryURL                           = "CONSOLE_LOG_QUERY_URL"
 	ConsoleLogQueryAuthToken                     = "CONSOLE_LOG_QUERY_AUTH_TOKEN"
 	ConsoleMaxConcurrentUploads                  = "CONSOLE_MAX_CONCURRENT_UPLOADS"