From e4cf37c6256aeec0c84db3cb606497796467164b Mon Sep 17 00:00:00 2001
From: Ethan Paul <e@enp.one>
Date: Sun, 23 Feb 2020 15:41:25 -0500
Subject: [PATCH] Remove unnecessary infrastructure from token model

---
 keyosk/database/token.py | 71 ----------------------------------------
 1 file changed, 71 deletions(-)

diff --git a/keyosk/database/token.py b/keyosk/database/token.py
index 2c3c7e0..adb96b2 100644
--- a/keyosk/database/token.py
+++ b/keyosk/database/token.py
@@ -1,16 +1,12 @@
 """Access token model definition"""
 import datetime
 import json
-import secrets
-from collections import OrderedDict
-from typing import Sequence
 
 import peewee
 
 from keyosk import datatypes
 from keyosk.database._shared import KeyoskBaseModel
 from keyosk.database.account import Account
-from keyosk.database.account_acl import AccountACLEntry
 from keyosk.database.domain import Domain
 
 
@@ -56,70 +52,3 @@ class Token(KeyoskBaseModel):
     def claims(self, value: datatypes.TokenClaims):
         """Set the claims dictionary"""
         self._claims = json.dumps(value)
-
-    def make_public_claims(self):
-        """Generate the public JWT claims from current state data"""
-        return {
-            "jti": self.uuid,
-            "sub": self.account.username,
-            "aud": self.domain.audience,
-            "iss": self.issuer,
-            "exp": int(self.expires.timestamp()),  # pylint: disable=no-member
-            "iat": int(self.issued.timestamp()),  # pylint: disable=no-member
-        }
-
-    @classmethod
-    def factory(
-        cls,
-        account: Account,
-        domain: Domain,
-        issuer: str,
-        lifespan: datetime.timedelta,
-        permissions: Sequence[AccountACLEntry],
-        generate_refresh: bool,
-    ):
-        """Create a new token using provided data
-
-        This function is intentionally not documented, as I expect it will not survive
-        first contact with a practical implementation
-        """
-        new = cls(
-            account=account,
-            domain=domain,
-            issuer=issuer,
-            expires=(datetime.datetime.utcnow() + lifespan),
-            revoked=False,
-            refresh=secrets.token_urlsafe(42) if generate_refresh else None,
-        )
-
-        acls = {}
-        for permission in permissions:
-            # Note: Because we're relying on dictionary order here, we need to use
-            # ordered dict to support python3.6. Dictionaries remembering insertion
-            # order was officially implemented in 3.6, but not guaranteed until 3.7. So,
-            # technically, it would be fine to use a plain'ol'dictionary here, but to
-            # conform to best practices we use ordered dict for python3.6 support
-            # https://stackoverflow.com/questions/39980323/are-dictionaries-ordered-in-python-3-6
-            acls[permission.access_list.name] = OrderedDict(
-                {
-                    item.name: False
-                    for item in sorted(
-                        domain.permissions, key=lambda item: item.bitindex
-                    )
-                }
-            )
-
-        for permission in permissions:
-            acls[permission.access_list.name][permission.permission.name] = True
-
-        bitmasks = {
-            key: int("".join([str(int(item)) for item in value.values()]), 2)
-            for key, value in acls.items()
-        }
-
-        claims = new.make_public_claims()
-        claims.update({"ksk-pem": bitmasks})
-
-        new.claims = claims
-
-        return new