You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The oauth2 hex package is only used today by an older OIDC login implementation under lib/lightning/auth_providers/. The credential OAuth flow has been on Tesla (via OauthHTTPClient) for a while. This ticket retires the package once the audit in #4702 confirms no one's using the per-instance OIDC login in production.
What to remove
The oauth2 dependency in mix.exs.
Lightning.AuthProviders.Handler, Common, Google, Salesforce, OAuthBehaviour. The last three already have zero callers in lib/ or test/.
The cache pieces (Store, CacheWarmer) that warm a single row from the auth_providers table.
The auth_providers DB table.
The login portion of LightningWeb.OidcController (the show/2 action and the first clause of new/2), the auth_handler_url/0 button on /users/log_in, and the admin LiveView at /settings/authentication.
What to keep
The other two clauses of OidcController.new/2 handle the popup callback for the credential OAuth flow at /authenticate/callback. They're alive and OauthHTTPClient depends on them. Move them to a clearer module before deleting OidcController.
The
oauth2hex package is only used today by an older OIDC login implementation underlib/lightning/auth_providers/. The credential OAuth flow has been on Tesla (viaOauthHTTPClient) for a while. This ticket retires the package once the audit in #4702 confirms no one's using the per-instance OIDC login in production.What to remove
oauth2dependency inmix.exs.Lightning.AuthProviders.Handler,Common,Google,Salesforce,OAuthBehaviour. The last three already have zero callers inlib/ortest/.Store,CacheWarmer) that warm a single row from theauth_providerstable.auth_providersDB table.LightningWeb.OidcController(theshow/2action and the first clause ofnew/2), theauth_handler_url/0button on/users/log_in, and the admin LiveView at/settings/authentication.What to keep
The other two clauses of
OidcController.new/2handle the popup callback for the credential OAuth flow at/authenticate/callback. They're alive andOauthHTTPClientdepends on them. Move them to a clearer module before deletingOidcController.Order
RouteHelpers.oidc_callback_url/0.oauth2dep.