From 29314f31951e54ea5a5cb62d1db8e68a7774f84c Mon Sep 17 00:00:00 2001
From: Mateusz Mandera <mateusz.mandera@protonmail.com>
Date: Fri, 1 Nov 2019 05:12:11 +0100
Subject: [PATCH] api: Remove unused /get_auth_backends endpoint.

This legacy endpoint was designed for the original native Zulip mobile
apps, which were deprecated years ago in favor of the React Native
app.

It was replaced by /server_settings for active use years ago, so it's
safe to remove it now.
---
 zerver/tests/test_auth_backends.py | 84 ++++--------------------------
 zerver/tests/test_openapi.py       |  1 -
 zerver/views/auth.py               |  7 ---
 zproject/urls.py                   |  3 --
 4 files changed, 10 insertions(+), 85 deletions(-)

diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py
index 75744b491e..434c17ddfa 100644
--- a/zerver/tests/test_auth_backends.py
+++ b/zerver/tests/test_auth_backends.py
@@ -6,7 +6,7 @@ from django.test import override_settings
 from django_auth_ldap.backend import LDAPSearch, _LDAPUser
 from django.test.client import RequestFactory
 from django.utils.timezone import now as timezone_now
-from typing import Any, Callable, Dict, List, Optional, Set, Tuple
+from typing import Any, Callable, Dict, List, Optional, Tuple
 from django.core import signing
 from django.urls import reverse
 
@@ -24,7 +24,6 @@ from zerver.lib.actions import (
     do_deactivate_user,
     do_reactivate_realm,
     do_reactivate_user,
-    do_set_realm_authentication_methods,
     ensure_stream,
     validate_email,
 )
@@ -62,7 +61,6 @@ from zproject.backends import ZulipDummyBackend, EmailAuthBackend, \
 
 from zerver.views.auth import (maybe_send_to_registration,
                                _subdomain_token_salt)
-from version import ZULIP_VERSION
 
 from onelogin.saml2.auth import OneLogin_Saml2_Auth
 from onelogin.saml2.response import OneLogin_Saml2_Response
@@ -1878,78 +1876,16 @@ class FetchAuthBackends(ZulipTestCase):
             ('realm_icon', check_string),
         ])
 
-    def test_fetch_auth_backend_format(self) -> None:
-        expected_keys = {'msg', 'password', 'zulip_version', 'result'}
-        for backend_name_with_case in AUTH_BACKEND_NAME_MAP:
-            expected_keys.add(backend_name_with_case.lower())
+        # Verify invalid subdomain
+        result = self.client_get("/api/v1/server_settings",
+                                 subdomain="invalid")
+        self.assert_json_error_contains(result, "Invalid subdomain", 400)
 
-        result = self.client_get("/api/v1/get_auth_backends")
-        self.assert_json_success(result)
-        data = result.json()
-
-        self.assertEqual(set(data.keys()), expected_keys)
-        for backend in set(data.keys()) - {'msg', 'result', 'zulip_version'}:
-            self.assertTrue(isinstance(data[backend], bool))
-
-    def test_fetch_auth_backend(self) -> None:
-        def get_expected_result(expected_backends: Set[str], password_auth_enabled: bool=False) -> Dict[str, Any]:
-            result = {
-                'msg': '',
-                'result': 'success',
-                'password': password_auth_enabled,
-                'zulip_version': ZULIP_VERSION,
-            }
-            for backend_name_raw in AUTH_BACKEND_NAME_MAP:
-                backend_name = backend_name_raw.lower()
-                result[backend_name] = backend_name in expected_backends
-            return result
-
-        backends = [GoogleAuthBackend(), DevAuthBackend()]
-        with mock.patch('django.contrib.auth.get_backends', return_value=backends):
-            result = self.client_get("/api/v1/get_auth_backends")
-            self.assert_json_success(result)
-            data = result.json()
-            # Check that a few keys are present, to guard against
-            # AUTH_BACKEND_NAME_MAP being broken
-            self.assertIn("email", data)
-            self.assertIn("github", data)
-            self.assertIn("google", data)
-            self.assertEqual(data, get_expected_result({"google", "dev"}))
-
-            # Test subdomains cases
-            with self.settings(ROOT_DOMAIN_LANDING_PAGE=False):
-                result = self.client_get("/api/v1/get_auth_backends")
-                self.assert_json_success(result)
-                data = result.json()
-                self.assertEqual(data, get_expected_result({"google", "dev"}))
-
-                # Verify invalid subdomain
-                result = self.client_get("/api/v1/get_auth_backends",
-                                         subdomain="invalid")
-                self.assert_json_error_contains(result, "Invalid subdomain", 400)
-
-                # Verify correct behavior with a valid subdomain with
-                # some backends disabled for the realm
-                realm = get_realm("zulip")
-                do_set_realm_authentication_methods(realm, dict(Google=False, Email=False, Dev=True))
-                result = self.client_get("/api/v1/get_auth_backends",
-                                         subdomain="zulip")
-                self.assert_json_success(result)
-                data = result.json()
-                self.assertEqual(data, get_expected_result({"dev"}))
-
-            with self.settings(ROOT_DOMAIN_LANDING_PAGE=True):
-                # With ROOT_DOMAIN_LANDING_PAGE, homepage fails
-                result = self.client_get("/api/v1/get_auth_backends",
-                                         subdomain="")
-                self.assert_json_error_contains(result, "Subdomain required", 400)
-
-                # With ROOT_DOMAIN_LANDING_PAGE, subdomain pages succeed
-                result = self.client_get("/api/v1/get_auth_backends",
-                                         subdomain="zulip")
-                self.assert_json_success(result)
-                data = result.json()
-                self.assertEqual(data, get_expected_result({"dev"}))
+        with self.settings(ROOT_DOMAIN_LANDING_PAGE=True):
+            # With ROOT_DOMAIN_LANDING_PAGE, homepage fails
+            result = self.client_get("/api/v1/server_settings",
+                                     subdomain="")
+            self.assert_json_error_contains(result, "Subdomain required", 400)
 
 class TestTwoFactor(ZulipTestCase):
     def test_direct_dev_login_with_2fa(self) -> None:
diff --git a/zerver/tests/test_openapi.py b/zerver/tests/test_openapi.py
index b59ec2adc2..a4cbba10b0 100644
--- a/zerver/tests/test_openapi.py
+++ b/zerver/tests/test_openapi.py
@@ -182,7 +182,6 @@ class OpenAPIArgumentsTest(ZulipTestCase):
         '/dev_list_users',
         '/fetch_api_key',
         '/fetch_google_client_id',
-        '/get_auth_backends',
         '/settings',
         '/submessage',
         '/attachments',
diff --git a/zerver/views/auth.py b/zerver/views/auth.py
index e903edab59..7a70d868ff 100644
--- a/zerver/views/auth.py
+++ b/zerver/views/auth.py
@@ -808,13 +808,6 @@ def get_auth_backends_data(request: HttpRequest) -> Dict[str, Any]:
         result[key] = auth_enabled_helper([auth_backend_name], realm)
     return result
 
-@csrf_exempt
-def api_get_auth_backends(request: HttpRequest) -> HttpResponse:
-    """Deprecated route; this is to be replaced by api_get_server_settings"""
-    auth_backends = get_auth_backends_data(request)
-    auth_backends['zulip_version'] = ZULIP_VERSION
-    return json_success(auth_backends)
-
 def check_server_incompatibility(request: HttpRequest) -> bool:
     user_agent = parse_user_agent(request.META.get("HTTP_USER_AGENT", "Missing User-Agent"))
     return user_agent['name'] == "ZulipInvalid"
diff --git a/zproject/urls.py b/zproject/urls.py
index d5bb804d11..95883abe75 100644
--- a/zproject/urls.py
+++ b/zproject/urls.py
@@ -669,9 +669,6 @@ v1_api_mobile_patterns = [
     # like the requested subdomains'd realm icon (if known) and
     # server-specific compatibility.
     url(r'^server_settings$', zerver.views.auth.api_get_server_settings),
-    # This is a deprecated old version of api/v1/server_settings that only returns auth backends.
-    url(r'^get_auth_backends$', zerver.views.auth.api_get_auth_backends,
-        name='zerver.views.auth.api_get_auth_backends'),
 
     # This json format view used by the mobile apps accepts a username
     # password/pair and returns an API key.