no more bond

config/alpha.json

@@ -2,7 +2,6 @@
   "agoraUrlRoot": "https://agora.dsde-alpha.broadinstitute.org",
   "bardRoot": "https://terra-bard-alpha.appspot.com",
   "billingProfileManagerUrlRoot": "https://bpm.dsde-alpha.broadinstitute.org",
-  "bondUrlRoot": "https://bond.dsde-alpha.broadinstitute.org",
   "calhounUrlRoot": "https://calhoun.dsde-alpha.broadinstitute.org",
   "catalogUrlRoot": "https://catalog.dsde-alpha.broadinstitute.org",
   "dataRepoUrlRoot": "https://data.alpha.envs-terra.bio",

config/dev.json

@@ -2,7 +2,6 @@
   "agoraUrlRoot": "https://agora.dsde-dev.broadinstitute.org",
   "bardRoot": "https://terra-bard-dev.appspot.com",
   "billingProfileManagerUrlRoot": "https://bpm.dsde-dev.broadinstitute.org",
-  "bondUrlRoot": "https://bond.dsde-dev.broadinstitute.org",
   "calhounUrlRoot": "https://calhoun.dsde-dev.broadinstitute.org",
   "catalogUrlRoot": "https://catalog.dsde-dev.broadinstitute.org",
   "dataRepoUrlRoot": "https://jade.datarepo-dev.broadinstitute.org",

config/prod.json

@@ -2,7 +2,6 @@
   "agoraUrlRoot": "https://agora.dsde-prod.broadinstitute.org",
   "bardRoot": "https://terra-bard-prod.appspot.com",
   "billingProfileManagerUrlRoot": "https://bpm.dsde-prod.broadinstitute.org",
-  "bondUrlRoot": "https://bond.dsde-prod.broadinstitute.org",
   "calhounUrlRoot": "https://calhoun.dsde-prod.broadinstitute.org",
   "catalogUrlRoot": "https://catalog.dsde-prod.broadinstitute.org",
   "dataRepoUrlRoot": "https://data.terra.bio",

config/staging.json

@@ -2,7 +2,6 @@
   "agoraUrlRoot": "https://agora.dsde-staging.broadinstitute.org",
   "bardRoot": "https://terra-bard-staging.appspot.com",
   "billingProfileManagerUrlRoot": "https://bpm.dsde-staging.broadinstitute.org",
-  "bondUrlRoot": "https://bond.dsde-staging.broadinstitute.org",
   "calhounUrlRoot": "https://calhoun.dsde-staging.broadinstitute.org",
   "catalogUrlRoot": "https://catalog.dsde-staging.broadinstitute.org",
   "dataRepoUrlRoot": "https://data.staging.envs-terra.bio",

src/auth/AuthContainer.test.tsx

@@ -206,7 +206,6 @@ describe('AuthContainer', () => {
             } as Partial<GroupsContract>,
             User: {
               getNihStatus: jest.fn(),
-              getFenceStatus: jest.fn(),
             } as Partial<UserContract>,
             TermsOfService: {
               getUserTermsOfServiceDetails: jest.fn(),

src/auth/auth.ts

@@ -22,7 +22,6 @@ import Events, { captureAppcuesEvent, MetricsEventName } from 'src/libs/events';
 import * as Nav from 'src/libs/nav';
 import { clearNotification, notify, sessionTimeoutProps } from 'src/libs/notifications';
 import { getLocalPref, getLocalPrefForUserId, setLocalPref } from 'src/libs/prefs';
-import allProviders from 'src/libs/providers';
 import {
   asyncImportJobStore,
   AuthState,
@@ -42,6 +41,7 @@ import {
   workspaceStore,
 } from 'src/libs/state';
 import * as Utils from 'src/libs/utils';
+import { allOAuth2Providers } from 'src/profile/external-identities/OAuth2Providers';
 import { v4 as uuid } from 'uuid';
 
 export const getAuthToken = (): string | undefined => {
@@ -655,18 +655,16 @@ authStore.subscribe(
 );
 
 authStore.subscribe(
-  withErrorReporting('Error loading Framework Services account status')(
-    async (state: AuthState, oldState: AuthState) => {
-      if (userCanNowUseTerra(oldState, state)) {
-        await Promise.all(
-          _.map(async ({ key }) => {
-            const status = await Ajax().User.getFenceStatus(key);
-            authStore.update(_.set(['fenceStatus', key], status));
-          }, allProviders)
-        );
-      }
+  withErrorReporting('Error loading OAuth2 account status')(async (state: AuthState, oldState: AuthState) => {
+    if (userCanNowUseTerra(oldState, state)) {
+      await Promise.all(
+        _.map(async (provider) => {
+          const status = await Ajax().ExternalCredentials(provider).getAccountLinkStatus();
+          authStore.update(_.set(['oAuth2AccountStatus', provider.key], status));
+        }, allOAuth2Providers)
+      );
     }
-  )
+  })
 );
 
 authStore.subscribe((state: AuthState, oldState: AuthState) => {

src/libs/ajax/ExternalCredentials.ts

@@ -17,7 +17,12 @@ export const ExternalCredentials = (signal?: AbortSignal) => (oAuth2Provider: OA
     getAccountLinkStatus: async (): Promise<EcmLinkAccountResponse | undefined> => {
       try {
         const res = await fetchEcm(oauthRoot, _.merge(authOpts(), { signal }));
-        return res.json();
+        const json = await res.json();
+        return {
+          externalUserId: json.externalUserId,
+          expirationTimestamp: new Date(json.expirationTimestamp),
+          authenticated: json.authenticated,
+        };
       } catch (error: unknown) {
         if (error instanceof Response && error.status === 404) {
           return undefined;

src/libs/ajax/User.ts

@@ -1,6 +1,5 @@
 import _ from 'lodash/fp';
-import * as qs from 'qs';
-import { authOpts, fetchBond, fetchOrchestration, fetchRex, fetchSam, jsonBody } from 'src/libs/ajax/ajax-common';
+import { authOpts, fetchOrchestration, fetchRex, fetchSam, jsonBody } from 'src/libs/ajax/ajax-common';
 import { getTerraUser, TerraUserProfile } from 'src/libs/state';
 import * as Utils from 'src/libs/utils';
 
@@ -140,15 +139,6 @@ export interface OrchestrationNihStatusResponse {
   linkExpireTime: number;
 }
 
-export interface BondFenceUrlResponse {
-  url: string;
-}
-
-export interface BondFenceStatusResponse {
-  issued_at: Date;
-  username: string;
-}
-
 export interface SamInviteUserResponse {
   userSubjectId: string;
   userEmail: string;
@@ -309,53 +299,6 @@ export const User = (signal?: AbortSignal) => {
       await fetchOrchestration('api/nih/account', _.mergeAll([authOpts(), { signal, method: 'DELETE' }]));
     },
 
-    getFenceStatus: async (providerKey: string): Promise<BondFenceStatusResponse | {}> => {
-      try {
-        const res = await fetchBond(`api/link/v1/${providerKey}`, _.merge(authOpts(), { signal }));
-        return res.json();
-      } catch (error: unknown) {
-        if (error instanceof Response && error.status === 404) {
-          return {};
-        }
-        throw error;
-      }
-    },
-
-    getFenceAuthUrl: async (providerKey: string, redirectUri: string): Promise<BondFenceUrlResponse> => {
-      const queryParams = {
-        scopes: ['openid', 'google_credentials', 'data', 'user'],
-        redirect_uri: redirectUri,
-        state: btoa(JSON.stringify({ provider: providerKey })),
-      };
-      const res = await fetchBond(
-        `api/link/v1/${providerKey}/authorization-url?${qs.stringify(queryParams, { indices: false })}`,
-        _.merge(authOpts(), { signal })
-      );
-      return res.json();
-    },
-
-    linkFenceAccount: async (
-      providerKey: string,
-      authCode: string | undefined,
-      redirectUri: string,
-      state: string
-    ): Promise<BondFenceStatusResponse> => {
-      const queryParams = {
-        oauthcode: authCode,
-        redirect_uri: redirectUri,
-        state,
-      };
-      const res = await fetchBond(
-        `api/link/v1/${providerKey}/oauthcode?${qs.stringify(queryParams)}`,
-        _.merge(authOpts(), { signal, method: 'POST' })
-      );
-      return res.json();
-    },
-
-    unlinkFenceAccount: async (providerKey: string): Promise<void> => {
-      await fetchBond(`api/link/v1/${providerKey}`, _.merge(authOpts(), { signal, method: 'DELETE' }));
-    },
-
     isUserRegistered: async (email: string): Promise<boolean> => {
       try {
         await fetchSam(`api/users/v1/${encodeURIComponent(email)}`, _.merge(authOpts(), { signal, method: 'GET' }));

src/libs/ajax/ajax-common.ts

@@ -264,11 +264,6 @@ export const fetchRex = _.flow(
   withRetryAfterReloadingExpiredAuthToken
 )(fetchOk);
 
-export const fetchBond = _.flow(
-  withUrlPrefix(`${getConfig().bondUrlRoot}/`),
-  withRetryAfterReloadingExpiredAuthToken
-)(fetchOk);
-
 export const fetchDrsHub = _.flow(
   withUrlPrefix(`${getConfig().drsHubUrlRoot}/`),
   withRetryAfterReloadingExpiredAuthToken