feat(backend): start of handling grant token rotation more gracefully

[mkurapov]

Changes proposed in this pull request

• Adding getOrCreate and delete methods to backend grant service:
  • getOrCreate method:
    • soft deletes a grant if token rotation fails
    • uses the open payments client to request grant and store it instead of having it be the responsibility of the caller
  • delete method
    • allows callers to soft delete a grant if necessary
  • these methods are still unused at this point, I will be updating callers to use them in a later PR, so we can break up the changes
• Adding deletedAt field to the grants table to allow soft deletion, as well as dropping the unique constraint on authServerId accessType and accessActions such that we can properly soft delete problematic grants

Context

• This is the first part of Try to re-request a grant if token rotation fails during remote incoming payment creation #2852:
  • We are making the grant service more resilient to edge cases (like being unable to rotate tokens if they are missing from the receivers Rafiki DB)

Checklist

• Related issues linked using fixes #number
• Tests added/updated
• Documentation added
• Make sure that all checks pass
• Bruno collection updated

[netlify]

✅ Deploy Preview for brilliant-pasca-3e80ec canceled.

Name	Link
🔨 Latest commit	4bff426
🔍 Latest deploy log	https://app.netlify.com/sites/brilliant-pasca-3e80ec/deploys/66c88f7043f9a3000747598b

[mkurapov]

Dropping the unique constraint on authServerId accessType and accessActions such that we can properly soft delete grants (see migration below)

[BlairCurrey]

seems similar to this case? #2863 (comment)

So could we use a partial unique index (where deletedAt is not null)?

[mkurapov]

I don't think this unique constraint is very useful to begin with, particularly because order matters in accessActions array, meaning [Create, Read] is different from [Read, Create], even though they are the same in terms of how we deal with them in code

[mkurapov]

weren't included before, adding here so we get proper types

[BlairCurrey]

easy to miss this

[mkurapov]

still unused

[mkurapov]

e.g. if we have [AccessActions.Create, AccessActions.Complete, AccessActions.Read] and we are trying to getOrCreate a grant with [AccessActions.Create] we will properly return it, but if one of the elements in the requested list doesnt exist, we will not be able to fetch it

[BlairCurrey]

It looks like this differs slightly from the getGrant which finds one that has strictly equal accessActions. Its not quite clear what the ramifications of this will be. Can you speak to this difference? ie that its intentional, working as intended, etc.

[mkurapov]

before, if we already had a grant for [Read, Create] and then we were trying to getOrCreate a grant with [Read], it would fail to get the existing one, even though the existing grant has the sufficient access requirements

[BlairCurrey]

I suppose we're getting rid of the getGrant here then (in subsequent PR)? looks like its unused but if we keep it for some reason I guess we should update to filter out by deletedAt (and maybe this same accessActions where clause). But I imagine we can just remove it.

[mkurapov]

Yes exactly, will be removing the unused methods

[njlie]

nit: why not combine this migration with drop_unique_grants?

[mkurapov]

Yup, makes sense for this one, let me do that

[njlie]

Would be necessary to create another test (or modify this one) to ensure that it can retrieve existing grants that have (Read/List)-All rights when (Read/List) is requested?

[mkurapov]

good point, maybe during create if ReadAll/ListAll is requested, we can also manually add the corresponding Read/List as well

[njlie]

LGTM