From ce5a4b9bb3afc397b0d838112669aaf60dbfc149 Mon Sep 17 00:00:00 2001
From: Chris Price <cprice404@users.noreply.github.com>
Date: Tue, 14 May 2024 06:48:11 -0700
Subject: [PATCH] feat: remove signing key APIs (#1279)

These signing key APIs were only ever enabled for some private beta customers;
we have deleted them from most other SDKs, not sure how they survived in here
for so long but this commit removes them. It also allows us to clean up some
weird entanglement between the CacheClient and AbstractCacheClient.
---
 .../client-sdk-nodejs/src/cache-client.ts     |  68 +----------
 packages/client-sdk-nodejs/src/index.ts       |   6 -
 .../src/internal/cache-control-client.ts      | 108 +-----------------
 .../test/integration/signing-keys.test.ts     |  49 --------
 packages/client-sdk-web/src/index.ts          |   6 -
 packages/core/src/index.ts                    |   6 -
 .../clients/cache/AbstractCacheClient.ts      |   2 +-
 .../messages/responses/create-signing-key.ts  |  80 -------------
 .../messages/responses/list-signing-keys.ts   |  79 -------------
 .../messages/responses/revoke-signing-key.ts  |  48 --------
 10 files changed, 3 insertions(+), 449 deletions(-)
 delete mode 100644 packages/client-sdk-nodejs/test/integration/signing-keys.test.ts
 delete mode 100644 packages/core/src/messages/responses/create-signing-key.ts
 delete mode 100644 packages/core/src/messages/responses/list-signing-keys.ts
 delete mode 100644 packages/core/src/messages/responses/revoke-signing-key.ts

diff --git a/packages/client-sdk-nodejs/src/cache-client.ts b/packages/client-sdk-nodejs/src/cache-client.ts
index 88765af80..647347a61 100644
--- a/packages/client-sdk-nodejs/src/cache-client.ts
+++ b/packages/client-sdk-nodejs/src/cache-client.ts
@@ -1,14 +1,6 @@
 import {CacheControlClient} from './internal/cache-control-client';
 import {CacheDataClient} from './internal/cache-data-client';
-import {
-  CreateSigningKey,
-  ListSigningKeys,
-  RevokeSigningKey,
-  CacheFlush,
-  MomentoLogger,
-  Configuration,
-  Configurations,
-} from '.';
+import {CacheFlush, MomentoLogger, Configuration, Configurations} from '.';
 import {CacheClientProps, EagerCacheClientProps} from './cache-client-props';
 import {
   range,
@@ -156,64 +148,6 @@ export class CacheClient extends AbstractCacheClient implements ICacheClient {
   public async flushCache(cacheName: string): Promise<CacheFlush.Response> {
     return await this.notYetAbstractedControlClient.flushCache(cacheName);
   }
-
-  /**
-   * Creates a Momento signing key.
-   *
-   * @param {number} ttlMinutes - The time to live in minutes until the Momento
-   * signing key expires.
-   * @returns {Promise<CreateSigningKey.Response>} -
-   * {@link CreateSigningKey.Success} containing the key, key ID, endpoint, and
-   * expiration date on success.
-   * {@link CreateSigningKey.Error} on failure.
-   */
-  public async createSigningKey(
-    ttlMinutes: number
-  ): Promise<CreateSigningKey.Response> {
-    const client = this.getNextDataClient();
-    return await this.notYetAbstractedControlClient.createSigningKey(
-      ttlMinutes,
-      client.getEndpoint()
-    );
-  }
-
-  /**
-   * Revokes a Momento signing key.
-   *
-   * @remarks
-   * All tokens signed by this key will be invalid.
-   *
-   * @param {string} keyId - The ID of the key to revoke.
-   * @returns {Promise<RevokeSigningKey.Response>} -
-   * {@link RevokeSigningKey.Success} on success.
-   * {@link RevokeSigningKey.Error} on failure.
-   */
-  public async revokeSigningKey(
-    keyId: string
-  ): Promise<RevokeSigningKey.Response> {
-    return await this.notYetAbstractedControlClient.revokeSigningKey(keyId);
-  }
-
-  /**
-   * Lists all Momento signing keys for the provided auth token.
-   *
-   * @returns {Promise<ListSigningKeys.Response>} -
-   * {@link ListSigningKeys.Success} containing the keys on success.
-   * {@link ListSigningKeys.Error} on failure.
-   */
-  public async listSigningKeys(): Promise<ListSigningKeys.Response> {
-    const client = this.getNextDataClient();
-    return await this.notYetAbstractedControlClient.listSigningKeys(
-      client.getEndpoint()
-    );
-  }
-
-  protected getNextDataClient(): CacheDataClient {
-    const client = this.dataClients[this.nextDataClientIndex];
-    this.nextDataClientIndex =
-      (this.nextDataClientIndex + 1) % this.dataClients.length;
-    return client as CacheDataClient;
-  }
 }
 
 function getDefaultCacheClientConfiguration(): Configuration {
diff --git a/packages/client-sdk-nodejs/src/index.ts b/packages/client-sdk-nodejs/src/index.ts
index 62323aca4..8e5cc9446 100644
--- a/packages/client-sdk-nodejs/src/index.ts
+++ b/packages/client-sdk-nodejs/src/index.ts
@@ -26,9 +26,6 @@ import * as CacheFlush from '@gomomento/sdk-core/dist/src/messages/responses/cac
 import * as CreateCache from '@gomomento/sdk-core/dist/src/messages/responses/create-cache';
 import * as DeleteCache from '@gomomento/sdk-core/dist/src/messages/responses/delete-cache';
 import * as ListCaches from '@gomomento/sdk-core/dist/src/messages/responses/list-caches';
-import * as CreateSigningKey from '@gomomento/sdk-core/dist/src/messages/responses/create-signing-key';
-import * as ListSigningKeys from '@gomomento/sdk-core/dist/src/messages/responses/list-signing-keys';
-import * as RevokeSigningKey from '@gomomento/sdk-core/dist/src/messages/responses/revoke-signing-key';
 import * as CacheSetFetch from '@gomomento/sdk-core/dist/src/messages/responses/cache-set-fetch';
 import * as CacheDictionaryFetch from '@gomomento/sdk-core/dist/src/messages/responses/cache-dictionary-fetch';
 import * as CacheDictionarySetField from '@gomomento/sdk-core/dist/src/messages/responses/cache-dictionary-set-field';
@@ -292,9 +289,6 @@ export {
   DeleteCache,
   ListCaches,
   CacheIncrement,
-  CreateSigningKey,
-  ListSigningKeys,
-  RevokeSigningKey,
   CacheSetFetch,
   CacheDictionaryFetch,
   CacheDictionarySetField,
diff --git a/packages/client-sdk-nodejs/src/internal/cache-control-client.ts b/packages/client-sdk-nodejs/src/internal/cache-control-client.ts
index 1213ce8d5..362e67060 100644
--- a/packages/client-sdk-nodejs/src/internal/cache-control-client.ts
+++ b/packages/client-sdk-nodejs/src/internal/cache-control-client.ts
@@ -9,9 +9,6 @@ import {
   CreateCache,
   DeleteCache,
   ListCaches,
-  CreateSigningKey,
-  ListSigningKeys,
-  RevokeSigningKey,
   CacheFlush,
   CredentialProvider,
   MomentoLogger,
@@ -21,11 +18,7 @@ import {version} from '../../package.json';
 import {IdleGrpcClientWrapper} from './grpc/idle-grpc-client-wrapper';
 import {GrpcClientWrapper} from './grpc/grpc-client-wrapper';
 import {Configuration} from '../config/configuration';
-import {
-  validateCacheName,
-  validateTtlMinutes,
-} from '@gomomento/sdk-core/dist/src/internal/utils';
-import {_SigningKey} from '@gomomento/sdk-core/dist/src/messages/responses/grpc-response-types';
+import {validateCacheName} from '@gomomento/sdk-core/dist/src/internal/utils';
 import {
   CacheLimits,
   TopicLimits,
@@ -232,103 +225,4 @@ export class CacheControlClient {
         });
     });
   }
-
-  public async createSigningKey(
-    ttlMinutes: number,
-    endpoint: string
-  ): Promise<CreateSigningKey.Response> {
-    try {
-      validateTtlMinutes(ttlMinutes);
-    } catch (err) {
-      return this.cacheServiceErrorMapper.returnOrThrowError(
-        err as Error,
-        err => new CreateSigningKey.Error(err)
-      );
-    }
-    this.logger.debug("Issuing 'createSigningKey' request");
-    const request = new grpcControl._CreateSigningKeyRequest();
-    request.ttl_minutes = ttlMinutes;
-    return await new Promise<CreateSigningKey.Response>((resolve, reject) => {
-      this.clientWrapper
-        .getClient()
-        .CreateSigningKey(
-          request,
-          {interceptors: this.interceptors},
-          (err, resp) => {
-            if (err) {
-              this.cacheServiceErrorMapper.resolveOrRejectError({
-                err: err,
-                errorResponseFactoryFn: e => new CreateSigningKey.Error(e),
-                resolveFn: resolve,
-                rejectFn: reject,
-              });
-            } else {
-              const signingKey = new _SigningKey(resp?.key, resp?.expires_at);
-              resolve(new CreateSigningKey.Success(endpoint, signingKey));
-            }
-          }
-        );
-    });
-  }
-
-  public async revokeSigningKey(
-    keyId: string
-  ): Promise<RevokeSigningKey.Response> {
-    const request = new grpcControl._RevokeSigningKeyRequest();
-    request.key_id = keyId;
-    this.logger.debug("Issuing 'revokeSigningKey' request");
-    return await new Promise<RevokeSigningKey.Response>((resolve, reject) => {
-      this.clientWrapper
-        .getClient()
-        .RevokeSigningKey(request, {interceptors: this.interceptors}, err => {
-          if (err) {
-            this.cacheServiceErrorMapper.resolveOrRejectError({
-              err: err,
-              errorResponseFactoryFn: e => new RevokeSigningKey.Error(e),
-              resolveFn: resolve,
-              rejectFn: reject,
-            });
-          } else {
-            resolve(new RevokeSigningKey.Success());
-          }
-        });
-    });
-  }
-
-  public async listSigningKeys(
-    endpoint: string
-  ): Promise<ListSigningKeys.Response> {
-    const request = new grpcControl._ListSigningKeysRequest();
-    request.next_token = '';
-    this.logger.debug("Issuing 'listSigningKeys' request");
-    return await new Promise<ListSigningKeys.Response>((resolve, reject) => {
-      this.clientWrapper
-        .getClient()
-        .ListSigningKeys(
-          request,
-          {interceptors: this.interceptors},
-          (err, resp) => {
-            if (err || !resp) {
-              this.cacheServiceErrorMapper.resolveOrRejectError({
-                err: err,
-                errorResponseFactoryFn: e => new ListSigningKeys.Error(e),
-                resolveFn: resolve,
-                rejectFn: reject,
-              });
-            } else {
-              const signingKeys = resp.signing_key.map(
-                sk => new _SigningKey(sk.key_id, sk.expires_at)
-              );
-              resolve(
-                new ListSigningKeys.Success(
-                  endpoint,
-                  signingKeys,
-                  resp.next_token
-                )
-              );
-            }
-          }
-        );
-    });
-  }
 }
diff --git a/packages/client-sdk-nodejs/test/integration/signing-keys.test.ts b/packages/client-sdk-nodejs/test/integration/signing-keys.test.ts
deleted file mode 100644
index b9205ef8a..000000000
--- a/packages/client-sdk-nodejs/test/integration/signing-keys.test.ts
+++ /dev/null
@@ -1,49 +0,0 @@
-import {
-  CreateSigningKey,
-  ListSigningKeys,
-  RevokeSigningKey,
-} from '@gomomento/sdk-core';
-import {SetupIntegrationTest} from './integration-setup';
-
-const {cacheClient} = SetupIntegrationTest();
-
-describe('Signing keys', () => {
-  it('should create, list, and revoke a signing key', async () => {
-    const createSigningKeyResponse = await cacheClient.createSigningKey(30);
-    expect(createSigningKeyResponse).toBeInstanceOf(CreateSigningKey.Success);
-    let listSigningKeysResponse = await cacheClient.listSigningKeys();
-    expect(listSigningKeysResponse).toBeInstanceOf(ListSigningKeys.Success);
-    let signingKeys = (
-      listSigningKeysResponse as ListSigningKeys.Success
-    ).getSigningKeys();
-    expect(signingKeys.length).toBeGreaterThan(0);
-    expect(
-      signingKeys
-        .map(k => k.getKeyId())
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-call
-        .some(
-          k =>
-            k ===
-            (createSigningKeyResponse as CreateSigningKey.Success).getKeyId()
-        )
-    ).toEqual(true);
-    const revokeResponse = await cacheClient.revokeSigningKey(
-      (createSigningKeyResponse as CreateSigningKey.Success).getKeyId()
-    );
-    expect(revokeResponse).toBeInstanceOf(RevokeSigningKey.Success);
-    listSigningKeysResponse = await cacheClient.listSigningKeys();
-    expect(listSigningKeysResponse).toBeInstanceOf(ListSigningKeys.Success);
-    signingKeys = (
-      listSigningKeysResponse as ListSigningKeys.Success
-    ).getSigningKeys();
-    expect(
-      signingKeys
-        .map(k => k.getKeyId())
-        .some(
-          k =>
-            k ===
-            (createSigningKeyResponse as CreateSigningKey.Success).getKeyId()
-        )
-    ).toEqual(false);
-  });
-});
diff --git a/packages/client-sdk-web/src/index.ts b/packages/client-sdk-web/src/index.ts
index c1e73aa7d..9dc401a83 100644
--- a/packages/client-sdk-web/src/index.ts
+++ b/packages/client-sdk-web/src/index.ts
@@ -24,9 +24,6 @@ import * as CacheFlush from '@gomomento/sdk-core/dist/src/messages/responses/cac
 import * as CreateCache from '@gomomento/sdk-core/dist/src/messages/responses/create-cache';
 import * as DeleteCache from '@gomomento/sdk-core/dist/src/messages/responses/delete-cache';
 import * as ListCaches from '@gomomento/sdk-core/dist/src/messages/responses/list-caches';
-import * as CreateSigningKey from '@gomomento/sdk-core/dist/src/messages/responses/create-signing-key';
-import * as ListSigningKeys from '@gomomento/sdk-core/dist/src/messages/responses/list-signing-keys';
-import * as RevokeSigningKey from '@gomomento/sdk-core/dist/src/messages/responses/revoke-signing-key';
 import * as CacheSetFetch from '@gomomento/sdk-core/dist/src/messages/responses/cache-set-fetch';
 import * as CacheDictionaryFetch from '@gomomento/sdk-core/dist/src/messages/responses/cache-dictionary-fetch';
 import * as CacheDictionarySetField from '@gomomento/sdk-core/dist/src/messages/responses/cache-dictionary-set-field';
@@ -234,9 +231,6 @@ export {
   DeleteCache,
   ListCaches,
   CacheIncrement,
-  CreateSigningKey,
-  ListSigningKeys,
-  RevokeSigningKey,
   CacheSetFetch,
   CacheDictionaryFetch,
   CacheDictionarySetField,
diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts
index 0c66b6909..f96b3b872 100644
--- a/packages/core/src/index.ts
+++ b/packages/core/src/index.ts
@@ -16,9 +16,6 @@ import * as CacheFlush from './messages/responses/cache-flush';
 import * as CreateCache from './messages/responses/create-cache';
 import * as DeleteCache from './messages/responses/delete-cache';
 import * as ListCaches from './messages/responses/list-caches';
-import * as CreateSigningKey from './messages/responses/create-signing-key';
-import * as ListSigningKeys from './messages/responses/list-signing-keys';
-import * as RevokeSigningKey from './messages/responses/revoke-signing-key';
 import * as CacheSetFetch from './messages/responses/cache-set-fetch';
 import * as CacheDictionaryFetch from './messages/responses/cache-dictionary-fetch';
 import * as CacheDictionarySetField from './messages/responses/cache-dictionary-set-field';
@@ -235,9 +232,6 @@ export {
   DeleteCache,
   ListCaches,
   CacheIncrement,
-  CreateSigningKey,
-  ListSigningKeys,
-  RevokeSigningKey,
   CacheSetFetch,
   CacheDictionaryFetch,
   CacheDictionarySetField,
diff --git a/packages/core/src/internal/clients/cache/AbstractCacheClient.ts b/packages/core/src/internal/clients/cache/AbstractCacheClient.ts
index 4578c872f..99b1a10e5 100644
--- a/packages/core/src/internal/clients/cache/AbstractCacheClient.ts
+++ b/packages/core/src/internal/clients/cache/AbstractCacheClient.ts
@@ -110,7 +110,7 @@ export abstract class AbstractCacheClient implements ICacheClient {
   // TODO: Make pingClient required if and when the nodejs side starts adding
   //  one as well
   protected readonly pingClient?: IPingClient;
-  protected nextDataClientIndex: number;
+  private nextDataClientIndex: number;
 
   protected constructor(
     controlClient: IControlClient,
diff --git a/packages/core/src/messages/responses/create-signing-key.ts b/packages/core/src/messages/responses/create-signing-key.ts
deleted file mode 100644
index eb9bad06a..000000000
--- a/packages/core/src/messages/responses/create-signing-key.ts
+++ /dev/null
@@ -1,80 +0,0 @@
-import {SdkError} from '../../errors';
-import {_SigningKey} from './grpc-response-types';
-import {ResponseBase, ResponseError, ResponseSuccess} from './response-base';
-
-/**
- * Parent response type for a create signing key request.  The
- * response object is resolved to a type-safe object of one of
- * the following subtypes:
- *
- * - {Success}
- * - {Error}
- *
- * `instanceof` type guards can be used to operate on the appropriate subtype.
- * @example
- * For example:
- * ```
- * if (response instanceof CreateSigningKey.Error) {
- *   // Handle error as appropriate.  The compiler will smart-cast `response` to type
- *   // `CreateSigningKey.Error` in this block, so you will have access to the properties
- *   // of the Error class; e.g. `response.errorCode()`.
- * }
- * ```
- */
-export abstract class Response extends ResponseBase {}
-
-class _Success extends Response {
-  private readonly keyId: string;
-  private readonly endpoint: string;
-  private readonly key: string;
-  private readonly expiresAt: Date;
-
-  constructor(endpoint: string, result?: _SigningKey) {
-    super();
-    const key = result?.key ?? '';
-    // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
-    this.keyId = JSON.parse(key)['kid'];
-    this.endpoint = endpoint;
-    this.key = key;
-    this.expiresAt = new Date(result?.expiresAt ?? 0);
-  }
-
-  public getKeyId(): string {
-    return this.keyId;
-  }
-
-  public getEndpoint(): string {
-    return this.endpoint;
-  }
-
-  public getKey(): string {
-    return this.key;
-  }
-
-  public getExpiresAt(): Date {
-    return this.expiresAt;
-  }
-}
-
-/**
- * Indicates a Successful create signing key request.
- */
-export class Success extends ResponseSuccess(_Success) {}
-
-class _Error extends Response {
-  constructor(protected _innerException: SdkError) {
-    super();
-  }
-}
-
-/**
- * Indicates that an error occurred during the create signing key request.
- *
- * This response object includes the following fields that you can use to determine
- * how you would like to handle the error:
- *
- * - `errorCode()` - a unique Momento error code indicating the type of error that occurred.
- * - `message()` - a human-readable description of the error
- * - `innerException()` - the original error that caused the failure; can be re-thrown.
- */
-export class Error extends ResponseError(_Error) {}
diff --git a/packages/core/src/messages/responses/list-signing-keys.ts b/packages/core/src/messages/responses/list-signing-keys.ts
deleted file mode 100644
index 78050b2c8..000000000
--- a/packages/core/src/messages/responses/list-signing-keys.ts
+++ /dev/null
@@ -1,79 +0,0 @@
-import {SigningKey} from '../signing-key';
-import {SdkError} from '../../errors';
-import {ResponseBase, ResponseError, ResponseSuccess} from './response-base';
-import {_SigningKey} from './grpc-response-types';
-
-/**
- * Parent response type for a list signing keys request.  The
- * response object is resolved to a type-safe object of one of
- * the following subtypes:
- *
- * - {Success}
- * - {Error}
- *
- * `instanceof` type guards can be used to operate on the appropriate subtype.
- * @example
- * For example:
- * ```
- * if (response instanceof ListSigningKeys.Error) {
- *   // Handle error as appropriate.  The compiler will smart-cast `response` to type
- *   // `ListSigningKeys.Error` in this block, so you will have access to the properties
- *   // of the Error class; e.g. `response.errorCode()`.
- * }
- * ```
- */
-export abstract class Response extends ResponseBase {}
-
-class _Success extends Response {
-  private readonly nextToken?: string;
-  private readonly signingKeys: SigningKey[];
-
-  constructor(
-    endpoint: string,
-    signingKeys: _SigningKey[],
-    nextToken?: string
-  ) {
-    super();
-    this.nextToken = nextToken;
-    this.signingKeys =
-      signingKeys.map(
-        signingKey =>
-          new SigningKey(
-            signingKey.key,
-            new Date(signingKey.expiresAt * 1000),
-            endpoint
-          )
-      ) ?? [];
-  }
-
-  public getNextToken() {
-    return this.nextToken;
-  }
-
-  public getSigningKeys() {
-    return this.signingKeys;
-  }
-}
-
-/**
- * Indicates a Successful list signing keys request.
- */
-export class Success extends ResponseSuccess(_Success) {}
-
-class _Error extends Response {
-  constructor(protected _innerException: SdkError) {
-    super();
-  }
-}
-
-/**
- * Indicates that an error occurred during the list signing keys request.
- *
- * This response object includes the following fields that you can use to determine
- * how you would like to handle the error:
- *
- * - `errorCode()` - a unique Momento error code indicating the type of error that occurred.
- * - `message()` - a human-readable description of the error
- * - `innerException()` - the original error that caused the failure; can be re-thrown.
- */
-export class Error extends ResponseError(_Error) {}
diff --git a/packages/core/src/messages/responses/revoke-signing-key.ts b/packages/core/src/messages/responses/revoke-signing-key.ts
deleted file mode 100644
index 13ea859b6..000000000
--- a/packages/core/src/messages/responses/revoke-signing-key.ts
+++ /dev/null
@@ -1,48 +0,0 @@
-import {SdkError} from '../../errors';
-import {ResponseBase, ResponseError, ResponseSuccess} from './response-base';
-
-/**
- * Parent response type for a revoke signing keys request.  The
- * response object is resolved to a type-safe object of one of
- * the following subtypes:
- *
- * - {Success}
- * - {Error}
- *
- * `instanceof` type guards can be used to operate on the appropriate subtype.
- * @example
- * For example:
- * ```
- * if (response instanceof RevokeSigningKeys.Error) {
- *   // Handle error as appropriate.  The compiler will smart-cast `response` to type
- *   // `RevokeSigningKeys.Error` in this block, so you will have access to the properties
- *   // of the Error class; e.g. `response.errorCode()`.
- * }
- * ```
- */
-export abstract class Response extends ResponseBase {}
-
-class _Success extends Response {}
-
-/**
- * Indicates a Successful revoke signing keys request.
- */
-export class Success extends ResponseSuccess(_Success) {}
-
-class _Error extends Response {
-  constructor(protected _innerException: SdkError) {
-    super();
-  }
-}
-
-/**
- * Indicates that an error occurred during the revoke signing keys request.
- *
- * This response object includes the following fields that you can use to determine
- * how you would like to handle the error:
- *
- * - `errorCode()` - a unique Momento error code indicating the type of error that occurred.
- * - `message()` - a human-readable description of the error
- * - `innerException()` - the original error that caused the failure; can be re-thrown.
- */
-export class Error extends ResponseError(_Error) {}