From 7ea951f0a47299d955a4249f7b20be1c0bd69004 Mon Sep 17 00:00:00 2001
From: Travis Semple <travis8814@gmail.com>
Date: Thu, 20 Jun 2024 15:13:30 -0700
Subject: [PATCH] 21898 - Remove AUTH_WEB_TOKEN_CONFIRM_PATH (#2878)

* Remove AUTH_WEB_TOKEN_CONFIRM_PATH

* Minor tweak

* Remove unused test

* lint fixes

* Lint
---
 auth-api/src/auth_api/config.py                 |  1 -
 .../auth_api/services/affiliation_invitation.py | 17 ++---------------
 auth-api/src/auth_api/services/invitation.py    |  9 +++------
 auth-api/src/auth_api/services/membership.py    |  3 +--
 auth-api/src/auth_api/services/org.py           |  6 +++---
 auth-api/src/auth_api/services/user.py          |  2 +-
 .../services/test_affiliation_invitation.py     | 13 -------------
 .../account-mailer/src/account_mailer/config.py |  2 --
 8 files changed, 10 insertions(+), 43 deletions(-)

diff --git a/auth-api/src/auth_api/config.py b/auth-api/src/auth_api/config.py
index 05aae05316..bd5a71c256 100644
--- a/auth-api/src/auth_api/config.py
+++ b/auth-api/src/auth_api/config.py
@@ -151,7 +151,6 @@ class _Config:  # pylint: disable=too-few-public-methods
     MAIL_FROM_ID = os.getenv('MAIL_FROM_ID')
 
     # mail token  configuration
-    AUTH_WEB_TOKEN_CONFIRM_PATH = os.getenv('AUTH_WEB_TOKEN_CONFIRM_PATH')
     EMAIL_SECURITY_PASSWORD_SALT = os.getenv('EMAIL_SECURITY_PASSWORD_SALT')
     EMAIL_TOKEN_SECRET_KEY = os.getenv('EMAIL_TOKEN_SECRET_KEY')
     TOKEN_EXPIRY_PERIOD = os.getenv('TOKEN_EXPIRY_PERIOD')
diff --git a/auth-api/src/auth_api/services/affiliation_invitation.py b/auth-api/src/auth_api/services/affiliation_invitation.py
index 18e395e306..a2608235f7 100644
--- a/auth-api/src/auth_api/services/affiliation_invitation.py
+++ b/auth-api/src/auth_api/services/affiliation_invitation.py
@@ -228,7 +228,6 @@ def create_affiliation_invitation(affiliation_invitation_info: Dict,
                                       # pylint:disable=unused-argument,too-many-locals
                                       user, invitation_origin, environment=None, **kwargs):
         """Create a new affiliation invitation."""
-        context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
         from_org_id = affiliation_invitation_info['fromOrgId']
         if to_org_uuid := affiliation_invitation_info.get('toOrgUuid'):
             affiliation_invitation_info['toOrgId'] = AffiliationInvitation._get_org_id_from_org_uuid(to_org_uuid)
@@ -279,8 +278,7 @@ def create_affiliation_invitation(affiliation_invitation_info: Dict,
         AffiliationInvitation\
             .send_affiliation_invitation(affiliation_invitation=affiliation_invitation,
                                          business_name=business['business']['legalName'],
-                                         app_url=AffiliationInvitation._get_app_url(invitation_origin,
-                                                                                    context_path),
+                                         app_url=invitation_origin + '/',
                                          email_addresses=affiliation_invitation.recipient_email)
         return AffiliationInvitation(affiliation_invitation)
 
@@ -317,7 +315,6 @@ def update_affiliation_invitation(self, user, invitation_origin, affiliation_inv
         check_auth(org_id=self._model.from_org_id,
                    one_of_roles=(ADMIN, COORDINATOR, STAFF))
 
-        context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
         invitation: AffiliationInvitationModel = self._model
 
         # Don't do any updates if the invitation is not in PENDING state
@@ -344,8 +341,7 @@ def update_affiliation_invitation(self, user, invitation_origin, affiliation_inv
             AffiliationInvitation\
                 .send_affiliation_invitation(affiliation_invitation=invitation,
                                              business_name=business['business']['legalName'],
-                                             app_url=AffiliationInvitation._get_app_url(invitation_origin,
-                                                                                        context_path),
+                                             app_url=invitation_origin + '/',
                                              email_addresses=invitation.recipient_email)
         # Expire invitation
         elif new_status == InvitationStatus.EXPIRED.value:
@@ -439,15 +435,6 @@ def find_affiliation_invitation_by_id(invitation_id):
 
         return AffiliationInvitation(invitation)
 
-    @staticmethod
-    def _get_app_url(app_url: str, context_path: str = None) -> str:
-        """Get app url concatenated with context_path if it exists."""
-        full_app_url = app_url
-        if context_path:
-            full_app_url = f'{full_app_url}/{context_path}'
-
-        return full_app_url
-
     @staticmethod
     def _get_token_confirm_path(app_url, org_name, token, query_params=None):
         """Get the config for different email types."""
diff --git a/auth-api/src/auth_api/services/invitation.py b/auth-api/src/auth_api/services/invitation.py
index c0a4207f0f..d91b832889 100644
--- a/auth-api/src/auth_api/services/invitation.py
+++ b/auth-api/src/auth_api/services/invitation.py
@@ -80,7 +80,6 @@ def create_invitation(invitation_info: Dict, user, invitation_origin, **kwargs):
         """Create a new invitation."""
         user_from_context: UserContext = kwargs['user_context']
         # Ensure that the current user is ADMIN or COORDINATOR on each org being invited to
-        context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
         org_id = invitation_info['membership'][0]['orgId']
         membership_type = invitation_info['membership'][0]['membershipType']
         token_email_query_params: Dict = {}
@@ -115,7 +114,7 @@ def create_invitation(invitation_info: Dict, user, invitation_origin, **kwargs):
         invitation.login_source = mandatory_login_source
         invitation.save()
         Invitation.send_invitation(invitation, org_name, org.id, user.as_dict(),
-                                   f'{invitation_origin}/{context_path}', mandatory_login_source,
+                                   f'{invitation_origin}/', mandatory_login_source,
                                    org_status=org.status_code, query_params=token_email_query_params)
         ActivityLogPublisher.publish_activity(Activity(org_id, ActivityAction.INVITE_TEAM_MEMBER.value,
                                                        name=invitation_info['recipientEmail'], value=membership_type,
@@ -148,7 +147,6 @@ def update_invitation(self, user, invitation_origin):
         """Update the specified invitation with new data."""
         # Ensure that the current user is ADMIN or COORDINATOR on each org being re-invited to
         token_email_query_params: Dict = {}
-        context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
         for membership in self._model.membership:
             org_id = membership.org_id
             check_auth(org_id=org_id, one_of_roles=(ADMIN, COORDINATOR, STAFF))
@@ -162,7 +160,7 @@ def update_invitation(self, user, invitation_origin):
         updated_invitation = self._model.update_invitation_as_retried()
         org_name = OrgModel.find_by_org_id(self._model.membership[0].org_id).name
         Invitation.send_invitation(updated_invitation, org_name, self._model.membership[0].org_id, user.as_dict(),
-                                   f'{invitation_origin}/{context_path}', self._model.login_source,
+                                   f'{invitation_origin}/', self._model.login_source,
                                    query_params=token_email_query_params)
         return Invitation(updated_invitation)
 
@@ -356,7 +354,6 @@ def notify_admin(user, invitation_id, membership_id, invitation_origin):
         current_app.logger.debug('<notify_admin')
         admin_list = UserService.get_admins_for_membership(membership_id)
         invitation: InvitationModel = InvitationModel.find_invitation_by_id(invitation_id)
-        context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
 
         # Don't send email in case no admin exist in the org. (staff sent invitation)
         if len(admin_list) >= 1:
@@ -367,7 +364,7 @@ def notify_admin(user, invitation_id, membership_id, invitation_origin):
 
         if admin_emails != '':
             Invitation.send_admin_notification(user.as_dict(),
-                                               f'{invitation_origin}/{context_path}',
+                                               f'{invitation_origin}/',
                                                admin_emails, invitation.membership[0].org.name,
                                                invitation.membership[0].org.id)
             current_app.logger.debug('>notify_admin')
diff --git a/auth-api/src/auth_api/services/membership.py b/auth-api/src/auth_api/services/membership.py
index 7df0b1b737..695274f71f 100644
--- a/auth-api/src/auth_api/services/membership.py
+++ b/auth-api/src/auth_api/services/membership.py
@@ -163,8 +163,7 @@ def send_notification_to_member(self, origin_url, notification_type):
             current_app.logger.error('No user contact record for user id %s', self._model.user_id)
             current_app.logger.error('<send_notification_to_member failed')
         recipient = self._model.user.contacts[0].contact.email
-        context_path = CONFIG.AUTH_WEB_TOKEN_CONFIRM_PATH
-        app_url = f'{origin_url}/{context_path}'
+        app_url = f'{origin_url}/'
         notification_type_for_mailer = ''
         data = {}
         if notification_type == NotificationType.ROLE_CHANGED.value:
diff --git a/auth-api/src/auth_api/services/org.py b/auth-api/src/auth_api/services/org.py
index 0f9ae481a5..6f7edfc539 100644
--- a/auth-api/src/auth_api/services/org.py
+++ b/auth-api/src/auth_api/services/org.py
@@ -858,7 +858,7 @@ def send_staff_review_account_reminder(relationship_id,
         task = TaskModel.find_by_task_relationship_id(task_relationship_type=task_relationship_type,
                                                       relationship_id=relationship_id)
         context_path = f'review-account/{task.id}'
-        app_url = f"{g.get('origin_url', '')}/{current_app.config.get('AUTH_WEB_TOKEN_CONFIRM_PATH')}"
+        app_url = f"{g.get('origin_url', '')}/"
         review_url = f'{app_url}/{context_path}'
         first_name = user.firstname
         last_name = user.lastname
@@ -887,7 +887,7 @@ def send_approved_rejected_notification(receipt_admin_emails, org_name, org_id,
             notification_type = QueueMessageTypes.NON_BCSC_ORG_REJECTED_NOTIFICATION.value
         else:
             return  # Don't send mail for any other status change
-        app_url = f"{origin_url}/{current_app.config.get('AUTH_WEB_TOKEN_CONFIRM_PATH')}"
+        app_url = f'{origin_url}/'
         data = {
             'accountId': org_id,
             'emailAddresses': receipt_admin_emails,
@@ -913,7 +913,7 @@ def send_approved_rejected_govm_govn_notification(receipt_admin_email, org_name,
             notification_type = QueueMessageTypes.GOVM_REJECTED_NOTIFICATION.value
         else:
             return  # Don't send mail for any other status change
-        app_url = f"{origin_url}/{current_app.config.get('AUTH_WEB_TOKEN_CONFIRM_PATH')}"
+        app_url = f'{origin_url}/'
         data = {
             'accountId': org_id,
             'emailAddresses': receipt_admin_email,
diff --git a/auth-api/src/auth_api/services/user.py b/auth-api/src/auth_api/services/user.py
index bdf16249bc..33a2c0b80f 100644
--- a/auth-api/src/auth_api/services/user.py
+++ b/auth-api/src/auth_api/services/user.py
@@ -234,7 +234,7 @@ def delete_otp_for_user(user_name, origin_url: str = None):
     def send_otp_authenticator_reset_notification(recipient_email, origin_url, org_id):
         """Send Authenticator reset notification to the user."""
         current_app.logger.debug('<send_otp_authenticator_reset_notification')
-        app_url = f"{origin_url}/{current_app.config.get('AUTH_WEB_TOKEN_CONFIRM_PATH')}"
+        app_url = f'{origin_url}/'
         context_path = 'signin/bceid'
         login_url = f'{app_url}/{context_path}'
         data = {
diff --git a/auth-api/tests/unit/services/test_affiliation_invitation.py b/auth-api/tests/unit/services/test_affiliation_invitation.py
index 31781d327d..b6f043f205 100644
--- a/auth-api/tests/unit/services/test_affiliation_invitation.py
+++ b/auth-api/tests/unit/services/test_affiliation_invitation.py
@@ -33,7 +33,6 @@
 from auth_api.models import Org as OrgModel
 from auth_api.models.dataclass import AffiliationInvitationSearch
 from auth_api.services import Affiliation as AffiliationService
-from auth_api.services import AffiliationInvitation
 from auth_api.services import AffiliationInvitation as AffiliationInvitationService
 from auth_api.services import Entity as EntityService
 from auth_api.services import Org as OrgService
@@ -679,15 +678,3 @@ def test_get_all_invitations_with_details_related_to_org(session, auth_mock, key
         assert len(result) == 2
     else:
         assert result == []
-
-
-def test_app_url():
-    """Assert app url generation is correct."""
-    full_url = AffiliationInvitation._get_app_url('https://test.com', 'abc/123')
-    assert full_url == 'https://test.com/abc/123'
-
-    full_url = AffiliationInvitation._get_app_url('https://test.com', '')
-    assert full_url == 'https://test.com'
-
-    full_url = AffiliationInvitation._get_app_url('https://test.com')
-    assert full_url == 'https://test.com'
diff --git a/queue_services/account-mailer/src/account_mailer/config.py b/queue_services/account-mailer/src/account_mailer/config.py
index 3a34c4f83e..d04eaa2879 100644
--- a/queue_services/account-mailer/src/account_mailer/config.py
+++ b/queue_services/account-mailer/src/account_mailer/config.py
@@ -123,7 +123,6 @@ class _Config():  # pylint: disable=too-few-public-methods
     WEB_APP_URL = os.getenv('WEB_APP_URL', 'localhost')
     WEB_APP_STATEMENT_PATH_URL = os.getenv('WEB_APP_STATEMENT_PATH_URL', 'account/orgId/settings/statements')
     DASHBOARD_URL = os.getenv('DASHBOARD_URL', 'localhost')
-    AUTH_WEB_TOKEN_CONFIRM_PATH = os.getenv('AUTH_WEB_TOKEN_CONFIRM_PATH')
     # PAD TOS PDF file name.
     PAD_TOS_FILE = os.getenv('PAD_TOS_FILE', 'BCROS-Business-Pre-Authorized-Debit-Agreement.pdf')
     # MHR QUALIFIED SUPPLIER PDF File name
@@ -165,7 +164,6 @@ class TestConfig(_Config):  # pylint: disable=too-few-public-methods
         default=f'postgresql://{DB_USER}:{DB_PASSWORD}@{DB_HOST}:{DB_PORT}/{DB_NAME}',
     )
 
-    AUTH_WEB_TOKEN_CONFIRM_PATH = ''
     JWT_OIDC_ISSUER = os.getenv('JWT_OIDC_TEST_ISSUER')
     # Service account details
     KEYCLOAK_SERVICE_ACCOUNT_ID = os.getenv('KEYCLOAK_TEST_ADMIN_CLIENTID')