Revert "jwt: add user roles to the jwt token."

This reverts commit 0582565fa7db4b95e86fb0dde8d83e3170e566a7.

Adding the user roles to the token makes the token ridiculously
large. Rather than doing that, we'll use an endpoint on the auth
server to get the user roles and privileges instead.

1 files changed, 1 insertions, 23 deletions

diff --git a/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py b/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py
index b96febb..b9d1379 100644
--- a/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py
+++ b/gn_auth/auth/authentication/oauth2/grants/jwt_bearer_grant.py
@@ -11,22 +11,6 @@ from authlib.oauth2.rfc7523.token import (
 
 from gn_auth.auth.db.sqlite3 import with_db_connection
 from gn_auth.auth.authentication.users import user_by_id
-from gn_auth.auth.authorisation.roles.models import user_roles
-
-
-def convert_uuids_to_string(srcdict: dict) -> dict:
-    """
-    Convert *ALL* UUID objects in a dict to strings.
-
-    `json.dumps` does not encode UUID objects by default.
-    """
-    def uuid2str(key, value):
-        if isinstance(value, dict):
-            return (key, convert_uuids_to_string(value))
-        if isinstance(value, uuid.UUID):
-            return (key, str(value))
-        return (key, value)
-    return dict(tuple(uuid2str(_key, _val) for _key, _val in srcdict.items()))
 
 
 class JWTBearerTokenGenerator(_JWTBearerTokenGenerator):
@@ -48,13 +32,7 @@ class JWTBearerTokenGenerator(_JWTBearerTokenGenerator):
                 for key, value in tokendata.items()
             },
             "sub": str(tokendata["sub"]),
-            "jti": str(uuid.uuid4()),
-            "gn:auth:user:roles": tuple(convert_uuids_to_string({
-                **item,
-                "roles": tuple(convert_uuids_to_string(asdict(role))
-                               for role in item["roles"])
-            }) for item in with_db_connection(
-                lambda conn: user_roles(conn, user)))
+            "jti": str(uuid.uuid4())
         }