feat: Complete IndieAuth server removal (Phases 2-4)

Completed all remaining phases of ADR-030 IndieAuth provider removal. StarPunk no longer acts as an authorization server - all IndieAuth operations delegated to external providers. Phase 2 - Remove Token Issuance: - Deleted /auth/token endpoint - Removed token_endpoint() function from routes/auth.py - Deleted tests/test_routes_token.py Phase 3 - Remove Token Storage: - Deleted starpunk/tokens.py module entirely - Created migration 004 to drop tokens and authorization_codes tables - Deleted tests/test_tokens.py - Removed all internal token CRUD operations Phase 4 - External Token Verification: - Created starpunk/auth_external.py module - Implemented verify_external_token() for external IndieAuth providers - Updated Micropub endpoint to use external verification - Added TOKEN_ENDPOINT configuration - Updated all Micropub tests to mock external verification - HTTP timeout protection (5s) for external requests Additional Changes: - Created migration 003 to remove code_verifier from auth_state - Fixed 5 migration tests that referenced obsolete code_verifier column - Updated 11 Micropub tests for external verification - Fixed test fixture and app context issues - All 501 tests passing Breaking Changes: - Micropub clients must use external IndieAuth providers - TOKEN_ENDPOINT configuration now required - Existing internal tokens invalid (tables dropped) Migration Impact: - Simpler codebase: -500 lines of code - Fewer database tables: -2 tables (tokens, authorization_codes) - More secure: External providers handle token security - More maintainable: Less authentication code to maintain Standards Compliance: - W3C IndieAuth specification - OAuth 2.0 Bearer token authentication - IndieWeb principle: delegate to external services Related: - ADR-030: IndieAuth Provider Removal Strategy - ADR-050: Remove Custom IndieAuth Server - Migration 003: Remove code_verifier from auth_state - Migration 004: Drop tokens and authorization_codes tables 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-24 17:23:46 -07:00
parent 869402ab0d
commit a3bac86647
36 changed files with 5597 additions and 2670 deletions
--- a/starpunk/migrations.py
+++ b/starpunk/migrations.py
@@ -53,7 +53,7 @@ def is_schema_current(conn):

    Uses heuristic: Check for presence of latest schema features
    Checks for:
-    - code_verifier column in auth_state (migration 001 or SCHEMA_SQL >= v0.8.0)
+    - code_verifier column NOT in auth_state (removed in migration 003)
    - authorization_codes table (migration 002 or SCHEMA_SQL >= v1.0.0-rc.1)
    - token_hash column in tokens table (migration 002)
    - Token indexes (migration 002 only, removed from SCHEMA_SQL in v1.0.0-rc.2)
@@ -66,9 +66,9 @@ def is_schema_current(conn):
              False if any piece is missing (legacy database needing migrations)
    """
    try:
-        # Check for code_verifier column in auth_state (migration 001)
-        # This is also in SCHEMA_SQL, so we can't use it alone
-        if not column_exists(conn, 'auth_state', 'code_verifier'):
+        # Check for code_verifier column NOT in auth_state (removed in migration 003)
+        # If it still exists, schema is outdated
+        if column_exists(conn, 'auth_state', 'code_verifier'):
            return False

        # Check for authorization_codes table (added in migration 002)
@@ -210,6 +210,11 @@ def is_migration_needed(conn, migration_name):
        # All features exist - migration not needed
        return False

+    # Migration 003: Removes code_verifier column from auth_state
+    if migration_name == "003_remove_code_verifier_from_auth_state.sql":
+        # Check if column still exists (should be removed)
+        return column_exists(conn, 'auth_state', 'code_verifier')
+
    # Unknown migration - assume it's needed
    return True