Remove OAuth token exchange (#161)

Author: ericmj

src/hex_api_oauth.erl

@@ -5,7 +5,6 @@
     device_authorization/3,
     device_authorization/4,
     poll_device_token/3,
-    exchange_token/4,
     refresh_token/3,
     revoke_token/3
 ]).
@@ -90,34 +89,6 @@ poll_device_token(Config, ClientId, DeviceCode) ->
     },
     hex_api:post(Config, Path, Params).
 
-%% @doc
-%% Exchanges a token for a new token with different scopes using RFC 8693 token exchange.
-%%
-%% Examples:
-%%
-%% ```
-%% 1> Config = hex_core:default_config().
-%% 2> hex_api_oauth:exchange_token(Config, <<"cli">>, SubjectToken, <<"api:write">>).
-%% {ok, {200, _, #{
-%%     <<"access_token">> => <<"...">>,
-%%     <<"refresh_token">> => <<"...">>,
-%%     <<"token_type">> => <<"Bearer">>,
-%%     <<"expires_in">> => 3600
-%% }}}
-%% '''
-%% @end
--spec exchange_token(hex_core:config(), binary(), binary(), binary()) -> hex_api:response().
-exchange_token(Config, ClientId, SubjectToken, Scope) ->
-    Path = <<"oauth/token">>,
-    Params = #{
-        <<"grant_type">> => <<"urn:ietf:params:oauth:grant-type:token-exchange">>,
-        <<"subject_token">> => SubjectToken,
-        <<"subject_token_type">> => <<"urn:ietf:params:oauth:token-type:access_token">>,
-        <<"client_id">> => ClientId,
-        <<"scope">> => Scope
-    },
-    hex_api:post(Config, Path, Params).
-
 %% @doc
 %% Refreshes an access token using a refresh token.
 %%

test/hex_api_SUITE.erl

@@ -20,7 +20,7 @@ suite() ->
 
 all() ->
     [package_test, release_test, replace_test, user_test, owner_test, keys_test, auth_test, short_url_test,
-     oauth_device_flow_test, oauth_token_exchange_test, oauth_refresh_token_test, oauth_revoke_test,
+     oauth_device_flow_test, oauth_refresh_token_test, oauth_revoke_test,
      publish_with_expect_header_test, publish_without_expect_header_test].
 
 package_test(_Config) ->
@@ -132,21 +132,6 @@ oauth_device_flow_test(_Config) ->
     #{<<"error">> := <<"authorization_pending">>} = PollResponse,
     ok.
 
-oauth_token_exchange_test(_Config) ->
-    % Test token exchange
-    ClientId = <<"cli">>,
-    SubjectToken = <<"test_api_key">>,
-    Scope = <<"api:read">>,
-    {ok, {200, _, TokenResponse}} = hex_api_oauth:exchange_token(?CONFIG, ClientId, SubjectToken, Scope),
-    #{
-        <<"access_token">> := AccessToken,
-        <<"token_type">> := <<"Bearer">>,
-        <<"expires_in">> := ExpiresIn
-    } = TokenResponse,
-    ?assert(is_binary(AccessToken)),
-    ?assert(is_integer(ExpiresIn)),
-    ok.
-
 oauth_refresh_token_test(_Config) ->
     % Test token refresh
     ClientId = <<"cli">>,