From 34b5ec3042d187f205e080f1424b38352a4373e0 Mon Sep 17 00:00:00 2001
From: ChristianOertlin <christian.oertlin@scilifelab.se>
Date: Fri, 10 Jan 2025 09:15:12 +0100
Subject: [PATCH] Revert "feat(change token genertion towards tb api) (#4060)
 (patch)" (#4069)

This reverts commit 1ae4b671ff48972140f18fc7a0e0410645a0e8a5.
---
 cg/apps/tb/api.py        | 15 ++++++---------
 cg/models/cg_config.py   |  1 -
 cg/server/app_config.py  |  1 -
 cg/server/ext.py         |  2 --
 tests/conftest.py        |  1 -
 tests/server/conftest.py |  1 -
 6 files changed, 6 insertions(+), 15 deletions(-)

diff --git a/cg/apps/tb/api.py b/cg/apps/tb/api.py
index 7eaa9966e8..4bbcc0719b 100644
--- a/cg/apps/tb/api.py
+++ b/cg/apps/tb/api.py
@@ -4,8 +4,8 @@
 import logging
 from typing import Any
 
-from google.auth.transport.requests import Request
-from google.oauth2 import service_account
+from google.auth import jwt
+from google.auth.crypt import RSASigner
 
 from cg.apps.tb.dto.create_job_request import CreateJobRequest
 from cg.apps.tb.dto.summary_response import AnalysisSummary, SummariesResponse
@@ -46,17 +46,14 @@ class TrailblazerAPI:
     def __init__(self, config: dict):
         self.service_account = config["trailblazer"]["service_account"]
         self.service_account_auth_file = config["trailblazer"]["service_account_auth_file"]
-        self.google_client_id = config["trailblazer"]["google_client_id"]
         self.host = config["trailblazer"]["host"]
 
     @property
     def auth_header(self) -> dict:
-        credentials = service_account.IDTokenCredentials.from_service_account_file(
-            self.service_account_auth_file,
-            target_audience=self.google_client_id,
-        )
-        credentials.refresh(Request())
-        return {"Authorization": f"Bearer {credentials.token}"}
+        signer = RSASigner.from_service_account_file(self.service_account_auth_file)
+        payload = {"email": self.service_account}
+        jwt_token = jwt.encode(signer=signer, payload=payload).decode("ascii")
+        return {"Authorization": f"Bearer {jwt_token}"}
 
     def query_trailblazer(
         self, command: str, request_body: dict, method: str = APIMethods.POST
diff --git a/cg/models/cg_config.py b/cg/models/cg_config.py
index 7ccdbfdf6e..bab7e52a26 100644
--- a/cg/models/cg_config.py
+++ b/cg/models/cg_config.py
@@ -129,7 +129,6 @@ class ClientConfig(BaseModel):
 class TrailblazerConfig(BaseModel):
     service_account: str
     service_account_auth_file: str
-    google_client_id: str
     host: str
 
 
diff --git a/cg/server/app_config.py b/cg/server/app_config.py
index dc3bcfc81d..97f38b3235 100644
--- a/cg/server/app_config.py
+++ b/cg/server/app_config.py
@@ -21,7 +21,6 @@ class AppConfig(BaseSettings):
     trailblazer_host: str = "trailblazer_host"
     trailblazer_service_account: str = "service_account"
     trailblazer_service_account_auth_file: str = "auth_file.json"
-    trailblazer_google_client_id: str = "google_client_id"
     freshdesk_url: str = "https://company.freshdesk.com"
     freshdesk_api_key: str = "freshdesk_api_key"
     freshdesk_order_email_id: int = 10
diff --git a/cg/server/ext.py b/cg/server/ext.py
index bb77a7467c..a69f9ec573 100644
--- a/cg/server/ext.py
+++ b/cg/server/ext.py
@@ -68,13 +68,11 @@ def __init__(self, app=None):
     def init_app(self, app):
         service_account: str = app.config["trailblazer_service_account"]
         service_account_auth_file: str = app.config["trailblazer_service_account_auth_file"]
-        google_client_id: str = app.config["trailblazer_google_client_id"]
         host: str = app.config["trailblazer_host"]
         config = {
             "trailblazer": {
                 "service_account": service_account,
                 "service_account_auth_file": service_account_auth_file,
-                "google_client_id": google_client_id,
                 "host": host,
             }
         }
diff --git a/tests/conftest.py b/tests/conftest.py
index fc4ea1992e..79b389e3dd 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -2185,7 +2185,6 @@ def context_config(
             "host": "https://trailblazer.scilifelab.se/",
             "service_account": "SERVICE",
             "service_account_auth_file": "trailblazer-auth.json",
-            "google_client_id": "client_id",
         },
         "arnold": {"api_url": "https://arnold.scilifelab.se/"},
         "janus": {"host": "https://janus.sys.scilifelab.se/"},
diff --git a/tests/server/conftest.py b/tests/server/conftest.py
index b723db0163..373bf4dea8 100644
--- a/tests/server/conftest.py
+++ b/tests/server/conftest.py
@@ -25,7 +25,6 @@
 os.environ["GOOGLE_OAUTH_CLIENT_SECRET"] = "dummy_value"
 os.environ["TRAILBLAZER_SERVICE_ACCOUNT"] = "dummy_value"
 os.environ["TRAILBLAZER_SERVICE_ACCOUNT_AUTH_FILE"] = "dummy_value"
-os.environ["TRAILBLAZER_GOOGLE_CLIENT_ID"] = "dummy_value"
 os.environ["TRAILBLAZER_HOST"] = "dummy_value"
 os.environ["CG_SECRET_KEY"] = "dummy_value"
 os.environ["GUNICORN_BIND"] = "0.0.0.0:8000"