refactor(core): remove unused refreshMfa()
Description
refactor(core): remove unused refreshMfa()
Method for refreshing MFA in outer API is not used and it was not calling user_info_endpoint as stated in the docs. We keep MFA flag in the session so we don't need to refresh it.
BREAKING CHANGE: authzResolver/refreshMfa() removed from the API
How to test
Probably no need, but check possible usages in NGUI, CLI etc.
Author's checklist
-
I have followed the contribution guidelines -
This MR has been tested or does not change functionality -
I have added relevant merge request dependencies (if this MR has any) -
I have added the correct labels -
I have assigned reviewers (if any are relevant) -
I have edited the documentation (if the changes require it) or I have noted the need for the change if I do not have access to the documentation -
I have marked all introduced BREAKING CHANGES or necessary DEPLOYMENT NOTES in the commit message(s)
Reviewer's checklist
-
This MR has been tested or does not change functionality -
This MR has correct commit message format
Other information
This is just a change for outer API. I suggest to check also updatePrincipalMfa(sess)
and refreshMfa(sess)
in AuthzResolverBlImpl.java
. There is probably no need to refresh MFA role in session, because we do not modify ACR claim containing MFA verification flag after session creation.
Related issues
none