fix: cleanup of toggle and few custom attributes

[Akanshu-2u]

Description:

This PR focusses on the removal of the toggles and custom attributes from both EdXOAuth2.start() and update_email().

Solution:

• Removed ENABLE_OAUTH_SESSION_CLEANUP from EdXOAuth2.start().

• Removed SKIP_UPDATE_EMAIL_ON_USERNAME_MISMATCH from update_email() .

• Custom-attributes in EdXOAuth2.start():

  • Removed:

    • session_cleanup.has_request : Tracks whether a request object is available during OAuth start. This is a technical implementation detail that doesn't provide actionable insights.
    • session_cleanup.logged_out_username: Records the username that was logged out during session cleanup. Storing usernames in monitoring data may violate privacy policies.

  • Retained:

    • session_cleanup.logout_required: Tracks whether a user was authenticated before session cleanup . Critical for detecting potential session hijacking and concurrent login attempts.

• Custom-attributes in update_email():

  • Removed:

    • update_email.details_username - Privacy risk: stores personal identifiers in monitoring data.
    • update_email.user_username - Security risk: exposes usernames in monitoring dashboards.
    • update_email.details_has_email - Low value: technical detail creating monitoring noise.

  • Retained:

    • update_email.username_mismatch - Critical for security monitoring and detecting potential account takeover attempts.
    • update_email.email_updated - Essential for tracking successful email updates and operational health.

Related PRs:

• fix: added logout user before sso pipeline starts #402
• fix:bug in third party authentication email and name update #382

JIRA Ticket:

BOMS-3

[robrap]

I didn't review tests yet, but I provided some comments. Please update the version and changelog as well. It would be great to land this soon. Thank you.

Note that the changelog can be a very brief summary.

[robrap]

Let's also remove session_cleanup.logout_performed. I think session_cleanup.logout_required is close enough and has a simpler implementation.

[Akanshu-2u]

Addressed. Removed session_cleanup.logout_performed and updated test file.

[robrap]

This is highly unexpected, so let's drop this. I think we can leave the warning, but update its text. I'll add another comment.

[Akanshu-2u]

Addressed. Dropped the update_email.username_mismatch custom attribute and modified test file.

[robrap]

Let's combine the two warning logs into something like the following:

Suggested change

	"Username mismatch during email update. User username: %s, Details username: %s",
	"Unexpected username mismatch during email update. Skipping email update for user %s. User username: %s, Details username: %s",

[Akanshu-2u]

Addressed. Combined two loggers into one as per suggestion.

[robrap]

This can be removed in favor of the first log message.

[Akanshu-2u]

Addressed.

[robrap]

Minor clean-up request. Thank you.

[robrap]

I think this is the only assertion needed in the conditional. You should be able to remove the else block, and move all other assertions after (or before) the conditional, with the caveat of updating one assertion to:

mock_set_attr.assert_called_once_with('session_cleanup.logout_required', user_authenticated)

[Akanshu-2u]

Addressed.

[robrap]

In this comment, I meant that I think these could move outside the conditional as well. Is that right?

[Akanshu-2u]

No, they should not be moved outside the conditional.

These assertions test the effects of logout(request), which only executes when user_authenticated=True. When user_authenticated=False, no logout happens, so the session key doesn't change and the user was already anonymous - moving the assertions outside would test nothing changed instead of logout worked correctly.

[robrap]

@Akanshu-2u: I personally would have moved the assertions, because they should be true for both cases. From one perspective, the meaning of the assertions changes from "nothing changed" to "logout worked" depending on the test. But, from another perspective, the same assertions are true in both cases, because whether or not whether or not you start with an authenticated user, you end with an anonymous user.

It's fine to leave as-is. Or, we could follow-up with a minor PR that doesn't need to adjust changelog or version, because it would just affect tests. Either way.

[robrap]

Oops. I missed this useful assertion. You can restore this. Sorry. But the other can stay outside the conditional.

[Akanshu-2u]

Added the assertion. Thank you.

[feanil]

Thanks for the further cleanup, trusting Robert's review here, I can merge and release this one the last test request has been addressed.

[robrap]

@Akanshu-2u: In addition to the last change, can you confirm that you've tested this locally (or sandbox) and confirm that all works as expected? Switching the toggle on/off in the other service (e.g. discovery) should provide no change, and you should always get the logout from start. Thanks.

[robrap]

@Akanshu-2u: You can remove this comment. It doesn't add anything.

[Akanshu-2u]

Addressed.

[Akanshu-2u]

@Akanshu-2u: In addition to the last change, can you confirm that you've tested this locally (or sandbox) and confirm that all works as expected? Switching the toggle on/off in the other service (e.g. discovery) should provide no change, and you should always get the logout from start. Thanks.

Yes, I have tested the current changes locally as well as on sandbox. For both the cases as expeted user is getting logged out from start. So changes are working well.
Checked the custom attributes in monitorings so no reference for toggle is currently present, hence the toggle switch provides no change.
Thank you!