Auth: Merge ActiveAuthTokenService into UserAuthTokenService (#59032)

* Auth: Merge UserTokenService and ActiveAuthTokenService

* Auth: Rename function

pkg/api/common_test.go

@@ -214,7 +214,7 @@ func getContextHandler(t *testing.T, cfg *setting.Cfg) *contexthandler.ContextHa
 	authProxy := authproxy.ProvideAuthProxy(cfg, remoteCacheSvc, loginservice.LoginServiceMock{}, &usertest.FakeUserService{}, sqlStore)
 	loginService := &logintest.LoginServiceFake{}
 	authenticator := &logintest.AuthenticatorFake{}
-	ctxHdlr := contexthandler.ProvideService(cfg, userAuthTokenSvc, authJWTSvc, remoteCacheSvc, renderSvc, sqlStore, tracer, authProxy, loginService, nil, authenticator, usertest.NewUserServiceFake(), orgtest.NewOrgServiceFake(), nil, featuremgmt.WithFeatures(), nil)
+	ctxHdlr := contexthandler.ProvideService(cfg, userAuthTokenSvc, authJWTSvc, remoteCacheSvc, renderSvc, sqlStore, tracer, authProxy, loginService, nil, authenticator, usertest.NewUserServiceFake(), orgtest.NewOrgServiceFake(), nil, featuremgmt.WithFeatures())
 
 	return ctxHdlr
 }

pkg/cmd/grafana-cli/runner/wire.go

@@ -51,8 +51,6 @@ import (
 	"github.com/grafana/grafana/pkg/services/accesscontrol/acimpl"
 	"github.com/grafana/grafana/pkg/services/accesscontrol/ossaccesscontrol"
 	"github.com/grafana/grafana/pkg/services/alerting"
-	"github.com/grafana/grafana/pkg/services/auth"
-	"github.com/grafana/grafana/pkg/services/auth/authimpl"
 	"github.com/grafana/grafana/pkg/services/auth/jwt"
 	"github.com/grafana/grafana/pkg/services/cleanup"
 	"github.com/grafana/grafana/pkg/services/comments"
@@ -253,8 +251,6 @@ var wireSet = wire.NewSet(
 	influxdb.ProvideService,
 	wire.Bind(new(social.Service), new(*social.SocialService)),
 	oauthtoken.ProvideService,
-	authimpl.ProvideActiveAuthTokenService,
-	wire.Bind(new(auth.ActiveTokenService), new(*authimpl.ActiveAuthTokenService)),
 	wire.Bind(new(oauthtoken.OAuthTokenService), new(*oauthtoken.Service)),
 	tempo.ProvideService,
 	loki.ProvideService,

pkg/middleware/middleware_test.go

@@ -875,7 +875,7 @@ func getContextHandler(t *testing.T, cfg *setting.Cfg, mockSQLStore *dbtest.Fake
 	tracer := tracing.InitializeTracerForTest()
 	authProxy := authproxy.ProvideAuthProxy(cfg, remoteCacheSvc, loginService, userService, mockSQLStore)
 	authenticator := &logintest.AuthenticatorFake{ExpectedUser: &user.User{}}
-	return contexthandler.ProvideService(cfg, userAuthTokenSvc, authJWTSvc, remoteCacheSvc, renderSvc, mockSQLStore, tracer, authProxy, loginService, apiKeyService, authenticator, userService, orgService, oauthTokenService, featuremgmt.WithFeatures(featuremgmt.FlagAccessTokenExpirationCheck), nil)
+	return contexthandler.ProvideService(cfg, userAuthTokenSvc, authJWTSvc, remoteCacheSvc, renderSvc, mockSQLStore, tracer, authProxy, loginService, apiKeyService, authenticator, userService, orgService, oauthTokenService, featuremgmt.WithFeatures(featuremgmt.FlagAccessTokenExpirationCheck))
 }
 
 type fakeRenderService struct {

pkg/server/wire.go

@@ -48,8 +48,6 @@ import (
 	"github.com/grafana/grafana/pkg/services/annotations"
 	"github.com/grafana/grafana/pkg/services/annotations/annotationsimpl"
 	"github.com/grafana/grafana/pkg/services/apikey/apikeyimpl"
-	"github.com/grafana/grafana/pkg/services/auth"
-	"github.com/grafana/grafana/pkg/services/auth/authimpl"
 	"github.com/grafana/grafana/pkg/services/auth/jwt"
 	"github.com/grafana/grafana/pkg/services/cleanup"
 	"github.com/grafana/grafana/pkg/services/comments"
@@ -271,8 +269,6 @@ var wireBasicSet = wire.NewSet(
 	influxdb.ProvideService,
 	wire.Bind(new(social.Service), new(*social.SocialService)),
 	oauthtoken.ProvideService,
-	authimpl.ProvideActiveAuthTokenService,
-	wire.Bind(new(auth.ActiveTokenService), new(*authimpl.ActiveAuthTokenService)),
 	wire.Bind(new(oauthtoken.OAuthTokenService), new(*oauthtoken.Service)),
 	tempo.ProvideService,
 	loki.ProvideService,

pkg/services/auth/auth.go

@@ -16,10 +16,6 @@ const (
 	QuotaTarget    quota.Target    = "session"
 )
 
-type ActiveTokenService interface {
-	ActiveTokenCount(ctx context.Context, _ *quota.ScopeParameters) (*quota.Map, error)
-}
-
 // Typed errors
 var (
 	ErrUserTokenNotFound = errors.New("user token not found")

pkg/services/auth/authimpl/auth_token.go

@@ -18,40 +18,17 @@ import (
 	"github.com/grafana/grafana/pkg/util"
 )
 
-const ServiceName = "UserAuthTokenService"
+const urgentRotateTime = 1 * time.Minute
 
 var getTime = time.Now
 
-const urgentRotateTime = 1 * time.Minute
+func ProvideUserAuthTokenService(sqlStore db.DB, cfg *setting.Cfg, serverLockService *serverlock.ServerLockService, quotaService quota.Service) (*UserAuthTokenService, error) {
-
-func ProvideUserAuthTokenService(sqlStore db.DB, serverLockService *serverlock.ServerLockService,
-	cfg *setting.Cfg) *UserAuthTokenService {
 	s := &UserAuthTokenService{
-		SQLStore:          sqlStore,
+		sqlStore:          sqlStore,
-		ServerLockService: serverLockService,
+		serverLockService: serverLockService,
-		Cfg:               cfg,
+		cfg:               cfg,
 		log:               log.New("auth"),
 	}
-	return s
-}
-
-type UserAuthTokenService struct {
-	SQLStore          db.DB
-	ServerLockService *serverlock.ServerLockService
-	Cfg               *setting.Cfg
-	log               log.Logger
-}
-
-type ActiveAuthTokenService struct {
-	cfg      *setting.Cfg
-	sqlStore db.DB
-}
-
-func ProvideActiveAuthTokenService(cfg *setting.Cfg, sqlStore db.DB, quotaService quota.Service) (*ActiveAuthTokenService, error) {
-	s := &ActiveAuthTokenService{
-		cfg:      cfg,
-		sqlStore: sqlStore,
-	}
 
 	defaultLimits, err := readQuotaConfig(cfg)
 	if err != nil {
@@ -61,7 +38,7 @@ func ProvideActiveAuthTokenService(cfg *setting.Cfg, sqlStore db.DB, quotaServic
 	if err := quotaService.RegisterQuotaReporter(&quota.NewUsageReporter{
 		TargetSrv:     auth.QuotaTargetSrv,
 		DefaultLimits: defaultLimits,
-		Reporter:      s.ActiveTokenCount,
+		Reporter:      s.reportActiveTokenCount,
 	}); err != nil {
 		return s, err
 	}
@@ -69,27 +46,11 @@ func ProvideActiveAuthTokenService(cfg *setting.Cfg, sqlStore db.DB, quotaServic
 	return s, nil
 }
 
-func (a *ActiveAuthTokenService) ActiveTokenCount(ctx context.Context, _ *quota.ScopeParameters) (*quota.Map, error) {
+type UserAuthTokenService struct {
-	var count int64
+	sqlStore          db.DB
-	var err error
+	serverLockService *serverlock.ServerLockService
-	err = a.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	cfg               *setting.Cfg
-		var model userAuthToken
+	log               log.Logger
-		count, err = dbSession.Where(`created_at > ? AND rotated_at > ? AND revoked_at = 0`,
-			getTime().Add(-a.cfg.LoginMaxLifetime).Unix(),
-			getTime().Add(-a.cfg.LoginMaxInactiveLifetime).Unix()).
-			Count(&model)
-
-		return err
-	})
-
-	tag, err := quota.NewTag(auth.QuotaTargetSrv, auth.QuotaTarget, quota.GlobalScope)
-	if err != nil {
-		return nil, err
-	}
-	u := &quota.Map{}
-	u.Set(tag, count)
-
-	return u, err
 }
 
 func (s *UserAuthTokenService) CreateToken(ctx context.Context, user *user.User, clientIP net.IP, userAgent string) (*auth.UserToken, error) {
@@ -120,7 +81,7 @@ func (s *UserAuthTokenService) CreateToken(ctx context.Context, user *user.User,
 		AuthTokenSeen: false,
 	}
 
-	err = s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	err = s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 		_, err = dbSession.Insert(&userAuthToken)
 		return err
 	})
@@ -145,7 +106,7 @@ func (s *UserAuthTokenService) LookupToken(ctx context.Context, unhashedToken st
 	var model userAuthToken
 	var exists bool
 	var err error
-	err = s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	err = s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 		exists, err = dbSession.Where("(auth_token = ? OR prev_auth_token = ?)",
 			hashedToken,
 			hashedToken).
@@ -185,7 +146,7 @@ func (s *UserAuthTokenService) LookupToken(ctx context.Context, unhashedToken st
 		expireBefore := getTime().Add(-urgentRotateTime).Unix()
 
 		var affectedRows int64
-		err = s.SQLStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
+		err = s.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
 			affectedRows, err = dbSession.Where("id = ? AND prev_auth_token = ? AND rotated_at < ?",
 				modelCopy.Id,
 				modelCopy.PrevAuthToken,
@@ -212,7 +173,7 @@ func (s *UserAuthTokenService) LookupToken(ctx context.Context, unhashedToken st
 		modelCopy.SeenAt = getTime().Unix()
 
 		var affectedRows int64
-		err = s.SQLStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
+		err = s.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
 			affectedRows, err = dbSession.Where("id = ? AND auth_token = ?",
 				modelCopy.Id,
 				modelCopy.AuthToken).
@@ -260,7 +221,7 @@ func (s *UserAuthTokenService) TryRotateToken(ctx context.Context, token *auth.U
 	var needsRotation bool
 	rotatedAt := time.Unix(model.RotatedAt, 0)
 	if model.AuthTokenSeen {
-		needsRotation = rotatedAt.Before(now.Add(-time.Duration(s.Cfg.TokenRotationIntervalMinutes) * time.Minute))
+		needsRotation = rotatedAt.Before(now.Add(-time.Duration(s.cfg.TokenRotationIntervalMinutes) * time.Minute))
 	} else {
 		needsRotation = rotatedAt.Before(now.Add(-urgentRotateTime))
 	}
@@ -296,9 +257,9 @@ func (s *UserAuthTokenService) TryRotateToken(ctx context.Context, token *auth.U
 		WHERE id = ? AND (auth_token_seen = ? OR rotated_at < ?)`
 
 	var affected int64
-	err = s.SQLStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
+	err = s.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
-		res, err := dbSession.Exec(sql, userAgent, clientIPStr, s.SQLStore.GetDialect().BooleanStr(true), hashedToken,
+		res, err := dbSession.Exec(sql, userAgent, clientIPStr, s.sqlStore.GetDialect().BooleanStr(true), hashedToken,
-			s.SQLStore.GetDialect().BooleanStr(false), now.Unix(), model.Id, s.SQLStore.GetDialect().BooleanStr(true),
+			s.sqlStore.GetDialect().BooleanStr(false), now.Unix(), model.Id, s.sqlStore.GetDialect().BooleanStr(true),
 			now.Add(-30*time.Second).Unix())
 		if err != nil {
 			return err
@@ -338,12 +299,12 @@ func (s *UserAuthTokenService) RevokeToken(ctx context.Context, token *auth.User
 
 	if soft {
 		model.RevokedAt = getTime().Unix()
-		err = s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+		err = s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 			rowsAffected, err = dbSession.ID(model.Id).Update(model)
 			return err
 		})
 	} else {
-		err = s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+		err = s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 			rowsAffected, err = dbSession.Delete(model)
 			return err
 		})
@@ -366,7 +327,7 @@ func (s *UserAuthTokenService) RevokeToken(ctx context.Context, token *auth.User
 }
 
 func (s *UserAuthTokenService) RevokeAllUserTokens(ctx context.Context, userId int64) error {
-	return s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	return s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 		sql := `DELETE from user_auth_token WHERE user_id = ?`
 		res, err := dbSession.Exec(sql, userId)
 		if err != nil {
@@ -385,7 +346,7 @@ func (s *UserAuthTokenService) RevokeAllUserTokens(ctx context.Context, userId i
 }
 
 func (s *UserAuthTokenService) BatchRevokeAllUserTokens(ctx context.Context, userIds []int64) error {
-	return s.SQLStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
+	return s.sqlStore.WithTransactionalDbSession(ctx, func(dbSession *db.Session) error {
 		if len(userIds) == 0 {
 			return nil
 		}
@@ -416,7 +377,7 @@ func (s *UserAuthTokenService) BatchRevokeAllUserTokens(ctx context.Context, use
 
 func (s *UserAuthTokenService) GetUserToken(ctx context.Context, userId, userTokenId int64) (*auth.UserToken, error) {
 	var result auth.UserToken
-	err := s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	err := s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 		var token userAuthToken
 		exists, err := dbSession.Where("id = ? AND user_id = ?", userTokenId, userId).Get(&token)
 		if err != nil {
@@ -435,7 +396,7 @@ func (s *UserAuthTokenService) GetUserToken(ctx context.Context, userId, userTok
 
 func (s *UserAuthTokenService) GetUserTokens(ctx context.Context, userId int64) ([]*auth.UserToken, error) {
 	result := []*auth.UserToken{}
-	err := s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	err := s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 		var tokens []*userAuthToken
 		err := dbSession.Where("user_id = ? AND created_at > ? AND rotated_at > ? AND revoked_at = 0",
 			userId,
@@ -462,7 +423,7 @@ func (s *UserAuthTokenService) GetUserTokens(ctx context.Context, userId int64)
 
 func (s *UserAuthTokenService) GetUserRevokedTokens(ctx context.Context, userId int64) ([]*auth.UserToken, error) {
 	result := []*auth.UserToken{}
-	err := s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	err := s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 		var tokens []*userAuthToken
 		err := dbSession.Where("user_id = ? AND revoked_at > 0", userId).Find(&tokens)
 		if err != nil {
@@ -483,12 +444,35 @@ func (s *UserAuthTokenService) GetUserRevokedTokens(ctx context.Context, userId
 	return result, err
 }
 
+func (s *UserAuthTokenService) reportActiveTokenCount(ctx context.Context, _ *quota.ScopeParameters) (*quota.Map, error) {
+	var count int64
+	var err error
+	err = s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+		var model userAuthToken
+		count, err = dbSession.Where(`created_at > ? AND rotated_at > ? AND revoked_at = 0`,
+			getTime().Add(-s.cfg.LoginMaxLifetime).Unix(),
+			getTime().Add(-s.cfg.LoginMaxInactiveLifetime).Unix()).
+			Count(&model)
+
+		return err
+	})
+
+	tag, err := quota.NewTag(auth.QuotaTargetSrv, auth.QuotaTarget, quota.GlobalScope)
+	if err != nil {
+		return nil, err
+	}
+	u := &quota.Map{}
+	u.Set(tag, count)
+
+	return u, err
+}
+
 func (s *UserAuthTokenService) createdAfterParam() int64 {
-	return getTime().Add(-s.Cfg.LoginMaxLifetime).Unix()
+	return getTime().Add(-s.cfg.LoginMaxLifetime).Unix()
 }
 
 func (s *UserAuthTokenService) rotatedAfterParam() int64 {
-	return getTime().Add(-s.Cfg.LoginMaxInactiveLifetime).Unix()
+	return getTime().Add(-s.cfg.LoginMaxInactiveLifetime).Unix()
 }
 
 func hashToken(token string) string {

pkg/services/auth/authimpl/auth_token_test.go

@@ -41,7 +41,7 @@ func TestUserAuthToken(t *testing.T) {
 		userToken := createToken()
 
 		t.Run("Can count active tokens", func(t *testing.T) {
-			m, err := ctx.activeTokenService.ActiveTokenCount(context.Background(), &quota.ScopeParameters{})
+			m, err := ctx.tokenService.reportActiveTokenCount(context.Background(), &quota.ScopeParameters{})
 			require.Nil(t, err)
 			tag, err := quota.NewTag(auth.QuotaTargetSrv, auth.QuotaTarget, quota.GlobalScope)
 			require.NoError(t, err)
@@ -213,7 +213,7 @@ func TestUserAuthToken(t *testing.T) {
 			require.Nil(t, notGood)
 
 			t.Run("should not find active token when expired", func(t *testing.T) {
-				m, err := ctx.activeTokenService.ActiveTokenCount(context.Background(), &quota.ScopeParameters{})
+				m, err := ctx.tokenService.reportActiveTokenCount(context.Background(), &quota.ScopeParameters{})
 				require.Nil(t, err)
 				tag, err := quota.NewTag(auth.QuotaTargetSrv, auth.QuotaTarget, quota.GlobalScope)
 				require.NoError(t, err)
@@ -550,27 +550,20 @@ func createTestContext(t *testing.T) *testContext {
 	}
 
 	tokenService := &UserAuthTokenService{
-		SQLStore: sqlstore,
+		sqlStore: sqlstore,
-		Cfg:      cfg,
+		cfg:      cfg,
 		log:      log.New("test-logger"),
 	}
 
-	activeTokenService := &ActiveAuthTokenService{
-		cfg:      cfg,
-		sqlStore: sqlstore,
-	}
-
 	return &testContext{
-		sqlstore:           sqlstore,
+		sqlstore:     sqlstore,
-		tokenService:       tokenService,
+		tokenService: tokenService,
-		activeTokenService: activeTokenService,
 	}
 }
 
 type testContext struct {
-	sqlstore           db.DB
+	sqlstore     db.DB
-	tokenService       *UserAuthTokenService
+	tokenService *UserAuthTokenService
-	activeTokenService *ActiveAuthTokenService
 }
 
 func (c *testContext) getAuthTokenByID(id int64) (*userAuthToken, error) {

pkg/services/auth/authimpl/token_cleanup.go

@@ -9,10 +9,10 @@ import (
 
 func (s *UserAuthTokenService) Run(ctx context.Context) error {
 	ticker := time.NewTicker(time.Hour)
-	maxInactiveLifetime := s.Cfg.LoginMaxInactiveLifetime
+	maxInactiveLifetime := s.cfg.LoginMaxInactiveLifetime
-	maxLifetime := s.Cfg.LoginMaxLifetime
+	maxLifetime := s.cfg.LoginMaxLifetime
 
-	err := s.ServerLockService.LockAndExecute(ctx, "cleanup expired auth tokens", time.Hour*12, func(context.Context) {
+	err := s.serverLockService.LockAndExecute(ctx, "cleanup expired auth tokens", time.Hour*12, func(context.Context) {
 		if _, err := s.deleteExpiredTokens(ctx, maxInactiveLifetime, maxLifetime); err != nil {
 			s.log.Error("An error occurred while deleting expired tokens", "err", err)
 		}
@@ -24,7 +24,7 @@ func (s *UserAuthTokenService) Run(ctx context.Context) error {
 	for {
 		select {
 		case <-ticker.C:
-			err = s.ServerLockService.LockAndExecute(ctx, "cleanup expired auth tokens", time.Hour*12, func(context.Context) {
+			err = s.serverLockService.LockAndExecute(ctx, "cleanup expired auth tokens", time.Hour*12, func(context.Context) {
 				if _, err := s.deleteExpiredTokens(ctx, maxInactiveLifetime, maxLifetime); err != nil {
 					s.log.Error("An error occurred while deleting expired tokens", "err", err)
 				}
@@ -46,7 +46,7 @@ func (s *UserAuthTokenService) deleteExpiredTokens(ctx context.Context, maxInact
 	s.log.Debug("starting cleanup of expired auth tokens", "createdBefore", createdBefore, "rotatedBefore", rotatedBefore)
 
 	var affected int64
-	err := s.SQLStore.WithDbSession(ctx, func(dbSession *db.Session) error {
+	err := s.sqlStore.WithDbSession(ctx, func(dbSession *db.Session) error {
 		sql := `DELETE from user_auth_token WHERE created_at <= ? OR rotated_at <= ?`
 		res, err := dbSession.Exec(sql, createdBefore.Unix(), rotatedBefore.Unix())
 		if err != nil {

pkg/services/auth/authimpl/token_cleanup_test.go

@@ -16,8 +16,8 @@ func TestUserAuthTokenCleanup(t *testing.T) {
 		ctx := createTestContext(t)
 		maxInactiveLifetime, _ := time.ParseDuration("168h")
 		maxLifetime, _ := time.ParseDuration("720h")
-		ctx.tokenService.Cfg.LoginMaxInactiveLifetime = maxInactiveLifetime
+		ctx.tokenService.cfg.LoginMaxInactiveLifetime = maxInactiveLifetime
-		ctx.tokenService.Cfg.LoginMaxLifetime = maxLifetime
+		ctx.tokenService.cfg.LoginMaxLifetime = maxLifetime
 		return ctx
 	}
 

pkg/services/contexthandler/auth_proxy_test.go

@@ -104,7 +104,7 @@ func getContextHandler(t *testing.T) *ContextHandler {
 
 	return ProvideService(cfg, userAuthTokenSvc, authJWTSvc, remoteCacheSvc,
 		renderSvc, sqlStore, tracer, authProxy, loginService, nil, authenticator,
-		&userService, orgService, nil, nil, nil)
+		&userService, orgService, nil, nil)
 }
 
 type FakeGetSignUserStore struct {

pkg/services/contexthandler/contexthandler.go

@@ -49,11 +49,6 @@ func ProvideService(cfg *setting.Cfg, tokenService auth.UserTokenService, jwtSer
 	tracer tracing.Tracer, authProxy *authproxy.AuthProxy, loginService login.Service,
 	apiKeyService apikey.Service, authenticator loginpkg.Authenticator, userService user.Service,
 	orgService org.Service, oauthTokenService oauthtoken.OAuthTokenService, features *featuremgmt.FeatureManager,
-	// before 9.3.0 the quota service used to depend on on the ActiveTokenService
-	// since 9.3.0 after the quota refactoring ActiveTokenService depends on the quota
-	// therefore it's added to avoid cycle dependencies
-	// since it's used only by the middleware for enforcing quota limits.
-	activeTokenService auth.ActiveTokenService,
 ) *ContextHandler {
 	return &ContextHandler{
 		Cfg:               cfg,

pkg/services/quota/quotaimpl/quota_test.go

@@ -465,7 +465,7 @@ func getQuotaBySrvTargetScope(t *testing.T, quotaService quota.Service, srv quot
 func setupEnv(t *testing.T, sqlStore *sqlstore.SQLStore, b bus.Bus, quotaService quota.Service) {
 	_, err := apikeyimpl.ProvideService(sqlStore, sqlStore.Cfg, quotaService)
 	require.NoError(t, err)
-	_, err = authimpl.ProvideActiveAuthTokenService(sqlStore.Cfg, sqlStore, quotaService)
+	_, err = authimpl.ProvideUserAuthTokenService(sqlStore, sqlStore.Cfg, nil, quotaService)
 	require.NoError(t, err)
 	_, err = dashboardStore.ProvideDashboardStore(sqlStore, sqlStore.Cfg, featuremgmt.WithFeatures(), tagimpl.ProvideService(sqlStore, sqlStore.Cfg), quotaService)
 	require.NoError(t, err)