providers/oauth2: show id_token issues for refresh token

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-06-02 22:04:19 +02:00
parent 4d773274d4
commit cec47c3cfc
8 changed files with 144 additions and 20 deletions
--- a/web/src/elements/oauth/UserRefreshList.ts
+++ b/web/src/elements/oauth/UserRefreshList.ts
@ -1,19 +1,26 @@
 import { t } from "@lingui/macro";
-import { customElement, html, property, TemplateResult } from "lit-element";
+import { CSSResult, customElement, html, property, TemplateResult } from "lit-element";
 import { AKResponse } from "../../api/Client";
 import { Table, TableColumn } from "../table/Table";
+import PFFlex from "@patternfly/patternfly/layouts/Flex/flex.css";

 import "../forms/DeleteForm";
 import { PAGE_SIZE } from "../../constants";
-import { ExpiringBaseGrantModel, Oauth2Api } from "authentik-api";
+import { RefreshTokenModel, Oauth2Api } from "authentik-api";
 import { DEFAULT_CONFIG } from "../../api/Config";

@customElement("ak-user-oauth-refresh-list")
-export class UserOAuthRefreshList extends Table<ExpiringBaseGrantModel> {
+export class UserOAuthRefreshList extends Table<RefreshTokenModel> {
+    expandable = true;
+
    @property({ type: Number })
    userId?: number;

-    apiEndpoint(page: number): Promise<AKResponse<ExpiringBaseGrantModel>> {
+    static get styles(): CSSResult[] {
+        return super.styles.concat(PFFlex);
+    }
+
+    apiEndpoint(page: number): Promise<AKResponse<RefreshTokenModel>> {
        return new Oauth2Api(DEFAULT_CONFIG).oauth2RefreshTokensList({
            user: this.userId,
            ordering: "expires",
@ -33,7 +40,24 @@ export class UserOAuthRefreshList extends Table<ExpiringBaseGrantModel> {
        ];
    }

-    row(item: ExpiringBaseGrantModel): TemplateResult[] {
+    renderExpanded(item: RefreshTokenModel): TemplateResult {
+        return html`
+        <td role="cell" colspan="4">
+            <div class="pf-c-table__expandable-row-content">
+                <div class="pf-l-flex">
+                    <div class="pf-l-flex__item">
+                        <h3>${t`ID Token`}</h3>
+                        <pre>${item.idToken}</pre>
+                    </div>
+                </div>
+            </div>
+        </td>
+        <td></td>
+        <td></td>
+        <td></td>`;
+    }
+
+    row(item: RefreshTokenModel): TemplateResult[] {
        return [
            html`<a href="#/core/providers/${item.provider?.pk}">
                ${item.provider?.name}
--- a/web/src/locales/en.po
+++ b/web/src/locales/en.po
@ -1717,6 +1717,10 @@ msgstr "How many attempts a user has before the flow is canceled. To lock the us
 msgid "ID"
 msgstr "ID"

+#: src/elements/oauth/UserRefreshList.ts
+msgid "ID Token"
+msgstr "ID Token"
+
 #: src/pages/policies/reputation/IPReputationListPage.ts
 msgid "IP"
 msgstr "IP"
--- a/web/src/locales/pseudo-LOCALE.po
+++ b/web/src/locales/pseudo-LOCALE.po
@ -1709,6 +1709,10 @@ msgstr ""
 msgid "ID"
 msgstr ""

+#: 
+msgid "ID Token"
+msgstr ""
+
 #: 
 msgid "IP"
 msgstr ""
--- a/web/src/pages/users/UserViewPage.ts
+++ b/web/src/pages/users/UserViewPage.ts
@ -197,7 +197,7 @@ export class UserViewPage extends LitElement {
                    <div class="pf-c-card">
                        <div class="pf-c-card__body">
                            <ak-object-changelog
-                                targetModelPk=${this.user.pk || 0}
+                                targetModelPk=${this.user.pk}
                                targetModelApp="authentik_core"
                                targetModelName="user">
                            </ak-object-changelog>
@ -207,7 +207,7 @@ export class UserViewPage extends LitElement {
                <section slot="page-consent" data-tab-title="${t`Explicit Consent`}" class="pf-c-page__main-section pf-m-no-padding-mobile">
                    <div class="pf-c-card">
                        <div class="pf-c-card__body">
-                            <ak-user-consent-list userId=${(this.user.pk || 0)}>
+                            <ak-user-consent-list userId=${(this.user.pk)}>
                            </ak-user-consent-list>
                        </div>
                    </div>
@ -215,7 +215,7 @@ export class UserViewPage extends LitElement {
                <section slot="page-oauth-code" data-tab-title="${t`OAuth Authorization Codes`}" class="pf-c-page__main-section pf-m-no-padding-mobile">
                    <div class="pf-c-card">
                        <div class="pf-c-card__body">
-                            <ak-user-oauth-code-list userId=${this.user.pk || 0}>
+                            <ak-user-oauth-code-list userId=${this.user.pk}>
                            </ak-user-oauth-code-list>
                        </div>
                    </div>
@ -223,7 +223,7 @@ export class UserViewPage extends LitElement {
                <section slot="page-oauth-refresh" data-tab-title="${t`OAuth Refresh Codes`}" class="pf-c-page__main-section pf-m-no-padding-mobile">
                    <div class="pf-c-card">
                        <div class="pf-c-card__body">
-                            <ak-user-oauth-refresh-list userId=${this.user.pk || 0}>
+                            <ak-user-oauth-refresh-list userId=${this.user.pk}>
                            </ak-user-oauth-refresh-list>
                        </div>
                    </div>