From f115f77df8302f35f37fde3a87362f4f94600ce1 Mon Sep 17 00:00:00 2001 From: James Elliott Date: Mon, 11 Jul 2022 16:24:09 +1000 Subject: [PATCH] fix(web): offline_access consent description (#3679) --- internal/configuration/validator/const.go | 2 +- internal/handlers/const.go | 4 ---- internal/handlers/response.go | 4 +++- internal/middlewares/util.go | 15 +++++++++++++++ internal/server/asset.go | 4 +++- internal/server/locales/en/portal.json | 1 + .../views/LoginPortal/ConsentView/ConsentView.tsx | 6 +++++- 7 files changed, 28 insertions(+), 8 deletions(-) create mode 100644 internal/middlewares/util.go diff --git a/internal/configuration/validator/const.go b/internal/configuration/validator/const.go index bfd6eead7..d97b64596 100644 --- a/internal/configuration/validator/const.go +++ b/internal/configuration/validator/const.go @@ -307,7 +307,7 @@ var validACLRulePolicies = []string{policyBypass, policyOneFactor, policyTwoFact var validDefault2FAMethods = []string{"totp", "webauthn", "mobile_push"} -var validOIDCScopes = []string{oidc.ScopeOpenID, oidc.ScopeEmail, oidc.ScopeProfile, oidc.ScopeGroups, "offline_access"} +var validOIDCScopes = []string{oidc.ScopeOpenID, oidc.ScopeEmail, oidc.ScopeProfile, oidc.ScopeGroups, oidc.ScopeOfflineAccess} var validOIDCGrantTypes = []string{"implicit", "refresh_token", "authorization_code", "password", "client_credentials"} var validOIDCResponseModes = []string{"form_post", "query", "fragment"} var validOIDCUserinfoAlgorithms = []string{"none", "RS256"} diff --git a/internal/handlers/const.go b/internal/handlers/const.go index 3eea1161a..a43fa75b9 100644 --- a/internal/handlers/const.go +++ b/internal/handlers/const.go @@ -28,10 +28,6 @@ var ( headerRemoteEmail = []byte("Remote-Email") ) -var ( - headerContentTypeValueTextPlain = []byte("text/plain; charset=utf-8") -) - const ( // Forbidden means the user is forbidden the access to a resource. Forbidden authorizationMatching = iota diff --git a/internal/handlers/response.go b/internal/handlers/response.go index 0908a5a6f..4ff8a2276 100644 --- a/internal/handlers/response.go +++ b/internal/handlers/response.go @@ -250,7 +250,9 @@ func respondUnauthorized(ctx *middlewares.AutheliaCtx, message string) { // *fasthttp.RequestCtx or *middlewares.AutheliaCtx. func SetStatusCodeResponse(ctx *fasthttp.RequestCtx, statusCode int) { ctx.Response.Reset() - ctx.SetContentTypeBytes(headerContentTypeValueTextPlain) + + middlewares.SetContentTypeTextPlain(ctx) + ctx.SetStatusCode(statusCode) ctx.SetBodyString(fmt.Sprintf("%d %s", statusCode, fasthttp.StatusMessage(statusCode))) } diff --git a/internal/middlewares/util.go b/internal/middlewares/util.go new file mode 100644 index 000000000..23f58f01a --- /dev/null +++ b/internal/middlewares/util.go @@ -0,0 +1,15 @@ +package middlewares + +import ( + "github.com/valyala/fasthttp" +) + +// SetContentTypeApplicationJSON sets the Content-Type header to `application/json; charset=utf8`. +func SetContentTypeApplicationJSON(ctx *fasthttp.RequestCtx) { + ctx.SetContentTypeBytes(contentTypeApplicationJSON) +} + +// SetContentTypeTextPlain sets the Content-Type header to `text/plain; charset=utf8`. +func SetContentTypeTextPlain(ctx *fasthttp.RequestCtx) { + ctx.SetContentTypeBytes(contentTypeTextPlain) +} diff --git a/internal/server/asset.go b/internal/server/asset.go index 7f106e19a..4df0d4211 100644 --- a/internal/server/asset.go +++ b/internal/server/asset.go @@ -10,6 +10,7 @@ import ( "github.com/valyala/fasthttp" "github.com/valyala/fasthttp/fasthttpadaptor" + "github.com/authelia/authelia/v4/internal/middlewares" "github.com/authelia/authelia/v4/internal/utils" ) @@ -65,7 +66,8 @@ func newLocalesEmbeddedHandler() (handler fasthttp.RequestHandler) { } } - ctx.SetContentType("application/json") + middlewares.SetContentTypeApplicationJSON(ctx) + ctx.SetBody(data) } } diff --git a/internal/server/locales/en/portal.json b/internal/server/locales/en/portal.json index ea306ef0e..4cce09100 100644 --- a/internal/server/locales/en/portal.json +++ b/internal/server/locales/en/portal.json @@ -5,6 +5,7 @@ "Access your profile information": "Access your profile information", "An email has been sent to your address to complete the process": "An email has been sent to your address to complete the process.", "Authenticated": "Authenticated", + "Automatically refresh these permissions without user interaction": "Automatically refresh these permissions without user interaction", "Cancel": "Cancel", "Client ID": "Client ID: {{client_id}}", "Consent Request": "Consent Request", diff --git a/web/src/views/LoginPortal/ConsentView/ConsentView.tsx b/web/src/views/LoginPortal/ConsentView/ConsentView.tsx index a8fa246f6..83727e70e 100644 --- a/web/src/views/LoginPortal/ConsentView/ConsentView.tsx +++ b/web/src/views/LoginPortal/ConsentView/ConsentView.tsx @@ -1,6 +1,6 @@ import React, { useEffect, Fragment, ReactNode, useState } from "react"; -import { AccountBox, CheckBox, Contacts, Drafts, Group } from "@mui/icons-material"; +import { AccountBox, Autorenew, CheckBox, Contacts, Drafts, Group } from "@mui/icons-material"; import { Button, Grid, @@ -33,6 +33,8 @@ function scopeNameToAvatar(id: string) { switch (id) { case "openid": return ; + case "offline_access": + return ; case "profile": return ; case "groups": @@ -85,6 +87,8 @@ const ConsentView = function (props: Props) { switch (id) { case "openid": return translate("Use OpenID to verify your identity"); + case "offline_access": + return translate("Automatically refresh these permissions without user interaction"); case "profile": return translate("Access your profile information"); case "groups":