fix(web): offline_access consent description (#3679)

2022-07-11 16:24:09 +10:00 · 2022-07-11 16:24:09 +10:00 · f115f77df8
parent 897558aba2
commit f115f77df8
7 changed files with 28 additions and 8 deletions
--- a/internal/configuration/validator/const.go
+++ b/internal/configuration/validator/const.go
@ -307,7 +307,7 @@ var validACLRulePolicies = []string{policyBypass, policyOneFactor, policyTwoFact

 var validDefault2FAMethods = []string{"totp", "webauthn", "mobile_push"}

-var validOIDCScopes = []string{oidc.ScopeOpenID, oidc.ScopeEmail, oidc.ScopeProfile, oidc.ScopeGroups, "offline_access"}
+var validOIDCScopes = []string{oidc.ScopeOpenID, oidc.ScopeEmail, oidc.ScopeProfile, oidc.ScopeGroups, oidc.ScopeOfflineAccess}
 var validOIDCGrantTypes = []string{"implicit", "refresh_token", "authorization_code", "password", "client_credentials"}
 var validOIDCResponseModes = []string{"form_post", "query", "fragment"}
 var validOIDCUserinfoAlgorithms = []string{"none", "RS256"}
--- a/internal/handlers/const.go
+++ b/internal/handlers/const.go
@ -28,10 +28,6 @@ var (
 	headerRemoteEmail     = []byte("Remote-Email")
 )

-var (
-	headerContentTypeValueTextPlain = []byte("text/plain; charset=utf-8")
-)
-
 const (
 	// Forbidden means the user is forbidden the access to a resource.
 	Forbidden authorizationMatching = iota
--- a/internal/handlers/response.go
+++ b/internal/handlers/response.go
@ -250,7 +250,9 @@ func respondUnauthorized(ctx *middlewares.AutheliaCtx, message string) {
 // *fasthttp.RequestCtx or *middlewares.AutheliaCtx.
 func SetStatusCodeResponse(ctx *fasthttp.RequestCtx, statusCode int) {
 	ctx.Response.Reset()
-	ctx.SetContentTypeBytes(headerContentTypeValueTextPlain)
+
+	middlewares.SetContentTypeTextPlain(ctx)
+
 	ctx.SetStatusCode(statusCode)
 	ctx.SetBodyString(fmt.Sprintf("%d %s", statusCode, fasthttp.StatusMessage(statusCode)))
 }
--- a/internal/middlewares/util.go
+++ b/internal/middlewares/util.go
@ -0,0 +1,15 @@
+package middlewares
+
+import (
+	"github.com/valyala/fasthttp"
+)
+
+// SetContentTypeApplicationJSON sets the Content-Type header to `application/json; charset=utf8`.
+func SetContentTypeApplicationJSON(ctx *fasthttp.RequestCtx) {
+	ctx.SetContentTypeBytes(contentTypeApplicationJSON)
+}
+
+// SetContentTypeTextPlain sets the Content-Type header to `text/plain; charset=utf8`.
+func SetContentTypeTextPlain(ctx *fasthttp.RequestCtx) {
+	ctx.SetContentTypeBytes(contentTypeTextPlain)
+}
--- a/internal/server/asset.go
+++ b/internal/server/asset.go
@ -10,6 +10,7 @@ import (
 	"github.com/valyala/fasthttp"
 	"github.com/valyala/fasthttp/fasthttpadaptor"

+	"github.com/authelia/authelia/v4/internal/middlewares"
 	"github.com/authelia/authelia/v4/internal/utils"
 )

@ -65,7 +66,8 @@ func newLocalesEmbeddedHandler() (handler fasthttp.RequestHandler) {
 			}
 		}

-		ctx.SetContentType("application/json")
+		middlewares.SetContentTypeApplicationJSON(ctx)
+
 		ctx.SetBody(data)
 	}
 }
--- a/internal/server/locales/en/portal.json
+++ b/internal/server/locales/en/portal.json
@ -5,6 +5,7 @@
 	"Access your profile information": "Access your profile information",
 	"An email has been sent to your address to complete the process": "An email has been sent to your address to complete the process.",
 	"Authenticated": "Authenticated",
+	"Automatically refresh these permissions without user interaction": "Automatically refresh these permissions without user interaction",
 	"Cancel": "Cancel",
 	"Client ID": "Client ID: {{client_id}}",
 	"Consent Request": "Consent Request",
--- a/web/src/views/LoginPortal/ConsentView/ConsentView.tsx
+++ b/web/src/views/LoginPortal/ConsentView/ConsentView.tsx
@ -1,6 +1,6 @@
 import React, { useEffect, Fragment, ReactNode, useState } from "react";

-import { AccountBox, CheckBox, Contacts, Drafts, Group } from "@mui/icons-material";
+import { AccountBox, Autorenew, CheckBox, Contacts, Drafts, Group } from "@mui/icons-material";
 import {
    Button,
    Grid,
@ -33,6 +33,8 @@ function scopeNameToAvatar(id: string) {
    switch (id) {
        case "openid":
            return <AccountBox />;
+        case "offline_access":
+            return <Autorenew />;
        case "profile":
            return <Contacts />;
        case "groups":
@ -85,6 +87,8 @@ const ConsentView = function (props: Props) {
        switch (id) {
            case "openid":
                return translate("Use OpenID to verify your identity");
+            case "offline_access":
+                return translate("Automatically refresh these permissions without user interaction");
            case "profile":
                return translate("Access your profile information");
            case "groups":