Display full token info

2025-02-08 01:55:36 +01:00 · 2025-02-08 01:55:36 +01:00 · ff72f0cae5
commit ff72f0cae5
parent 3eb6dc3dcf
5 changed files with 70 additions and 31 deletions
--- a/src/oidc_test/main.py
+++ b/src/oidc_test/main.py
@ -34,6 +34,7 @@ from .auth_utils import (
    get_current_user_or_none,
    authlib_oauth,
    get_providers_info,
+    get_token_or_none,
 )
 from .auth_misc import pretty_details
 from .database import TokenNotInDb, db
@ -76,6 +77,7 @@ async def home(
    request: Request,
    user: Annotated[User, Depends(get_current_user_or_none)],
    oidc_provider: Annotated[StarletteOAuth2App | None, Depends(get_oidc_provider_or_none)],
+    token: Annotated[OAuth2Token | None, Depends(get_token_or_none)],
 ) -> HTMLResponse:
    now = datetime.now()
    if oidc_provider and (
@ -101,22 +103,29 @@ async def home(
            logger.info("Invalid token")
            logger.exception(err)

-    return templates.TemplateResponse(
-        name="home.html",
-        request=request,
-        context={
-            "settings": settings.model_dump(),
-            "user": user,
-            "access_token_scope": access_token_scope,
-            "now": now,
-            "oidc_provider": oidc_provider,
-            "oidc_provider_settings": oidc_provider_settings,
-            "resources": resources,
-            "user_info_details": (
-                pretty_details(user, now) if user and settings.oidc.show_session_details else None
-            ),
-        },
-    )
+    context = {
+        "settings": settings.model_dump(),
+        "user": user,
+        "access_token_scope": access_token_scope,
+        "now": now,
+        "oidc_provider": oidc_provider,
+        "oidc_provider_settings": oidc_provider_settings,
+        "resources": resources,
+    }
+    if token is None:
+        context["id_token_parsed"] = None
+        context["access_token_parsed"] = None
+        context["refresh_token_parsed"] = None
+    else:
+        assert oidc_provider is not None
+        assert oidc_provider.name is not None
+        oidc_provider_settings = oidc_providers_settings[oidc_provider.name]
+        context["id_token_parsed"] = pretty_details(user, now)
+        context["access_token_parsed"] = oidc_provider_settings.decode(token["access_token"])
+        context["refresh_token_parsed"] = oidc_provider_settings.decode(
+            token["refresh_token"], verify_signature=False
+        )
+    return templates.TemplateResponse(name="home.html", request=request, context=context)


 # Endpoints for the login / authorization process