dev/core#2141 - Multiple revisions to new screen for inspecting OAuth tokens

[totten]

Overview

5.32 adds oauth-client, which includes a screen for inspecting OAuth tokens. It is intended to facilitate debugging.

This addresses some bugs/usability in the new screen.

Before

• The screen works for inspecting one token. It offers a subform to inspect other tokens, but it doesn't work.
• The screen only shows the access_token (and its JWT variant)

After

• The malfunctioning subform isn't needed. Remove it.
• The screen shows a full record of the token details. This should make it even more useful for debugging.

[civibot]

(Standard links)

• If this is your first pull-request for CiviCRM, please browse CONTRIBUTING.md for information about the development and testing processes.
• If you are reviewing this pull-request, you may wish to consult the test sites and the Review Standards (long template, short template).

[demeritcowboy]

I tried to test but I think maybe my token isn't a JWT token, although it sort of looks like one (it's gmail). I get a javascript console error Illegal base64url string! and the page displays the code literally {{token.access_token|unvalidatedJwtDecode|json}} at the bottom, although the output for the rest of the page is working, and it wasn't before the patch.

[totten]

Yeah, the OAuth2 initiation doesn't guarantee that you'll get a JWT token. In my experience, Google's token wasn't JWT. That field is mainly for debugging Microsoft's token (which does happen to be JWT) for dev/mail#79.

[demeritcowboy]

I think maybe in unvalidatedJwtDecode.js it could maybe do something - I was going to look at making a patch just went off to do something else.

Anyway I think this is mergeable, just there's a possible future improvement if the token isn't actually a JWT token.

[totten]

@demeritcowboy Thanks. Agree the unvalidatedJwtDecode could fail better with non-JWT values (and that's orthogonal to this patch).