From 34d369ba26a2eff819bcd6f0215eca18397a5a82 Mon Sep 17 00:00:00 2001
From: Jason Hu <awarecan@users.noreply.github.com>
Date: Wed, 12 Sep 2018 00:49:44 -0700
Subject: [PATCH] Return if refresh token is current used one in WS API
 (#16575)

---
 homeassistant/components/auth/__init__.py | 2 ++
 homeassistant/components/websocket_api.py | 1 +
 tests/components/auth/test_init.py        | 1 +
 3 files changed, 4 insertions(+)

diff --git a/homeassistant/components/auth/__init__.py b/homeassistant/components/auth/__init__.py
index 5fac423f27a..01cfe4724bf 100644
--- a/homeassistant/components/auth/__init__.py
+++ b/homeassistant/components/auth/__init__.py
@@ -475,6 +475,7 @@ def websocket_create_long_lived_access_token(
 def websocket_refresh_tokens(
         hass: HomeAssistant, connection: websocket_api.ActiveConnection, msg):
     """Return metadata of users refresh tokens."""
+    current_id = connection.request.get('refresh_token_id')
     connection.to_write.put_nowait(websocket_api.result_message(msg['id'], [{
         'id': refresh.id,
         'client_id': refresh.client_id,
@@ -482,6 +483,7 @@ def websocket_refresh_tokens(
         'client_icon': refresh.client_icon,
         'type': refresh.token_type,
         'created_at': refresh.created_at,
+        'is_current': refresh.id == current_id,
     } for refresh in connection.user.refresh_tokens.values()]))
 
 
diff --git a/homeassistant/components/websocket_api.py b/homeassistant/components/websocket_api.py
index 0c9ab366534..e9db666c032 100644
--- a/homeassistant/components/websocket_api.py
+++ b/homeassistant/components/websocket_api.py
@@ -360,6 +360,7 @@ class ActiveConnection:
                     authenticated = refresh_token is not None
                     if authenticated:
                         request['hass_user'] = refresh_token.user
+                        request['refresh_token_id'] = refresh_token.id
 
                 elif ((not self.hass.auth.active or
                        self.hass.auth.support_legacy) and
diff --git a/tests/components/auth/test_init.py b/tests/components/auth/test_init.py
index a8e95c73a36..ad2aa01737b 100644
--- a/tests/components/auth/test_init.py
+++ b/tests/components/auth/test_init.py
@@ -320,6 +320,7 @@ async def test_ws_refresh_tokens(hass, hass_ws_client, hass_access_token):
     assert token['client_name'] == refresh_token.client_name
     assert token['client_icon'] == refresh_token.client_icon
     assert token['created_at'] == refresh_token.created_at.isoformat()
+    assert token['is_current'] is True
 
 
 async def test_ws_delete_refresh_token(hass, hass_ws_client,
-- 
GitLab