core/ui: add user info link (#5158)

* core/ui: add user info link

* open in new window

* fix header test

authorize/evaluator/headers_evaluator.go

@@ -123,10 +123,10 @@ func NewHeadersEvaluator(ctx context.Context, store *store.Store, options ...fun
 }
 
 // Evaluate evaluates the headers.rego script.
-func (e *HeadersEvaluator) Evaluate(ctx context.Context, req *HeadersRequest) (*HeadersResponse, error) {
+func (e *HeadersEvaluator) Evaluate(ctx context.Context, req *HeadersRequest, options ...rego.EvalOption) (*HeadersResponse, error) {
 	ctx, span := trace.StartSpan(ctx, "authorize.HeadersEvaluator.Evaluate")
 	defer span.End()
-	rs, err := safeEval(ctx, e.q, rego.EvalInput(req))
+	rs, err := safeEval(ctx, e.q, append([]rego.EvalOption{rego.EvalInput(req)}, options...)...)
 	if err != nil {
 		return nil, fmt.Errorf("authorize: error evaluating headers.rego: %w", err)
 	}

authorize/evaluator/headers_evaluator_test.go

@@ -75,7 +75,7 @@ func TestHeadersEvaluator(t *testing.T) {
 	publicJWK, err := cryptutil.PublicJWKFromBytes(encodedSigningKey)
 	require.NoError(t, err)
 
-	evalTime := time.Now().Round(time.Second)
+	iat := time.Unix(1686870680, 0)
 
 	eval := func(t *testing.T, data []proto.Message, input *HeadersRequest) (*HeadersResponse, error) {
 		ctx := context.Background()
@@ -83,13 +83,11 @@ func TestHeadersEvaluator(t *testing.T) {
 		store := store.New()
 		store.UpdateJWTClaimHeaders(config.NewJWTClaimHeaders("email", "groups", "user", "CUSTOM_KEY"))
 		store.UpdateSigningKey(privateJWK)
-		e, err := NewHeadersEvaluator(ctx, store, rego.Time(evalTime))
+		e, err := NewHeadersEvaluator(ctx, store, rego.Time(iat))
 		require.NoError(t, err)
-		return e.Evaluate(ctx, input)
+		return e.Evaluate(ctx, input, rego.EvalTime(iat))
 	}
 
-	iat := time.Unix(1686870680, 0)
-
 	t.Run("jwt", func(t *testing.T) {
 		output, err := eval(t,
 			[]proto.Message{
@@ -122,9 +120,9 @@ func TestHeadersEvaluator(t *testing.T) {
 		require.NoError(t, err)
 
 		// The 'iat' and 'exp' claims are set based on the current time.
-		assert.Equal(t, json.Number(fmt.Sprint(evalTime.Unix())), jwtPayloadDecoded["iat"],
+		assert.Equal(t, json.Number(fmt.Sprint(iat.Unix())), jwtPayloadDecoded["iat"],
 			"unexpected 'iat' timestamp format")
-		assert.Equal(t, json.Number(fmt.Sprint(evalTime.Add(5*time.Minute).Unix())), jwtPayloadDecoded["exp"],
+		assert.Equal(t, json.Number(fmt.Sprint(iat.Add(5*time.Minute).Unix())), jwtPayloadDecoded["exp"],
 			"unexpected 'exp' timestamp format")
 
 		rawJWT, err := jwt.ParseSigned(jwtHeader)

ui/src/components/Header.tsx

@@ -68,6 +68,11 @@ const Header: FC<HeaderProps> = ({ includeSidebar, data }) => {
     setDrawerOpen(false);
   };
 
+  const handleUserInfo = (evt: React.MouseEvent): void => {
+    evt.preventDefault();
+    window.open("/.pomerium/");
+  };
+
   const handleLogout = (evt: React.MouseEvent): void => {
     evt.preventDefault();
     location.href = "/.pomerium/sign_out";
@@ -139,6 +144,7 @@ const Header: FC<HeaderProps> = ({ includeSidebar, data }) => {
           open={!!anchorEl}
           anchorEl={anchorEl}
         >
+          <MenuItem onClick={handleUserInfo}>User Info</MenuItem>
           <MenuItem onClick={handleLogout}>Logout</MenuItem>
         </Menu>
       </Toolbar>