FlowAuth: show Renew button on expired tokens

[jakejellinek]

Summary

• The renewal endpoint added in FlowAuth: add a token renewal endpoint so service tokens can be rotated without minting from scratch #7275 already accepts expired tokens — it only checks the server's and role's expiry caps, not the original token's expires. But the UI was hiding the button on any row whose expiry had passed, so there was no way to actually trigger it.
• Drop the !isExpired guard in Token.jsx and pass onRenew={this.handleRenew} on the expiredTokens.map iteration in TokenList.jsx. Three lines.

This unblocks the service-account use case (e.g. Airflow's flowbot token): when the JWT has already expired, the operator can renew it in place from the Expired tokens list rather than re-minting from scratch and rewiring consumers.

Test plan

• On a server where the user has a token with expiry in the past: open the token list, confirm the "Renew" button now appears in the Expired tokens section.
• Click Renew on an expired token; confirm a fresh JWT is minted and the new row appears in Active tokens.
• Existing active-token Renew flow still works.

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • The Renew button is now available for expired tokens, allowing you to renew them directly from the expired tokens list without additional steps.

[coderabbitai]

Walkthrough

The pull request modifies the FlowAuth token UI to display the "Renew" button for expired tokens, extending access to renewal functionality that the backend already supported. Changes span the changelog, Token component conditional rendering, and TokenList callback provision across both active and expired token sections.

Changes

Cohort / File(s)	Summary
Changelog Documentation CHANGELOG.md	Documents the UI behaviour change: Renew button now visible for expired tokens, whereas it was previously hidden.
Token Component Rendering flowauth/frontend/src/Token.jsx	Removed expiration state gate from Renew button visibility; button now renders whenever onRenew callback is provided, independent of token expiry status.
TokenList Handler Integration flowauth/frontend/src/TokenList.jsx	Passes onRenew callback handler to Token components in both active and expired token sections, enabling renewal invocation from any token entry.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related issues

• FlowAuth: add a token renewal endpoint so service tokens can be rotated without minting from scratch #7275 — This PR directly addresses the objective to expose a "Renew" button in the TokenList/Token UI, aligning frontend controls with renewal capability.

Possibly related PRs

• FlowAuth: add token renewal endpoint (#7275) #7279 — That PR introduces the renewal UI and handler infrastructure (Token.jsx and TokenList.jsx modifications); this PR extends it by broadening the Renew button's visibility to expired tokens.

Poem

🐰 A token expired, the rabbit did say,
"Don't fret, dear friend, there's renewal today!
No more shall expiry block thy rebirth,
For renewal now shows its true worth!" ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title 'FlowAuth: show Renew button on expired tokens' accurately and clearly summarizes the main change in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch flowauth/renew-expired-tokens

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 60 minutes.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

flowauth/frontend/src/TokenList.jsx (1)

107-118: ⚠️ Potential issue | 🟠 Major

Add stable key props for token rows to prevent row state leaking after renew/reorder.

Token is stateful, and rendering list items without keys can cause React to re-use row state on the wrong token when items move between expired/active lists after renewal.

Suggested fix

           {activeTokens.map((object) => (
             <Token
+              key={object.id}
               id={object.id}
               name={object.name}
               expiry={object.expires}
               token={object.token}
               roles={object.roles}
               classes={classes}
               editAction={editAction}
               onRenew={this.handleRenew}
             />
           ))}
...
             {expiredTokens.map((object) => (
               <Token
+                key={object.id}
                 id={object.id}
                 name={object.name}
                 expiry={object.expires}
                 token={object.token}
                 roles={object.roles}
                 classes={classes}
                 editAction={editAction}
                 onRenew={this.handleRenew}
               />
             ))}

Also applies to: 138-149

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@flowauth/frontend/src/TokenList.jsx` around lines 107 - 118, The mapped Token
components lack stable React keys, causing state to follow the wrong row when
lists reorder (e.g., on renew); update the JSX that maps activeTokens to include
a key prop using a stable unique id (use object.id) on the Token element, and
make the same change in the other Token mapping block that renders expired
tokens so each Token has key={object.id} (or another stable unique field) to
prevent state leaking between rows.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@flowauth/frontend/src/TokenList.jsx`:
- Around line 107-118: The mapped Token components lack stable React keys,
causing state to follow the wrong row when lists reorder (e.g., on renew);
update the JSX that maps activeTokens to include a key prop using a stable
unique id (use object.id) on the Token element, and make the same change in the
other Token mapping block that renders expired tokens so each Token has
key={object.id} (or another stable unique field) to prevent state leaking
between rows.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: e6383e67-3d6e-45e5-a2b5-22c9ef47d6e3

📥 Commits

Reviewing files that changed from the base of the PR and between df509f6 and a917e2b.

📒 Files selected for processing (3)

• CHANGELOG.md
• flowauth/frontend/src/Token.jsx
• flowauth/frontend/src/TokenList.jsx

[cypress]

FlowAuth    Run #25989

Run Properties:   Passed #25989  •  a917e2b829: FlowAuth: show Renew button on expired tokens

Project	FlowAuth
Branch Review	flowauth/renew-expired-tokens
Run status	Passed #25989
Run duration	00m 43s
Commit	a917e2b829: FlowAuth: show Renew button on expired tokens
Committer	Joachim Jellinek
View all properties for this run ↗︎

---

Test results
Failures	0
Flaky	0
Pending	0
Skipped	0
Passing	4
View all changes introduced in this branch ↗︎

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.19%. Comparing base (df509f6) to head (a917e2b).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #7282      +/-   ##
==========================================
- Coverage   92.02%   91.19%   -0.83%     
==========================================
  Files         279      279              
  Lines       10878    10878              
  Branches      697      697              
==========================================
- Hits        10010     9920      -90     
- Misses        716      804      +88     
- Partials      152      154       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.