From 2543224c7c59158dfdf557cc707cd2f0298a11f7 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon, 10 Jan 2022 17:52:31 +0100
Subject: [PATCH] core: dont return 404 when trying to view key of expired
 token

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/core/api/tokens.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/authentik/core/api/tokens.py b/authentik/core/api/tokens.py
index d246629e6..421efcaa3 100644
--- a/authentik/core/api/tokens.py
+++ b/authentik/core/api/tokens.py
@@ -1,7 +1,6 @@
 """Tokens API Viewset"""
 from typing import Any
 
-from django.http.response import Http404
 from django_filters.rest_framework import DjangoFilterBackend
 from drf_spectacular.utils import OpenApiResponse, extend_schema
 from guardian.shortcuts import get_anonymous_user
@@ -114,7 +113,5 @@ class TokenViewSet(UsedByMixin, ModelViewSet):
     def view_key(self, request: Request, identifier: str) -> Response:
         """Return token key and log access"""
         token: Token = self.get_object()
-        if token.is_expired:
-            raise Http404
         Event.new(EventAction.SECRET_VIEW, secret=token).from_http(request)  # noqa # nosec
         return Response(TokenViewSerializer({"key": token.key}).data)