legate 0.1.0

data/lib/legate/web/views/auth_credential_detail.slim

@@ -0,0 +1,327 @@
+/ File: lib/legate/web/views/auth_credential_detail.slim
+.content.mb-6
+  nav.breadcrumb(aria-label="breadcrumbs")
+    ul
+      li
+        a(href="/auth") Authentication
+      li
+        a(href="/auth/credentials") Credentials
+      li.is-active
+        a(href="/auth/credentials/#{@credential[:name]}" aria-current="page") = @credential[:name]
+
+  .level
+    .level-left
+      .level-item
+        div
+          h1.title.is-2 = @credential[:name]
+          p.subtitle.is-4 = @credential[:description]
+    .level-right
+      .level-item
+        .buttons
+          button.button.is-warning#edit-credential-btn
+            span.icon
+              i.fas.fa-edit
+            span Edit
+          button.button.is-info#test-credential-btn
+            span.icon
+              i.fas.fa-vial
+            span Test
+          button.button.is-danger.is-outlined#delete-credential-btn
+            span.icon
+              i.fas.fa-trash
+            span Delete
+
+.columns
+  .column.is-half
+    .card
+      .card-header
+        p.card-header-title Credential Information
+      .card-content
+        .content
+          table.table.is-narrow.is-fullwidth
+            tbody
+              tr
+                td <strong>Name:</strong>
+                td
+                  code = @credential[:name]
+              tr
+                td <strong>Type:</strong>
+                td
+                  span.tag.is-info.is-light = @credential[:auth_type]
+              tr
+                td <strong>Compatible Schemes:</strong>
+                td
+                  .tags
+                    - @credential[:compatible_schemes].each do |scheme_name|
+                      span.tag.is-success.is-light = scheme_name
+
+    .card.mt-4
+      .card-header
+        p.card-header-title Current Configuration
+      .card-content
+        .content
+          - if @credential[:current_config].any?
+            table.table.is-narrow.is-fullwidth
+              tbody
+                - @credential[:current_config].each do |key, value|
+                  tr
+                    td <strong>#{key.to_s.gsub('_', ' ').split.map(&:capitalize).join(' ')}:</strong>
+                    td
+                      - if key.include?('url') || key.include?('uri')
+                        a(href="#{value}" target="_blank") = value
+                      - elsif value.to_s.include?('***')
+                        span.has-text-grey-light = value
+                      - else
+                        code = value
+          - else
+            p.has-text-grey No configuration data available
+
+  .column.is-half
+    .card
+      .card-header
+        p.card-header-title Usage Information
+      .card-content
+        .content
+          .columns.is-mobile.is-gapless.has-text-centered
+            .column
+              p.heading Compatible Schemes
+              p.title.is-4 = @credential[:compatible_schemes].size
+            .column
+              p.heading URL Mappings
+              p.title.is-4 = @credential[:url_mappings].size
+
+    - if @credential[:url_mappings].any?
+      .card.mt-4
+        .card-header
+          p.card-header-title URL Mappings
+        .card-content
+          .content
+            .table-container
+              table.table.is-fullwidth.is-striped
+                thead
+                  tr
+                    th Pattern
+                    th Type
+                    th Scheme
+                tbody
+                  - @credential[:url_mappings].each do |mapping|
+                    tr
+                      td
+                        code = mapping[:pattern]
+                      td
+                        span.tag class=("is-warning" if mapping[:pattern_type] == 'regex')
+                          = mapping[:pattern_type] == 'regex' ? 'Regex' : 'String'
+                      td
+                        span.tag.is-primary.is-light = mapping[:scheme_name]
+
+    #test-results.card.mt-4.is-hidden
+      .card-header
+        p.card-header-title Test Results
+      .card-content
+        .content
+          #test-results-content
+            /! Test results will be inserted here
+
+/! Edit Credential Modal
+#edit-credential-modal.modal
+  .modal-background
+  .modal-card
+    header.modal-card-head
+      p.modal-card-title Edit #{@credential[:name]}
+      button.delete(aria-label="close")
+    section.modal-card-body
+      form#edit-credential-form
+        - @credential[:config_fields].each do |field|
+          .field
+            label.label = field[:label]
+            .control
+              - if field[:type] == 'select'
+                .select.is-fullwidth
+                  select(name="#{field[:name]}" required=field[:required])
+                    - field[:options].each do |option|
+                      option(value="#{option}" selected=(@credential[:current_config][field[:name]] == option)) = option
+              - elsif field[:type] == 'textarea'
+                textarea.textarea(name="#{field[:name]}" placeholder="#{field[:placeholder] || ''}" required=field[:required]) = @credential[:current_config][field[:name]]
+              - elsif field[:type] == 'password'
+                input.input(type="password" name="#{field[:name]}" placeholder="#{field[:placeholder] || ''}" required=field[:required])
+                p.help.is-size-7 Leave blank to keep current value
+              - else
+                input.input(type="#{field[:type]}" name="#{field[:name]}" value="#{@credential[:current_config][field[:name]]}" placeholder="#{field[:placeholder] || ''}" required=field[:required])
+    
+    footer.modal-card-foot
+      button.button.is-primary(type="submit" form="edit-credential-form") Update Credential
+      button.button Cancel
+
+/! Delete Confirmation Modal
+#delete-credential-modal.modal
+  .modal-background
+  .modal-card
+    header.modal-card-head
+      p.modal-card-title Delete Credential
+      button.delete(aria-label="close")
+    section.modal-card-body
+      .content
+        p Are you sure you want to delete the credential <strong>#{@credential[:name]}</strong>?
+        - if @credential[:url_mappings].any?
+          .notification.is-warning
+            p <strong>Warning:</strong> This credential is used by #{@credential[:url_mappings].size} URL mapping(s). You must remove these mappings first.
+        - else
+          p This action cannot be undone.
+    
+    footer.modal-card-foot
+      button.button.is-danger#confirm-delete-btn Delete Credential
+      button.button Cancel
+
+javascript:
+  document.addEventListener('DOMContentLoaded', function() {
+    const editCredentialBtn = document.getElementById('edit-credential-btn');
+    const editCredentialModal = document.getElementById('edit-credential-modal');
+    const editCredentialForm = document.getElementById('edit-credential-form');
+    const testCredentialBtn = document.getElementById('test-credential-btn');
+    const testResults = document.getElementById('test-results');
+    const testResultsContent = document.getElementById('test-results-content');
+    const deleteCredentialBtn = document.getElementById('delete-credential-btn');
+    const deleteCredentialModal = document.getElementById('delete-credential-modal');
+    const confirmDeleteBtn = document.getElementById('confirm-delete-btn');
+    
+    // Show edit modal
+    editCredentialBtn.addEventListener('click', function() {
+      editCredentialModal.classList.add('is-active');
+    });
+    
+    // Show delete modal
+    deleteCredentialBtn.addEventListener('click', function() {
+      deleteCredentialModal.classList.add('is-active');
+    });
+    
+    // Hide modals
+    function hideModals() {
+      editCredentialModal.classList.remove('is-active');
+      deleteCredentialModal.classList.remove('is-active');
+    }
+    
+    document.querySelectorAll('.modal-background, .delete, .button:not(.is-primary):not(.is-danger)').forEach(function(element) {
+      element.addEventListener('click', hideModals);
+    });
+    
+    // Handle edit form submission
+    editCredentialForm.addEventListener('submit', function(e) {
+      e.preventDefault();
+      
+      const formData = new FormData(this);
+      
+      fetch(`/auth/credentials/#{@credential[:name]}`, {
+        method: 'PUT',
+        body: formData
+      })
+      .then(response => response.json())
+      .then(data => {
+        if (data.success) {
+          hideModals();
+          if (typeof showToast === 'function') {
+            showToast(data.message, 'is-success');
+          }
+          // Reload the page to show updated configuration
+          window.location.reload();
+        } else {
+          if (typeof showToast === 'function') {
+            showToast(data.error || 'Failed to update credential', 'is-danger');
+          }
+        }
+      })
+      .catch(error => {
+        console.error('Error:', error);
+        if (typeof showToast === 'function') {
+          showToast('Network error occurred', 'is-danger');
+        }
+      });
+    });
+    
+    // Handle test credential
+    testCredentialBtn.addEventListener('click', function() {
+      testCredentialBtn.classList.add('is-loading');
+      testResults.classList.add('is-hidden');
+      
+      Legate.apiRequest(`/auth/credentials/#{@credential[:name]}/test`, {
+        method: 'POST'
+      })
+      .then(data => {
+        testCredentialBtn.classList.remove('is-loading');
+        
+        let resultsHTML = '';
+        if (data.tests && data.tests.length > 0) {
+          resultsHTML += '<div class="content">';
+          data.tests.forEach(function(test) {
+            const statusClass = test.status === 'passed' ? 'is-success' : 'is-danger';
+            const icon = test.status === 'passed' ? 'fa-check' : 'fa-times';
+            resultsHTML += `
+              <div class="notification ${statusClass} is-light">
+                <span class="icon-text">
+                  <span class="icon">
+                    <i class="fas ${icon}"></i>
+                  </span>
+                  <span><strong>${escapeHtml(test.name)}:</strong> ${escapeHtml(test.message)}</span>
+                </span>
+              </div>
+            `;
+          });
+          resultsHTML += '</div>';
+          
+          const overallClass = data.success ? 'is-success' : 'is-danger';
+          const overallIcon = data.success ? 'fa-check-circle' : 'fa-exclamation-triangle';
+          const overallMessage = data.success ? 'All tests passed' : 'Some tests failed';
+          
+          resultsHTML = `
+            <div class="notification ${overallClass}">
+              <span class="icon-text">
+                <span class="icon">
+                  <i class="fas ${overallIcon}"></i>
+                </span>
+                <span><strong>${overallMessage}</strong></span>
+              </span>
+            </div>
+          ` + resultsHTML;
+        } else {
+          resultsHTML = '<div class="notification is-info">No test results available</div>';
+        }
+        
+        testResultsContent.innerHTML = resultsHTML;
+        testResults.classList.remove('is-hidden');
+      })
+      .catch(error => {
+        testCredentialBtn.classList.remove('is-loading');
+        console.error('Error:', error);
+        Legate.renderError(testResultsContent, 'Error running tests: ' + error.message);
+        testResults.classList.remove('is-hidden');
+      });
+    });
+    
+    // Handle delete confirmation
+    confirmDeleteBtn.addEventListener('click', function() {
+      fetch(`/auth/credentials/#{@credential[:name]}`, {
+        method: 'DELETE'
+      })
+      .then(response => response.json())
+      .then(data => {
+        if (data.success) {
+          if (typeof showToast === 'function') {
+            showToast(data.message, 'is-success');
+          }
+          // Redirect to credentials list
+          window.location.href = '/auth/credentials';
+        } else {
+          hideModals();
+          if (typeof showToast === 'function') {
+            showToast(data.error || 'Failed to delete credential', 'is-danger');
+          }
+        }
+      })
+      .catch(error => {
+        console.error('Error:', error);
+        hideModals();
+        if (typeof showToast === 'function') {
+          showToast('Network error occurred', 'is-danger');
+        }
+      });
+    });
+  }); 

data/lib/legate/web/views/auth_credentials.slim

@@ -0,0 +1,261 @@
+/ File: lib/legate/web/views/auth_credentials.slim
+.content.mb-6
+  nav.breadcrumb(aria-label="breadcrumbs")
+    ul
+      li
+        a(href="/auth") Authentication
+      li.is-active
+        a(href="/auth/credentials" aria-current="page") Credentials
+
+  h1.title.is-2 Authentication Credentials
+  p.subtitle.is-4 Manage authentication credentials for external services
+  
+  .buttons.mb-4
+    button.button.is-primary#add-credential-btn
+      span.icon
+        i.fas.fa-plus
+      span Add New Credential
+
+- if @credentials && @credentials.any?
+  .columns.is-multiline
+    - @credentials.each do |credential|
+      .column.is-half
+        .card
+          .card-content
+            .media
+              .media-left
+                span.icon.is-large.has-text-info
+                  - case credential[:auth_type]
+                  - when :api_key
+                    i.fas.fa-key.fa-2x
+                  - when :oauth2, :oidc
+                    i.fas.fa-shield-alt.fa-2x
+                  - when :service_account, :google_service_account
+                    i.fas.fa-robot.fa-2x
+                  - when :http_bearer
+                    i.fas.fa-ticket-alt.fa-2x
+                  - else
+                    i.fas.fa-id-card.fa-2x
+              .media-content
+                p.title.is-5 = credential[:name]
+                p.subtitle.is-6 = credential[:description]
+            .content
+              p.is-size-7 = credential[:masked_info]
+              .level.is-mobile.mt-3
+                .level-left
+                  .level-item
+                    .tags
+                      span.tag.is-info.is-light = credential[:auth_type]
+                .level-right
+                  .level-item
+                    .buttons.are-small
+                      a.button.is-primary.is-outlined(href="/auth/credentials/#{credential[:name]}")
+                        span.icon.is-small
+                          i.fas.fa-eye
+                        span Details
+              
+              .content.is-small.mt-3
+                .columns.is-mobile.is-gapless
+                  .column
+                    .has-text-centered
+                      p.heading Compatible Schemes
+                      p.title.is-6 = credential[:compatible_schemes_count]
+                  .column
+                    .has-text-centered
+                      p.heading URL Mappings
+                      p.title.is-6 = credential[:url_mappings_count]
+
+- else
+  .columns.is-centered
+    .column.is-half
+      .notification.is-info
+        h3.title.is-4 No Credentials Configured
+        p No authentication credentials are currently configured.
+        p Add credentials to enable agents to authenticate with external services.
+
+.content.mt-6
+  h2.title.is-4 Credential Security
+  .columns
+    .column.is-half
+      .content
+        h3.title.is-5 
+          span.icon.has-text-success
+            i.fas.fa-shield-alt
+          span  Secure Storage
+        p All sensitive credential data is securely stored and encrypted.
+        p Only masked versions are shown in the web interface for security.
+        
+    .column.is-half
+      .content
+        h3.title.is-5
+          span.icon.has-text-warning
+            i.fas.fa-exclamation-triangle
+          span  Important Notes
+        p Never share or expose full credential values.
+        p Credentials are automatically used by agents when making authenticated requests.
+        p Test credentials regularly to ensure they remain valid.
+
+/! Add New Credential Modal
+#add-credential-modal.modal
+  .modal-background
+  .modal-card
+    header.modal-card-head
+      p.modal-card-title Add New Authentication Credential
+      button.delete(aria-label="close")
+    section.modal-card-body
+      form#add-credential-form
+        .field
+          label.label Credential Type
+          .control
+            .select.is-fullwidth
+              select#credential-type-select(name="auth_type" required)
+                option(value="") Select credential type...
+                option(value="api_key") API Key
+                option(value="http_bearer") HTTP Bearer
+                option(value="oauth2") OAuth2
+                option(value="oidc") OpenID Connect
+                option(value="service_account") Service Account
+                option(value="google_service_account") Google Service Account
+                option(value="basic") Basic Auth
+        
+        .field
+          label.label Credential Name
+          .control
+            input.input(type="text" name="credential_name" placeholder="Enter unique credential name" required)
+          p.help Give this credential a unique name (e.g., "github_oauth", "api_key_prod")
+        
+        #credential-config-fields
+          /! Dynamic configuration fields will be inserted here
+    
+    footer.modal-card-foot
+      button.button.is-primary(type="submit" form="add-credential-form") Add Credential
+      button.button Cancel
+
+javascript:
+  document.addEventListener('DOMContentLoaded', function() {
+    const addCredentialBtn = document.getElementById('add-credential-btn');
+    const addCredentialModal = document.getElementById('add-credential-modal');
+    const credentialTypeSelect = document.getElementById('credential-type-select');
+    const credentialConfigFields = document.getElementById('credential-config-fields');
+    const addCredentialForm = document.getElementById('add-credential-form');
+    
+    // Credential configuration templates
+    const credentialConfigs = {
+      api_key: [
+        { name: 'api_key', type: 'password', required: true, label: 'API Key', placeholder: 'Enter your API key' },
+        { name: 'location', type: 'select', required: false, label: 'Location', options: ['header', 'query', 'cookie'], default: 'header' },
+        { name: 'name', type: 'text', required: false, label: 'Parameter Name', placeholder: 'X-API-Key' }
+      ],
+      http_bearer: [
+        { name: 'bearer_token', type: 'password', required: true, label: 'Bearer Token', placeholder: 'Enter bearer token' }
+      ],
+      oauth2: [
+        { name: 'client_id', type: 'text', required: true, label: 'Client ID', placeholder: 'Enter client ID' },
+        { name: 'client_secret', type: 'password', required: true, label: 'Client Secret', placeholder: 'Enter client secret' },
+        { name: 'redirect_uri', type: 'url', required: false, label: 'Redirect URI', placeholder: 'https://your-app.com/callback' },
+        { name: 'scopes', type: 'text', required: false, label: 'Scopes (space-separated)', placeholder: 'read write' }
+      ],
+      oidc: [
+        { name: 'client_id', type: 'text', required: true, label: 'Client ID', placeholder: 'Enter client ID' },
+        { name: 'client_secret', type: 'password', required: true, label: 'Client Secret', placeholder: 'Enter client secret' },
+        { name: 'redirect_uri', type: 'url', required: false, label: 'Redirect URI', placeholder: 'https://your-app.com/callback' },
+        { name: 'scopes', type: 'text', required: false, label: 'Scopes (space-separated)', placeholder: 'openid profile email' }
+      ],
+      service_account: [
+        { name: 'client_email', type: 'email', required: true, label: 'Client Email', placeholder: 'service-account@project.iam.gserviceaccount.com' },
+        { name: 'private_key', type: 'textarea', required: true, label: 'Private Key', placeholder: '-----BEGIN PRIVATE KEY-----\\n...\\n-----END PRIVATE KEY-----' },
+        { name: 'project_id', type: 'text', required: false, label: 'Project ID', placeholder: 'your-project-id' }
+      ],
+      google_service_account: [
+        { name: 'service_account_key', type: 'textarea', required: true, label: 'Service Account Key (JSON)', placeholder: '{"type": "service_account", "project_id": "..."}' }
+      ],
+      basic: [
+        { name: 'username', type: 'text', required: true, label: 'Username', placeholder: 'Enter username' },
+        { name: 'password', type: 'password', required: true, label: 'Password', placeholder: 'Enter password' }
+      ]
+    };
+    
+    // Show modal
+    addCredentialBtn.addEventListener('click', function() {
+      addCredentialModal.classList.add('is-active');
+    });
+    
+    // Hide modal
+    function hideModal() {
+      addCredentialModal.classList.remove('is-active');
+      addCredentialForm.reset();
+      credentialConfigFields.innerHTML = '';
+    }
+    
+    addCredentialModal.querySelectorAll('.modal-background, .delete, .button:not(.is-primary)').forEach(function(element) {
+      element.addEventListener('click', hideModal);
+    });
+    
+    // Update configuration fields when credential type changes
+    credentialTypeSelect.addEventListener('change', function() {
+      const credentialType = this.value;
+      credentialConfigFields.innerHTML = '';
+      
+      if (credentialConfigs[credentialType]) {
+        credentialConfigs[credentialType].forEach(function(field) {
+          const fieldDiv = document.createElement('div');
+          fieldDiv.className = 'field';
+          
+          let fieldHTML = `<label class="label">${field.label}</label><div class="control">`;
+          
+          if (field.type === 'select') {
+            fieldHTML += `<div class="select is-fullwidth"><select name="${field.name}" ${field.required ? 'required' : ''}>`;
+            if (field.options) {
+              field.options.forEach(function(option) {
+                const selected = field.default === option ? 'selected' : '';
+                fieldHTML += `<option value="${option}" ${selected}>${option}</option>`;
+              });
+            }
+            fieldHTML += '</select></div>';
+          } else if (field.type === 'textarea') {
+            fieldHTML += `<textarea class="textarea" name="${field.name}" placeholder="${field.placeholder || ''}" ${field.required ? 'required' : ''}></textarea>`;
+          } else {
+            fieldHTML += `<input class="input" type="${field.type}" name="${field.name}" 
+              placeholder="${field.placeholder || ''}" ${field.required ? 'required' : ''}>`;
+          }
+          
+          fieldHTML += '</div>';
+          fieldDiv.innerHTML = fieldHTML;
+          credentialConfigFields.appendChild(fieldDiv);
+        });
+      }
+    });
+    
+    // Handle form submission
+    addCredentialForm.addEventListener('submit', function(e) {
+      e.preventDefault();
+      
+      const formData = new FormData(this);
+      
+      fetch('/auth/credentials', {
+        method: 'POST',
+        body: formData
+      })
+      .then(response => response.json())
+      .then(data => {
+        if (data.success) {
+          hideModal();
+          if (typeof showToast === 'function') {
+            showToast(data.message, 'is-success');
+          }
+          // Reload the page to show the new credential
+          window.location.reload();
+        } else {
+          if (typeof showToast === 'function') {
+            showToast(data.error || 'Failed to add credential', 'is-danger');
+          }
+        }
+      })
+      .catch(error => {
+        console.error('Error:', error);
+        if (typeof showToast === 'function') {
+          showToast('Network error occurred', 'is-danger');
+        }
+      });
+    });
+  });

data/lib/legate/web/views/auth_debug.slim

@@ -0,0 +1,94 @@
+/ File: lib/legate/web/views/auth_debug.slim
+.content.mb-6
+  nav.breadcrumb(aria-label="breadcrumbs")
+    ul
+      li
+        a(href="/auth") Authentication
+      li.is-active
+        a(href="/auth/debug" aria-current="page") Debug
+
+  h1.title.is-2 Authentication Debug Information
+  p.subtitle.is-4 Detailed information about the authentication manager state
+
+- if @debug_info
+  .columns
+    .column.is-half
+      .card
+        .card-header
+          p.card-header-title Authentication Manager
+        .card-content
+          .content
+            table.table.is-narrow
+              tbody
+                tr
+                  td <strong>Class:</strong>
+                  td
+                    code = @debug_info[:manager_class]
+                tr
+                  td <strong>Instance ID:</strong>
+                  td
+                    code = @debug_info[:manager_instance_id]
+                tr
+                  td <strong>Schemes Registered:</strong>
+                  td = @debug_info[:schemes_registered].size
+                tr
+                  td <strong>Credentials Registered:</strong>
+                  td = @debug_info[:credentials_registered].size
+                tr
+                  td <strong>URL Mappings:</strong>
+                  td = @debug_info[:url_mappings_count]
+
+    .column.is-half
+      .card
+        .card-header
+          p.card-header-title Registered Components
+        .card-content
+          .content
+            h4.title.is-6 Schemes
+            - if @debug_info[:schemes_registered].any?
+              .tags
+                - @debug_info[:schemes_registered].each do |scheme_name|
+                  span.tag.is-primary.is-light = scheme_name
+            - else
+              p.has-text-grey No schemes registered
+            
+            h4.title.is-6.mt-4 Credentials
+            - if @debug_info[:credentials_registered].any?
+              .tags
+                - @debug_info[:credentials_registered].each do |credential_name|
+                  span.tag.is-info.is-light = credential_name
+            - else
+              p.has-text-grey No credentials registered
+
+- else
+  .columns.is-centered
+    .column.is-half
+      .notification.is-danger
+        h3.title.is-4 Debug Information Unavailable
+        p Could not retrieve debug information from the authentication manager.
+
+.content.mt-6
+  h2.title.is-4 Troubleshooting
+  .columns
+    .column.is-half
+      .content
+        h3.title.is-5 
+          span.icon.has-text-warning
+            i.fas.fa-exclamation-triangle
+          span  Common Issues
+        ul
+          li <strong>No schemes registered:</strong> Authentication system may not be properly initialized
+          li <strong>No credentials:</strong> Add credentials for the services your agents will use
+          li <strong>Manager unavailable:</strong> Check that the authentication system dependencies are loaded
+        
+    .column.is-half
+      .content
+        h3.title.is-5
+          span.icon.has-text-info
+            i.fas.fa-lightbulb
+          span  Expected State
+        p In a properly configured system, you should see:
+        ul
+          li Default schemes (api_key, http_bearer, oauth2, oidc, service_account, google_service_account)
+          li At least one credential for each service your agents use
+          li URL mappings for automatic authentication