@stigmer/react 0.0.83 → 0.0.85

package/mcp-server/useOrgOAuthApp.js

@@ -0,0 +1,160 @@
+"use client";
+import { useCallback, useEffect, useState } from "react";
+import { create } from "@bufbuild/protobuf";
+import { GetOrgOAuthAppInputSchema, SetOrgOAuthAppInputSchema, DeleteOrgOAuthAppInputSchema, } from "@stigmer/protos/ai/stigmer/agentic/mcpserver/v1/io_pb";
+import { useStigmer } from "../hooks";
+import { toError } from "../internal/toError";
+const IDLE = {
+    hasOverride: false,
+    oauthAppId: null,
+    clientId: null,
+    isLoading: false,
+    error: null,
+    refetch: () => { },
+    setOrgOAuthApp: () => Promise.resolve(""),
+    isSetting: false,
+    setError: null,
+    deleteOrgOAuthApp: () => Promise.resolve(false),
+    isDeleting: false,
+    deleteError: null,
+    clearErrors: () => { },
+};
+/**
+ * Hybrid data + behavior hook for managing org-level BYOA OAuth app overrides.
+ *
+ * **Data side**: Auto-fetches `getOrgOAuthApp` when both parameters are
+ * non-null. Returns override existence, OAuthApp ID, and client ID for
+ * display. Follows the same fetch-on-mount pattern as
+ * {@link useOAuthGrantStatus}.
+ *
+ * **Behavior side**: Exposes `setOrgOAuthApp` and `deleteOrgOAuthApp`
+ * mutations bound to the hook's resource + org context, eliminating
+ * parameter repetition at call sites.
+ *
+ * Pass `null` for either parameter to skip fetching (stable no-op).
+ *
+ * @example
+ * ```tsx
+ * const orgApp = useOrgOAuthApp(mcpServer?.metadata?.id ?? null, org);
+ *
+ * if (orgApp.hasOverride) {
+ *   return <span>Using your OAuth app (client: {orgApp.clientId})</span>;
+ * }
+ *
+ * const handleSubmit = async (clientId: string, clientSecret: string) => {
+ *   await orgApp.setOrgOAuthApp(clientId, clientSecret);
+ *   orgApp.refetch();
+ *   credentials.refetch();
+ * };
+ * ```
+ */
+export function useOrgOAuthApp(resourceId, org) {
+    const stigmer = useStigmer();
+    const [hasOverride, setHasOverride] = useState(false);
+    const [oauthAppId, setOauthAppId] = useState(null);
+    const [clientId, setClientId] = useState(null);
+    const [isLoading, setIsLoading] = useState(false);
+    const [error, setError] = useState(null);
+    const [fetchKey, setFetchKey] = useState(0);
+    const [isSetting, setIsSetting] = useState(false);
+    const [setError_, setSetError] = useState(null);
+    const [isDeleting, setIsDeleting] = useState(false);
+    const [deleteError, setDeleteError] = useState(null);
+    const refetch = useCallback(() => setFetchKey((k) => k + 1), []);
+    const clearErrors = useCallback(() => {
+        setSetError(null);
+        setDeleteError(null);
+    }, []);
+    useEffect(() => {
+        if (!resourceId || !org) {
+            setHasOverride(false);
+            setOauthAppId(null);
+            setClientId(null);
+            setIsLoading(false);
+            setError(null);
+            return;
+        }
+        const cancelled = { current: false };
+        setIsLoading(true);
+        setError(null);
+        stigmer.mcpServer
+            .getOrgOAuthApp(create(GetOrgOAuthAppInputSchema, { resourceId, org }))
+            .then((result) => {
+            if (cancelled.current)
+                return;
+            setHasOverride(result.hasOverride);
+            setOauthAppId(result.oauthAppId || null);
+            setClientId(result.clientId || null);
+            setIsLoading(false);
+        }, (err) => {
+            if (cancelled.current)
+                return;
+            setError(toError(err));
+            setIsLoading(false);
+        });
+        return () => {
+            cancelled.current = true;
+        };
+    }, [resourceId, org, stigmer, fetchKey]);
+    const setOrgOAuthApp = useCallback(async (newClientId, clientSecret) => {
+        if (!resourceId || !org) {
+            throw new Error("useOrgOAuthApp: resourceId and org are required for setOrgOAuthApp");
+        }
+        setIsSetting(true);
+        setSetError(null);
+        try {
+            const result = await stigmer.mcpServer.setOrgOAuthApp(create(SetOrgOAuthAppInputSchema, {
+                resourceId,
+                org,
+                clientId: newClientId,
+                clientSecret,
+            }));
+            return result.oauthAppId;
+        }
+        catch (err) {
+            const wrapped = toError(err);
+            setSetError(wrapped);
+            throw wrapped;
+        }
+        finally {
+            setIsSetting(false);
+        }
+    }, [stigmer, resourceId, org]);
+    const deleteOrgOAuthApp = useCallback(async () => {
+        if (!resourceId || !org) {
+            throw new Error("useOrgOAuthApp: resourceId and org are required for deleteOrgOAuthApp");
+        }
+        setIsDeleting(true);
+        setDeleteError(null);
+        try {
+            const result = await stigmer.mcpServer.deleteOrgOAuthApp(create(DeleteOrgOAuthAppInputSchema, { resourceId, org }));
+            return result.deleted;
+        }
+        catch (err) {
+            const wrapped = toError(err);
+            setDeleteError(wrapped);
+            throw wrapped;
+        }
+        finally {
+            setIsDeleting(false);
+        }
+    }, [stigmer, resourceId, org]);
+    if (!resourceId || !org)
+        return { ...IDLE, refetch, clearErrors };
+    return {
+        hasOverride,
+        oauthAppId,
+        clientId,
+        isLoading,
+        error,
+        refetch,
+        setOrgOAuthApp,
+        isSetting,
+        setError: setError_,
+        deleteOrgOAuthApp,
+        isDeleting,
+        deleteError,
+        clearErrors,
+    };
+}
+//# sourceMappingURL=useOrgOAuthApp.js.map

package/mcp-server/useOrgOAuthApp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"useOrgOAuthApp.js","sourceRoot":"","sources":["../../src/mcp-server/useOrgOAuthApp.ts"],"names":[],"mappings":"AAAA,YAAY,CAAC;AAEb,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACzD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EACL,yBAAyB,EACzB,yBAAyB,EACzB,4BAA4B,GAC7B,MAAM,uDAAuD,CAAC;AAC/D,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AA4D9C,MAAM,IAAI,GAAyB;IACjC,WAAW,EAAE,KAAK;IAClB,UAAU,EAAE,IAAI;IAChB,QAAQ,EAAE,IAAI;IACd,SAAS,EAAE,KAAK;IAChB,KAAK,EAAE,IAAI;IACX,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC;IACjB,cAAc,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;IACzC,SAAS,EAAE,KAAK;IAChB,QAAQ,EAAE,IAAI;IACd,iBAAiB,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC;IAC/C,UAAU,EAAE,KAAK;IACjB,WAAW,EAAE,IAAI;IACjB,WAAW,EAAE,GAAG,EAAE,GAAE,CAAC;CACtB,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,UAAU,cAAc,CAC5B,UAAyB,EACzB,GAAkB;IAElB,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAE7B,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACtD,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAC;IAClE,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAgB,IAAI,CAAC,CAAC;IAC9D,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAClD,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IACvD,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAE5C,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAClD,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAC9D,MAAM,CAAC,UAAU,EAAE,aAAa,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACpD,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAe,IAAI,CAAC,CAAC;IAEnE,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEjE,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE;QACnC,WAAW,CAAC,IAAI,CAAC,CAAC;QAClB,cAAc,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC;YACxB,cAAc,CAAC,KAAK,CAAC,CAAC;YACtB,aAAa,CAAC,IAAI,CAAC,CAAC;YACpB,WAAW,CAAC,IAAI,CAAC,CAAC;YAClB,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC,CAAC;YACf,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QACrC,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEf,OAAO,CAAC,SAAS;aACd,cAAc,CACb,MAAM,CAAC,yBAAyB,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CACvD;aACA,IAAI,CACH,CAAC,MAAM,EAAE,EAAE;YACT,IAAI,SAAS,CAAC,OAAO;gBAAE,OAAO;YAC9B,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACnC,aAAa,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC;YACzC,WAAW,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,CAAC;YACrC,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;YACN,IAAI,SAAS,CAAC,OAAO;gBAAE,OAAO;YAC9B,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YACvB,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC,CACF,CAAC;QAEJ,OAAO,GAAG,EAAE;YACV,SAAS,CAAC,OAAO,GAAG,IAAI,CAAC;QAC3B,CAAC,CAAC;IACJ,CAAC,EAAE,CAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;IAEzC,MAAM,cAAc,GAAG,WAAW,CAChC,KAAK,EAAE,WAAmB,EAAE,YAAoB,EAAmB,EAAE;QACnE,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;QACJ,CAAC;QACD,YAAY,CAAC,IAAI,CAAC,CAAC;QACnB,WAAW,CAAC,IAAI,CAAC,CAAC;QAElB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,cAAc,CACnD,MAAM,CAAC,yBAAyB,EAAE;gBAChC,UAAU;gBACV,GAAG;gBACH,QAAQ,EAAE,WAAW;gBACrB,YAAY;aACb,CAAC,CACH,CAAC;YACF,OAAO,MAAM,CAAC,UAAU,CAAC;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;YAC7B,WAAW,CAAC,OAAO,CAAC,CAAC;YACrB,MAAM,OAAO,CAAC;QAChB,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC,EACD,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,CAAC,CAC3B,CAAC;IAEF,MAAM,iBAAiB,GAAG,WAAW,CAAC,KAAK,IAAsB,EAAE;QACjE,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;QACJ,CAAC;QACD,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,cAAc,CAAC,IAAI,CAAC,CAAC;QAErB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,SAAS,CAAC,iBAAiB,CACtD,MAAM,CAAC,4BAA4B,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAC1D,CAAC;YACF,OAAO,MAAM,CAAC,OAAO,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;YAC7B,cAAc,CAAC,OAAO,CAAC,CAAC;YACxB,MAAM,OAAO,CAAC;QAChB,CAAC;gBAAS,CAAC;YACT,aAAa,CAAC,KAAK,CAAC,CAAC;QACvB,CAAC;IACH,CAAC,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC;IAE/B,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;IAElE,OAAO;QACL,WAAW;QACX,UAAU;QACV,QAAQ;QACR,SAAS;QACT,KAAK;QACL,OAAO;QACP,cAAc;QACd,SAAS;QACT,QAAQ,EAAE,SAAS;QACnB,iBAAiB;QACjB,UAAU;QACV,WAAW;QACX,WAAW;KACZ,CAAC;AACJ,CAAC"}

package/oauth-app/CreateOAuthAppForm.d.ts

@@ -0,0 +1,41 @@
+import type { OAuthApp } from "@stigmer/protos/ai/stigmer/iam/oauthapp/v1/api_pb";
+/** Props for {@link CreateOAuthAppForm}. */
+export interface CreateOAuthAppFormProps {
+    /** Organization slug — the OAuth app will be created in this org. */
+    readonly org: string;
+    /** Fired with the newly created OAuth app on success. */
+    readonly onCreated?: (app: OAuthApp) => void;
+    /** Fired when the user cancels creation. */
+    readonly onCancel?: () => void;
+    /** Additional CSS class names for the root container. */
+    readonly className?: string;
+}
+/**
+ * Form for creating a new OAuth app within an organization.
+ *
+ * Collects the required OAuth configuration: **name**, **provider**,
+ * **client ID**, **client secret**, **authorization URL**, and
+ * **token URL**. An expandable "Advanced" section provides optional
+ * fields for scopes, userinfo URL, scope parameter name, and vendor
+ * approval settings.
+ *
+ * This is a pure presentational component with no dialog wrapper
+ * (headless-first). The parent is responsible for rendering it inside
+ * a card, dialog, or inline context as needed.
+ *
+ * All visual properties flow through `--stgm-*` design tokens.
+ *
+ * @example
+ * ```tsx
+ * <CreateOAuthAppForm
+ *   org="acme"
+ *   onCreated={(app) => {
+ *     refetch();
+ *     setShowForm(false);
+ *   }}
+ *   onCancel={() => setShowForm(false)}
+ * />
+ * ```
+ */
+export declare function CreateOAuthAppForm({ org, onCreated, onCancel, className, }: CreateOAuthAppFormProps): import("react/jsx-runtime").JSX.Element;
+//# sourceMappingURL=CreateOAuthAppForm.d.ts.map

package/oauth-app/CreateOAuthAppForm.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CreateOAuthAppForm.d.ts","sourceRoot":"","sources":["../../src/oauth-app/CreateOAuthAppForm.tsx"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mDAAmD,CAAC;AAQlF,4CAA4C;AAC5C,MAAM,WAAW,uBAAuB;IACtC,qEAAqE;IACrE,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,yDAAyD;IACzD,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,QAAQ,KAAK,IAAI,CAAC;IAC7C,4CAA4C;IAC5C,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,IAAI,CAAC;IAC/B,yDAAyD;IACzD,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAgB,kBAAkB,CAAC,EACjC,GAAG,EACH,SAAS,EACT,QAAQ,EACR,SAAS,GACV,EAAE,uBAAuB,2CA6RzB"}

package/oauth-app/CreateOAuthAppForm.js

@@ -0,0 +1,140 @@
+"use client";
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { useCallback, useState } from "react";
+import { cn } from "@stigmer/theme";
+import { getUserMessage } from "@stigmer/sdk";
+import { VendorApprovalStatus } from "@stigmer/protos/ai/stigmer/iam/oauthapp/v1/spec_pb";
+import { useCreateOAuthApp } from "./useCreateOAuthApp";
+/**
+ * Form for creating a new OAuth app within an organization.
+ *
+ * Collects the required OAuth configuration: **name**, **provider**,
+ * **client ID**, **client secret**, **authorization URL**, and
+ * **token URL**. An expandable "Advanced" section provides optional
+ * fields for scopes, userinfo URL, scope parameter name, and vendor
+ * approval settings.
+ *
+ * This is a pure presentational component with no dialog wrapper
+ * (headless-first). The parent is responsible for rendering it inside
+ * a card, dialog, or inline context as needed.
+ *
+ * All visual properties flow through `--stgm-*` design tokens.
+ *
+ * @example
+ * ```tsx
+ * <CreateOAuthAppForm
+ *   org="acme"
+ *   onCreated={(app) => {
+ *     refetch();
+ *     setShowForm(false);
+ *   }}
+ *   onCancel={() => setShowForm(false)}
+ * />
+ * ```
+ */
+export function CreateOAuthAppForm({ org, onCreated, onCancel, className, }) {
+    const { create, isCreating, error, clearError } = useCreateOAuthApp();
+    const [name, setName] = useState("");
+    const [provider, setProvider] = useState("");
+    const [clientId, setClientId] = useState("");
+    const [clientSecret, setClientSecret] = useState("");
+    const [authorizationUrl, setAuthorizationUrl] = useState("");
+    const [tokenUrl, setTokenUrl] = useState("");
+    const [showAdvanced, setShowAdvanced] = useState(false);
+    const [scopes, setScopes] = useState("");
+    const [userinfoUrl, setUserinfoUrl] = useState("");
+    const [scopeParameterName, setScopeParameterName] = useState("");
+    const [vendorApprovalStatus, setVendorApprovalStatus] = useState("unspecified");
+    const [vendorApprovalDocsUrl, setVendorApprovalDocsUrl] = useState("");
+    const trimmedName = name.trim();
+    const trimmedProvider = provider.trim();
+    const trimmedClientId = clientId.trim();
+    const trimmedClientSecret = clientSecret.trim();
+    const trimmedAuthUrl = authorizationUrl.trim();
+    const trimmedTokenUrl = tokenUrl.trim();
+    const canSubmit = trimmedName !== "" &&
+        trimmedProvider !== "" &&
+        trimmedClientId !== "" &&
+        trimmedClientSecret !== "" &&
+        trimmedAuthUrl !== "" &&
+        trimmedTokenUrl !== "" &&
+        !isCreating;
+    const handleSubmit = useCallback(async (e) => {
+        e.preventDefault();
+        if (!canSubmit)
+            return;
+        clearError();
+        try {
+            const parsedScopes = scopes
+                .split(",")
+                .map((s) => s.trim())
+                .filter(Boolean);
+            const app = await create({
+                name: trimmedName,
+                org,
+                provider: trimmedProvider,
+                clientId: trimmedClientId,
+                clientSecret: trimmedClientSecret,
+                authorizationUrl: trimmedAuthUrl,
+                tokenUrl: trimmedTokenUrl,
+                ...(parsedScopes.length > 0 && { scopes: parsedScopes }),
+                ...(userinfoUrl.trim() && { userinfoUrl: userinfoUrl.trim() }),
+                ...(scopeParameterName.trim() && {
+                    scopeParameterName: scopeParameterName.trim(),
+                }),
+                ...(vendorApprovalStatus !== "unspecified" && {
+                    vendorApprovalStatus: APPROVAL_STATUS_MAP[vendorApprovalStatus],
+                }),
+                ...(vendorApprovalDocsUrl.trim() && {
+                    vendorApprovalDocsUrl: vendorApprovalDocsUrl.trim(),
+                }),
+            });
+            onCreated?.(app);
+        }
+        catch {
+            // error state is managed by useCreateOAuthApp
+        }
+    }, [
+        canSubmit,
+        trimmedName,
+        org,
+        trimmedProvider,
+        trimmedClientId,
+        trimmedClientSecret,
+        trimmedAuthUrl,
+        trimmedTokenUrl,
+        scopes,
+        userinfoUrl,
+        scopeParameterName,
+        vendorApprovalStatus,
+        vendorApprovalDocsUrl,
+        create,
+        clearError,
+        onCreated,
+    ]);
+    return (_jsxs("form", { onSubmit: handleSubmit, className: cn("space-y-3", className), children: [_jsxs("div", { className: "space-y-3", children: [_jsx(FormField, { id: "stgm-oauth-name", label: "Name", value: name, onChange: setName, placeholder: "e.g. My Slack App", disabled: isCreating, required: true }), _jsx(FormField, { id: "stgm-oauth-provider", label: "Provider", value: provider, onChange: setProvider, placeholder: "e.g. Slack, GitHub, Salesforce", hint: "Human-readable vendor name for display", disabled: isCreating, required: true }), _jsx(FormField, { id: "stgm-oauth-client-id", label: "Client ID", value: clientId, onChange: setClientId, placeholder: "OAuth client identifier", disabled: isCreating, required: true }), _jsx(FormField, { id: "stgm-oauth-client-secret", label: "Client secret", value: clientSecret, onChange: setClientSecret, placeholder: "OAuth client secret", type: "password", disabled: isCreating, required: true }), _jsx(FormField, { id: "stgm-oauth-auth-url", label: "Authorization URL", value: authorizationUrl, onChange: setAuthorizationUrl, placeholder: "https://vendor.com/oauth/authorize", hint: "Vendor's OAuth authorization endpoint", disabled: isCreating, required: true }), _jsx(FormField, { id: "stgm-oauth-token-url", label: "Token URL", value: tokenUrl, onChange: setTokenUrl, placeholder: "https://vendor.com/oauth/token", hint: "Vendor's OAuth token exchange endpoint", disabled: isCreating, required: true }), _jsxs("div", { children: [_jsxs("button", { type: "button", onClick: () => setShowAdvanced((v) => !v), className: "text-muted-foreground hover:text-foreground flex items-center gap-1 text-[0.65rem] font-medium transition-colors", children: [_jsx(ChevronIcon, { expanded: showAdvanced }), "Advanced settings"] }), showAdvanced && (_jsxs("div", { className: "mt-2 space-y-3 border-l-2 border-border/60 pl-3", children: [_jsx(FormField, { id: "stgm-oauth-scopes", label: "Scopes", value: scopes, onChange: setScopes, placeholder: "read, write, admin", hint: "Comma-separated OAuth scopes to request", disabled: isCreating }), _jsx(FormField, { id: "stgm-oauth-userinfo-url", label: "Userinfo URL", value: userinfoUrl, onChange: setUserinfoUrl, placeholder: "https://vendor.com/userinfo", hint: "OIDC endpoint for fetching user profile data (optional)", disabled: isCreating }), _jsx(FormField, { id: "stgm-oauth-scope-param", label: "Scope parameter name", value: scopeParameterName, onChange: setScopeParameterName, placeholder: "scope", hint: 'Defaults to "scope". Some vendors use a non-standard name (e.g. "user_scope" for Slack).', disabled: isCreating }), _jsxs("div", { className: "space-y-1", children: [_jsx("label", { htmlFor: "stgm-oauth-approval-status", className: "text-xs font-medium text-foreground", children: "Vendor approval status" }), _jsxs("select", { id: "stgm-oauth-approval-status", value: vendorApprovalStatus, onChange: (e) => setVendorApprovalStatus(e.target.value), disabled: isCreating, className: cn("w-full rounded-md border border-input bg-background px-2.5 py-1.5 text-xs text-foreground", "focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring", "disabled:pointer-events-none disabled:opacity-50"), children: [_jsx("option", { value: "unspecified", children: "Unspecified (treated as approved)" }), _jsx("option", { value: "pending", children: "Pending" }), _jsx("option", { value: "approved", children: "Approved" }), _jsx("option", { value: "rejected", children: "Rejected" })] }), _jsx("p", { className: "text-[0.65rem] text-muted-foreground", children: "Vendor marketplace approval lifecycle status" })] }), _jsx(FormField, { id: "stgm-oauth-approval-docs", label: "Vendor approval docs URL", value: vendorApprovalDocsUrl, onChange: setVendorApprovalDocsUrl, placeholder: "https://docs.example.com/byoa", hint: "Help link shown when vendor approval is pending", disabled: isCreating })] }))] })] }), error && (_jsx("p", { className: "text-destructive text-[0.65rem]", role: "alert", children: getUserMessage(error) })), _jsxs("div", { className: "flex items-center gap-2", children: [_jsxs("button", { type: "submit", disabled: !canSubmit, className: cn("inline-flex items-center gap-1.5 rounded-md px-3 py-1.5 text-xs font-medium", "bg-primary text-primary-foreground hover:bg-primary/90", "disabled:pointer-events-none disabled:opacity-40"), children: [isCreating && _jsx(SpinnerIcon, {}), "Create OAuth app"] }), onCancel && (_jsx("button", { type: "button", onClick: onCancel, disabled: isCreating, className: cn("rounded-md px-3 py-1.5 text-xs", "text-muted-foreground hover:text-foreground hover:bg-accent/50", "disabled:pointer-events-none disabled:opacity-50"), children: "Cancel" }))] })] }));
+}
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+const APPROVAL_STATUS_MAP = {
+    pending: VendorApprovalStatus.PENDING,
+    approved: VendorApprovalStatus.APPROVED,
+    rejected: VendorApprovalStatus.REJECTED,
+};
+// ---------------------------------------------------------------------------
+// FormField (internal)
+// ---------------------------------------------------------------------------
+function FormField({ id, label, value, onChange, placeholder, hint, type = "text", disabled, required, }) {
+    return (_jsxs("div", { className: "space-y-1", children: [_jsx("label", { htmlFor: id, className: "text-xs font-medium text-foreground", children: label }), _jsx("input", { id: id, type: type, value: value, onChange: (e) => onChange(e.target.value), placeholder: placeholder, disabled: disabled, required: required, className: cn("w-full rounded-md border border-input bg-background px-2.5 py-1.5 text-xs text-foreground", "placeholder:text-muted-foreground", "focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring", "disabled:pointer-events-none disabled:opacity-50") }), hint && (_jsx("p", { className: "text-[0.65rem] text-muted-foreground", children: hint }))] }));
+}
+// ---------------------------------------------------------------------------
+// Icons
+// ---------------------------------------------------------------------------
+function ChevronIcon({ expanded }) {
+    return (_jsx("svg", { width: "10", height: "10", viewBox: "0 0 16 16", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", "aria-hidden": "true", className: cn("shrink-0 transition-transform", expanded && "rotate-90"), children: _jsx("path", { d: "M6 4l4 4-4 4" }) }));
+}
+function SpinnerIcon() {
+    return (_jsx("svg", { width: "12", height: "12", viewBox: "0 0 16 16", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", className: "animate-spin", "aria-hidden": "true", children: _jsx("path", { d: "M8 2a6 6 0 1 0 6 6" }) }));
+}
+//# sourceMappingURL=CreateOAuthAppForm.js.map

package/oauth-app/CreateOAuthAppForm.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"CreateOAuthAppForm.js","sourceRoot":"","sources":["../../src/oauth-app/CreateOAuthAppForm.tsx"],"names":[],"mappings":"AAAA,YAAY,CAAC;;AAEb,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAkB,MAAM,OAAO,CAAC;AAC9D,OAAO,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAE9C,OAAO,EAAE,oBAAoB,EAAE,MAAM,oDAAoD,CAAC;AAC1F,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAkBxD;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,UAAU,kBAAkB,CAAC,EACjC,GAAG,EACH,SAAS,EACT,QAAQ,EACR,SAAS,GACe;IACxB,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,iBAAiB,EAAE,CAAC;IAEtE,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IACrC,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7C,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7C,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IACrD,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC7D,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAE7C,MAAM,CAAC,YAAY,EAAE,eAAe,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IACxD,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IACzC,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IACjE,MAAM,CAAC,oBAAoB,EAAE,uBAAuB,CAAC,GAAG,QAAQ,CAE9D,aAAa,CAAC,CAAC;IACjB,MAAM,CAAC,qBAAqB,EAAE,wBAAwB,CAAC,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAEvE,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAChC,MAAM,eAAe,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;IACxC,MAAM,eAAe,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;IACxC,MAAM,mBAAmB,GAAG,YAAY,CAAC,IAAI,EAAE,CAAC;IAChD,MAAM,cAAc,GAAG,gBAAgB,CAAC,IAAI,EAAE,CAAC;IAC/C,MAAM,eAAe,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;IAExC,MAAM,SAAS,GACb,WAAW,KAAK,EAAE;QAClB,eAAe,KAAK,EAAE;QACtB,eAAe,KAAK,EAAE;QACtB,mBAAmB,KAAK,EAAE;QAC1B,cAAc,KAAK,EAAE;QACrB,eAAe,KAAK,EAAE;QACtB,CAAC,UAAU,CAAC;IAEd,MAAM,YAAY,GAAG,WAAW,CAC9B,KAAK,EAAE,CAAY,EAAE,EAAE;QACrB,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,IAAI,CAAC,SAAS;YAAE,OAAO;QAEvB,UAAU,EAAE,CAAC;QACb,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM;iBACxB,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;iBACpB,MAAM,CAAC,OAAO,CAAC,CAAC;YAEnB,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC;gBACvB,IAAI,EAAE,WAAW;gBACjB,GAAG;gBACH,QAAQ,EAAE,eAAe;gBACzB,QAAQ,EAAE,eAAe;gBACzB,YAAY,EAAE,mBAAmB;gBACjC,gBAAgB,EAAE,cAAc;gBAChC,QAAQ,EAAE,eAAe;gBACzB,GAAG,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;gBACxD,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;gBAC9D,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,IAAI;oBAC/B,kBAAkB,EAAE,kBAAkB,CAAC,IAAI,EAAE;iBAC9C,CAAC;gBACF,GAAG,CAAC,oBAAoB,KAAK,aAAa,IAAI;oBAC5C,oBAAoB,EAAE,mBAAmB,CAAC,oBAAoB,CAAC;iBAChE,CAAC;gBACF,GAAG,CAAC,qBAAqB,CAAC,IAAI,EAAE,IAAI;oBAClC,qBAAqB,EAAE,qBAAqB,CAAC,IAAI,EAAE;iBACpD,CAAC;aACH,CAAC,CAAC;YACH,SAAS,EAAE,CAAC,GAAG,CAAC,CAAC;QACnB,CAAC;QAAC,MAAM,CAAC;YACP,8CAA8C;QAChD,CAAC;IACH,CAAC,EACD;QACE,SAAS;QACT,WAAW;QACX,GAAG;QACH,eAAe;QACf,eAAe;QACf,mBAAmB;QACnB,cAAc;QACd,eAAe;QACf,MAAM;QACN,WAAW;QACX,kBAAkB;QAClB,oBAAoB;QACpB,qBAAqB;QACrB,MAAM;QACN,UAAU;QACV,SAAS;KACV,CACF,CAAC;IAEF,OAAO,CACL,gBAAM,QAAQ,EAAE,YAAY,EAAE,SAAS,EAAE,EAAE,CAAC,WAAW,EAAE,SAAS,CAAC,aACjE,eAAK,SAAS,EAAC,WAAW,aACxB,KAAC,SAAS,IACR,EAAE,EAAC,iBAAiB,EACpB,KAAK,EAAC,MAAM,EACZ,KAAK,EAAE,IAAI,EACX,QAAQ,EAAE,OAAO,EACjB,WAAW,EAAC,mBAAmB,EAC/B,QAAQ,EAAE,UAAU,EACpB,QAAQ,SACR,EAEF,KAAC,SAAS,IACR,EAAE,EAAC,qBAAqB,EACxB,KAAK,EAAC,UAAU,EAChB,KAAK,EAAE,QAAQ,EACf,QAAQ,EAAE,WAAW,EACrB,WAAW,EAAC,gCAAgC,EAC5C,IAAI,EAAC,wCAAwC,EAC7C,QAAQ,EAAE,UAAU,EACpB,QAAQ,SACR,EAEF,KAAC,SAAS,IACR,EAAE,EAAC,sBAAsB,EACzB,KAAK,EAAC,WAAW,EACjB,KAAK,EAAE,QAAQ,EACf,QAAQ,EAAE,WAAW,EACrB,WAAW,EAAC,yBAAyB,EACrC,QAAQ,EAAE,UAAU,EACpB,QAAQ,SACR,EAEF,KAAC,SAAS,IACR,EAAE,EAAC,0BAA0B,EAC7B,KAAK,EAAC,eAAe,EACrB,KAAK,EAAE,YAAY,EACnB,QAAQ,EAAE,eAAe,EACzB,WAAW,EAAC,qBAAqB,EACjC,IAAI,EAAC,UAAU,EACf,QAAQ,EAAE,UAAU,EACpB,QAAQ,SACR,EAEF,KAAC,SAAS,IACR,EAAE,EAAC,qBAAqB,EACxB,KAAK,EAAC,mBAAmB,EACzB,KAAK,EAAE,gBAAgB,EACvB,QAAQ,EAAE,mBAAmB,EAC7B,WAAW,EAAC,oCAAoC,EAChD,IAAI,EAAC,uCAAuC,EAC5C,QAAQ,EAAE,UAAU,EACpB,QAAQ,SACR,EAEF,KAAC,SAAS,IACR,EAAE,EAAC,sBAAsB,EACzB,KAAK,EAAC,WAAW,EACjB,KAAK,EAAE,QAAQ,EACf,QAAQ,EAAE,WAAW,EACrB,WAAW,EAAC,gCAAgC,EAC5C,IAAI,EAAC,wCAAwC,EAC7C,QAAQ,EAAE,UAAU,EACpB,QAAQ,SACR,EAGF,0BACE,kBACE,IAAI,EAAC,QAAQ,EACb,OAAO,EAAE,GAAG,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,EACzC,SAAS,EAAC,kHAAkH,aAE5H,KAAC,WAAW,IAAC,QAAQ,EAAE,YAAY,GAAI,yBAEhC,EAER,YAAY,IAAI,CACf,eAAK,SAAS,EAAC,iDAAiD,aAC9D,KAAC,SAAS,IACR,EAAE,EAAC,mBAAmB,EACtB,KAAK,EAAC,QAAQ,EACd,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,SAAS,EACnB,WAAW,EAAC,oBAAoB,EAChC,IAAI,EAAC,yCAAyC,EAC9C,QAAQ,EAAE,UAAU,GACpB,EAEF,KAAC,SAAS,IACR,EAAE,EAAC,yBAAyB,EAC5B,KAAK,EAAC,cAAc,EACpB,KAAK,EAAE,WAAW,EAClB,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAC,6BAA6B,EACzC,IAAI,EAAC,yDAAyD,EAC9D,QAAQ,EAAE,UAAU,GACpB,EAEF,KAAC,SAAS,IACR,EAAE,EAAC,wBAAwB,EAC3B,KAAK,EAAC,sBAAsB,EAC5B,KAAK,EAAE,kBAAkB,EACzB,QAAQ,EAAE,qBAAqB,EAC/B,WAAW,EAAC,OAAO,EACnB,IAAI,EAAC,0FAA0F,EAC/F,QAAQ,EAAE,UAAU,GACpB,EAEF,eAAK,SAAS,EAAC,WAAW,aACxB,gBACE,OAAO,EAAC,4BAA4B,EACpC,SAAS,EAAC,qCAAqC,uCAGzC,EACR,kBACE,EAAE,EAAC,4BAA4B,EAC/B,KAAK,EAAE,oBAAoB,EAC3B,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CACd,uBAAuB,CACrB,CAAC,CAAC,MAAM,CAAC,KAAoC,CAC9C,EAEH,QAAQ,EAAE,UAAU,EACpB,SAAS,EAAE,EAAE,CACX,2FAA2F,EAC3F,yEAAyE,EACzE,kDAAkD,CACnD,aAED,iBAAQ,KAAK,EAAC,aAAa,kDAA2C,EACtE,iBAAQ,KAAK,EAAC,SAAS,wBAAiB,EACxC,iBAAQ,KAAK,EAAC,UAAU,yBAAkB,EAC1C,iBAAQ,KAAK,EAAC,UAAU,yBAAkB,IACnC,EACT,YAAG,SAAS,EAAC,sCAAsC,6DAE/C,IACA,EAEN,KAAC,SAAS,IACR,EAAE,EAAC,0BAA0B,EAC7B,KAAK,EAAC,0BAA0B,EAChC,KAAK,EAAE,qBAAqB,EAC5B,QAAQ,EAAE,wBAAwB,EAClC,WAAW,EAAC,+BAA+B,EAC3C,IAAI,EAAC,iDAAiD,EACtD,QAAQ,EAAE,UAAU,GACpB,IACE,CACP,IACG,IACF,EAEL,KAAK,IAAI,CACR,YAAG,SAAS,EAAC,iCAAiC,EAAC,IAAI,EAAC,OAAO,YACxD,cAAc,CAAC,KAAK,CAAC,GACpB,CACL,EAED,eAAK,SAAS,EAAC,yBAAyB,aACtC,kBACE,IAAI,EAAC,QAAQ,EACb,QAAQ,EAAE,CAAC,SAAS,EACpB,SAAS,EAAE,EAAE,CACX,6EAA6E,EAC7E,wDAAwD,EACxD,kDAAkD,CACnD,aAEA,UAAU,IAAI,KAAC,WAAW,KAAG,wBAEvB,EAER,QAAQ,IAAI,CACX,iBACE,IAAI,EAAC,QAAQ,EACb,OAAO,EAAE,QAAQ,EACjB,QAAQ,EAAE,UAAU,EACpB,SAAS,EAAE,EAAE,CACX,gCAAgC,EAChC,gEAAgE,EAChE,kDAAkD,CACnD,uBAGM,CACV,IACG,IACD,CACR,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,MAAM,mBAAmB,GAAG;IAC1B,OAAO,EAAE,oBAAoB,CAAC,OAAO;IACrC,QAAQ,EAAE,oBAAoB,CAAC,QAAQ;IACvC,QAAQ,EAAE,oBAAoB,CAAC,QAAQ;CAC/B,CAAC;AAEX,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E,SAAS,SAAS,CAAC,EACjB,EAAE,EACF,KAAK,EACL,KAAK,EACL,QAAQ,EACR,WAAW,EACX,IAAI,EACJ,IAAI,GAAG,MAAM,EACb,QAAQ,EACR,QAAQ,GAWT;IACC,OAAO,CACL,eAAK,SAAS,EAAC,WAAW,aACxB,gBAAO,OAAO,EAAE,EAAE,EAAE,SAAS,EAAC,qCAAqC,YAChE,KAAK,GACA,EACR,gBACE,EAAE,EAAE,EAAE,EACN,IAAI,EAAE,IAAI,EACV,KAAK,EAAE,KAAK,EACZ,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EACzC,WAAW,EAAE,WAAW,EACxB,QAAQ,EAAE,QAAQ,EAClB,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,EAAE,CACX,2FAA2F,EAC3F,mCAAmC,EACnC,yEAAyE,EACzE,kDAAkD,CACnD,GACD,EACD,IAAI,IAAI,CACP,YAAG,SAAS,EAAC,sCAAsC,YAAE,IAAI,GAAK,CAC/D,IACG,CACP,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,QAAQ;AACR,8EAA8E;AAE9E,SAAS,WAAW,CAAC,EAAE,QAAQ,EAAyB;IACtD,OAAO,CACL,cACE,KAAK,EAAC,IAAI,EACV,MAAM,EAAC,IAAI,EACX,OAAO,EAAC,WAAW,EACnB,IAAI,EAAC,MAAM,EACX,MAAM,EAAC,cAAc,EACrB,WAAW,EAAC,GAAG,EACf,aAAa,EAAC,OAAO,EACrB,cAAc,EAAC,OAAO,iBACV,MAAM,EAClB,SAAS,EAAE,EAAE,CACX,+BAA+B,EAC/B,QAAQ,IAAI,WAAW,CACxB,YAED,eAAM,CAAC,EAAC,cAAc,GAAG,GACrB,CACP,CAAC;AACJ,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,CACL,cACE,KAAK,EAAC,IAAI,EACV,MAAM,EAAC,IAAI,EACX,OAAO,EAAC,WAAW,EACnB,IAAI,EAAC,MAAM,EACX,MAAM,EAAC,cAAc,EACrB,WAAW,EAAC,GAAG,EACf,aAAa,EAAC,OAAO,EACrB,SAAS,EAAC,cAAc,iBACZ,MAAM,YAElB,eAAM,CAAC,EAAC,oBAAoB,GAAG,GAC3B,CACP,CAAC;AACJ,CAAC"}

package/oauth-app/OAuthAppDetailPanel.d.ts

@@ -0,0 +1,43 @@
+import type { OAuthApp } from "@stigmer/protos/ai/stigmer/iam/oauthapp/v1/api_pb";
+/** Props for {@link OAuthAppDetailPanel}. */
+export interface OAuthAppDetailPanelProps {
+    /** The OAuth app resource to display and edit. */
+    readonly oauthApp: OAuthApp;
+    /** Fired with the updated resource after a successful save. */
+    readonly onUpdated?: (app: OAuthApp) => void;
+    /** Fired after the resource is successfully deleted. */
+    readonly onDeleted?: () => void;
+    /** Fired when the user clicks the back button. */
+    readonly onBack?: () => void;
+    /** Additional CSS class names for the root container. */
+    readonly className?: string;
+}
+/**
+ * View and edit panel for an existing OAuth app.
+ *
+ * In **view mode**, displays all OAuth configuration fields in a
+ * structured label/value layout with "Edit" and "Delete" buttons.
+ *
+ * In **edit mode**, fields become editable inputs. The client secret
+ * field shows a placeholder — leave it empty to keep the existing
+ * secret, or enter a new value to replace it. "Save" submits the
+ * update via {@link useUpdateOAuthApp}; "Cancel" discards changes
+ * and returns to view mode.
+ *
+ * Delete uses an inline confirmation pattern (no modal) to avoid
+ * portal/z-index issues for SDK embedders.
+ *
+ * All visual properties flow through `--stgm-*` design tokens.
+ *
+ * @example
+ * ```tsx
+ * <OAuthAppDetailPanel
+ *   oauthApp={app}
+ *   onUpdated={(updated) => refetch()}
+ *   onDeleted={() => { refetch(); setFlow({ phase: "idle" }); }}
+ *   onBack={() => setFlow({ phase: "idle" })}
+ * />
+ * ```
+ */
+export declare function OAuthAppDetailPanel({ oauthApp, onUpdated, onDeleted, onBack, className, }: OAuthAppDetailPanelProps): import("react/jsx-runtime").JSX.Element;
+//# sourceMappingURL=OAuthAppDetailPanel.d.ts.map

package/oauth-app/OAuthAppDetailPanel.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"OAuthAppDetailPanel.d.ts","sourceRoot":"","sources":["../../src/oauth-app/OAuthAppDetailPanel.tsx"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mDAAmD,CAAC;AAUlF,6CAA6C;AAC7C,MAAM,WAAW,wBAAwB;IACvC,kDAAkD;IAClD,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,+DAA+D;IAC/D,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,QAAQ,KAAK,IAAI,CAAC;IAC7C,wDAAwD;IACxD,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,IAAI,CAAC;IAChC,kDAAkD;IAClD,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,IAAI,CAAC;IAC7B,yDAAyD;IACzD,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAgB,mBAAmB,CAAC,EAClC,QAAQ,EACR,SAAS,EACT,SAAS,EACT,MAAM,EACN,SAAS,GACV,EAAE,wBAAwB,2CAiY1B"}

package/oauth-app/OAuthAppDetailPanel.js

@@ -0,0 +1,202 @@
+"use client";
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { useCallback, useState } from "react";
+import { cn } from "@stigmer/theme";
+import { getUserMessage } from "@stigmer/sdk";
+import { VendorApprovalStatus } from "@stigmer/protos/ai/stigmer/iam/oauthapp/v1/spec_pb";
+import { timestampDate } from "@bufbuild/protobuf/wkt";
+import { useUpdateOAuthApp } from "./useUpdateOAuthApp";
+import { useDeleteOAuthApp } from "./useDeleteOAuthApp";
+/**
+ * View and edit panel for an existing OAuth app.
+ *
+ * In **view mode**, displays all OAuth configuration fields in a
+ * structured label/value layout with "Edit" and "Delete" buttons.
+ *
+ * In **edit mode**, fields become editable inputs. The client secret
+ * field shows a placeholder — leave it empty to keep the existing
+ * secret, or enter a new value to replace it. "Save" submits the
+ * update via {@link useUpdateOAuthApp}; "Cancel" discards changes
+ * and returns to view mode.
+ *
+ * Delete uses an inline confirmation pattern (no modal) to avoid
+ * portal/z-index issues for SDK embedders.
+ *
+ * All visual properties flow through `--stgm-*` design tokens.
+ *
+ * @example
+ * ```tsx
+ * <OAuthAppDetailPanel
+ *   oauthApp={app}
+ *   onUpdated={(updated) => refetch()}
+ *   onDeleted={() => { refetch(); setFlow({ phase: "idle" }); }}
+ *   onBack={() => setFlow({ phase: "idle" })}
+ * />
+ * ```
+ */
+export function OAuthAppDetailPanel({ oauthApp, onUpdated, onDeleted, onBack, className, }) {
+    const spec = oauthApp.spec;
+    const meta = oauthApp.metadata;
+    const { update, isUpdating, error: updateError, clearError: clearUpdateError } = useUpdateOAuthApp();
+    const { deleteApp, isDeleting, error: deleteError, clearError: clearDeleteError } = useDeleteOAuthApp();
+    const [mode, setMode] = useState("view");
+    const [confirmingDelete, setConfirmingDelete] = useState(false);
+    // Edit form state — initialized from current resource
+    const [provider, setProvider] = useState(spec?.provider ?? "");
+    const [clientId, setClientId] = useState(spec?.clientId ?? "");
+    const [clientSecret, setClientSecret] = useState("");
+    const [authorizationUrl, setAuthorizationUrl] = useState(spec?.authorizationUrl ?? "");
+    const [tokenUrl, setTokenUrl] = useState(spec?.tokenUrl ?? "");
+    const [scopes, setScopes] = useState(spec?.scopes.join(", ") ?? "");
+    const [userinfoUrl, setUserinfoUrl] = useState(spec?.userinfoUrl ?? "");
+    const [scopeParameterName, setScopeParameterName] = useState(spec?.scopeParameterName ?? "");
+    const [vendorApprovalStatus, setVendorApprovalStatus] = useState(approvalStatusToKey(spec?.vendorApprovalStatus));
+    const [vendorApprovalDocsUrl, setVendorApprovalDocsUrl] = useState(spec?.vendorApprovalDocsUrl ?? "");
+    const enterEdit = useCallback(() => {
+        setProvider(spec?.provider ?? "");
+        setClientId(spec?.clientId ?? "");
+        setClientSecret("");
+        setAuthorizationUrl(spec?.authorizationUrl ?? "");
+        setTokenUrl(spec?.tokenUrl ?? "");
+        setScopes(spec?.scopes.join(", ") ?? "");
+        setUserinfoUrl(spec?.userinfoUrl ?? "");
+        setScopeParameterName(spec?.scopeParameterName ?? "");
+        setVendorApprovalStatus(approvalStatusToKey(spec?.vendorApprovalStatus));
+        setVendorApprovalDocsUrl(spec?.vendorApprovalDocsUrl ?? "");
+        clearUpdateError();
+        setMode("edit");
+    }, [spec, clearUpdateError]);
+    const cancelEdit = useCallback(() => {
+        clearUpdateError();
+        setMode("view");
+    }, [clearUpdateError]);
+    const handleSave = useCallback(async (e) => {
+        e.preventDefault();
+        clearUpdateError();
+        const parsedScopes = scopes
+            .split(",")
+            .map((s) => s.trim())
+            .filter(Boolean);
+        try {
+            const updated = await update({
+                name: meta?.name ?? "",
+                slug: meta?.slug,
+                org: meta?.org ?? "",
+                provider: provider.trim(),
+                clientId: clientId.trim(),
+                ...(clientSecret.trim() && { clientSecret: clientSecret.trim() }),
+                authorizationUrl: authorizationUrl.trim(),
+                tokenUrl: tokenUrl.trim(),
+                ...(parsedScopes.length > 0 && { scopes: parsedScopes }),
+                ...(userinfoUrl.trim() && { userinfoUrl: userinfoUrl.trim() }),
+                ...(scopeParameterName.trim() && {
+                    scopeParameterName: scopeParameterName.trim(),
+                }),
+                ...(vendorApprovalStatus !== "unspecified" && {
+                    vendorApprovalStatus: APPROVAL_STATUS_MAP[vendorApprovalStatus],
+                }),
+                ...(vendorApprovalDocsUrl.trim() && {
+                    vendorApprovalDocsUrl: vendorApprovalDocsUrl.trim(),
+                }),
+            });
+            setMode("view");
+            onUpdated?.(updated);
+        }
+        catch {
+            // error state is managed by useUpdateOAuthApp
+        }
+    }, [
+        meta, provider, clientId, clientSecret, authorizationUrl, tokenUrl,
+        scopes, userinfoUrl, scopeParameterName, vendorApprovalStatus,
+        vendorApprovalDocsUrl, update, clearUpdateError, onUpdated,
+    ]);
+    const handleDelete = useCallback(async () => {
+        const id = meta?.id;
+        if (!id)
+            return;
+        clearDeleteError();
+        try {
+            await deleteApp(id);
+            onDeleted?.();
+        }
+        catch {
+            // error state is managed by useDeleteOAuthApp
+        }
+    }, [meta, deleteApp, clearDeleteError, onDeleted]);
+    const canSave = provider.trim() !== "" &&
+        clientId.trim() !== "" &&
+        authorizationUrl.trim() !== "" &&
+        tokenUrl.trim() !== "" &&
+        !isUpdating;
+    const createdAt = oauthApp.status?.audit?.specAudit?.createdAt;
+    const updatedAt = oauthApp.status?.audit?.specAudit?.updatedAt;
+    return (_jsxs("div", { className: cn("space-y-4", className), children: [_jsxs("div", { className: "flex items-start justify-between gap-3", children: [_jsxs("div", { className: "min-w-0", children: [onBack && (_jsxs("button", { type: "button", onClick: onBack, className: "text-muted-foreground hover:text-foreground mb-1 flex items-center gap-1 text-xs transition-colors", children: [_jsx(ArrowLeftIcon, {}), "Back to list"] })), _jsx("h3", { className: "text-foreground truncate text-sm font-semibold", children: spec?.provider || meta?.name || "OAuth App" }), meta?.slug && (_jsx("span", { className: "text-muted-foreground font-mono text-xs", children: meta.slug }))] }), mode === "view" && (_jsxs("div", { className: "flex items-center gap-1", children: [_jsx("button", { type: "button", onClick: enterEdit, className: cn("shrink-0 rounded-md px-2.5 py-1.5 text-xs font-medium", "text-muted-foreground hover:text-foreground hover:bg-accent/50", "transition-colors"), children: "Edit" }), _jsx("button", { type: "button", onClick: () => {
+                                    clearDeleteError();
+                                    setConfirmingDelete(true);
+                                }, className: cn("shrink-0 rounded-md px-2.5 py-1.5 text-xs font-medium", "text-destructive/70 hover:text-destructive hover:bg-destructive/10", "transition-colors"), children: "Delete" })] }))] }), confirmingDelete && (_jsxs("div", { className: "rounded-md border border-destructive/30 bg-destructive/5 p-3", role: "alert", children: [_jsx("p", { className: "text-foreground mb-2 text-xs font-medium", children: "Delete this OAuth app?" }), _jsx("p", { className: "text-muted-foreground mb-3 text-[0.65rem]", children: "This action is permanent. Any MCP server overrides referencing this app will lose their binding." }), deleteError && (_jsx("p", { className: "text-destructive mb-2 text-[0.65rem]", role: "alert", children: getUserMessage(deleteError) })), _jsxs("div", { className: "flex items-center gap-2", children: [_jsxs("button", { type: "button", onClick: handleDelete, disabled: isDeleting, className: cn("inline-flex items-center gap-1.5 rounded-md px-3 py-1.5 text-xs font-medium", "bg-destructive text-destructive-foreground hover:bg-destructive/90", "disabled:pointer-events-none disabled:opacity-40"), children: [isDeleting && _jsx(SpinnerIcon, {}), "Delete permanently"] }), _jsx("button", { type: "button", onClick: () => {
+                                    setConfirmingDelete(false);
+                                    clearDeleteError();
+                                }, disabled: isDeleting, className: cn("rounded-md px-2.5 py-1.5 text-xs", "text-muted-foreground hover:text-foreground hover:bg-accent/50", "disabled:pointer-events-none disabled:opacity-50"), children: "Cancel" })] })] })), mode === "view" ? (_jsx(ViewMode, { spec: spec, createdAt: createdAt, updatedAt: updatedAt })) : (_jsxs("form", { onSubmit: handleSave, className: "space-y-3", children: [_jsx(FieldInput, { id: "stgm-oauth-edit-provider", label: "Provider", value: provider, onChange: setProvider, placeholder: "e.g. Slack", disabled: isUpdating, required: true }), _jsx(FieldInput, { id: "stgm-oauth-edit-client-id", label: "Client ID", value: clientId, onChange: setClientId, placeholder: "OAuth client identifier", disabled: isUpdating, required: true }), _jsx(FieldInput, { id: "stgm-oauth-edit-client-secret", label: "Client secret", value: clientSecret, onChange: setClientSecret, placeholder: "Leave empty to keep existing secret", type: "password", hint: "Only enter a value to replace the existing secret", disabled: isUpdating }), _jsx(FieldInput, { id: "stgm-oauth-edit-auth-url", label: "Authorization URL", value: authorizationUrl, onChange: setAuthorizationUrl, placeholder: "https://vendor.com/oauth/authorize", disabled: isUpdating, required: true }), _jsx(FieldInput, { id: "stgm-oauth-edit-token-url", label: "Token URL", value: tokenUrl, onChange: setTokenUrl, placeholder: "https://vendor.com/oauth/token", disabled: isUpdating, required: true }), _jsx(FieldInput, { id: "stgm-oauth-edit-scopes", label: "Scopes", value: scopes, onChange: setScopes, placeholder: "read, write, admin", hint: "Comma-separated OAuth scopes", disabled: isUpdating }), _jsx(FieldInput, { id: "stgm-oauth-edit-userinfo-url", label: "Userinfo URL", value: userinfoUrl, onChange: setUserinfoUrl, placeholder: "https://vendor.com/userinfo", hint: "OIDC endpoint for fetching user profile data (optional)", disabled: isUpdating }), _jsx(FieldInput, { id: "stgm-oauth-edit-scope-param", label: "Scope parameter name", value: scopeParameterName, onChange: setScopeParameterName, placeholder: "scope", hint: 'Defaults to "scope". Some vendors use a non-standard name.', disabled: isUpdating }), _jsxs("div", { className: "space-y-1", children: [_jsx("label", { htmlFor: "stgm-oauth-edit-approval-status", className: "text-xs font-medium text-foreground", children: "Vendor approval status" }), _jsxs("select", { id: "stgm-oauth-edit-approval-status", value: vendorApprovalStatus, onChange: (e) => setVendorApprovalStatus(e.target.value), disabled: isUpdating, className: cn("w-full rounded-md border border-input bg-background px-2.5 py-1.5 text-xs text-foreground", "focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring", "disabled:pointer-events-none disabled:opacity-50"), children: [_jsx("option", { value: "unspecified", children: "Unspecified (treated as approved)" }), _jsx("option", { value: "pending", children: "Pending" }), _jsx("option", { value: "approved", children: "Approved" }), _jsx("option", { value: "rejected", children: "Rejected" })] })] }), _jsx(FieldInput, { id: "stgm-oauth-edit-approval-docs", label: "Vendor approval docs URL", value: vendorApprovalDocsUrl, onChange: setVendorApprovalDocsUrl, placeholder: "https://docs.example.com/byoa", hint: "Help link shown when vendor approval is pending", disabled: isUpdating }), updateError && (_jsx("p", { className: "text-destructive text-[0.65rem]", role: "alert", children: getUserMessage(updateError) })), _jsxs("div", { className: "flex items-center gap-2 pt-1", children: [_jsxs("button", { type: "submit", disabled: !canSave, className: cn("inline-flex items-center gap-1.5 rounded-md px-3 py-1.5 text-xs font-medium", "bg-primary text-primary-foreground hover:bg-primary/90", "disabled:pointer-events-none disabled:opacity-40"), children: [isUpdating && _jsx(SpinnerIcon, {}), "Save changes"] }), _jsx("button", { type: "button", onClick: cancelEdit, disabled: isUpdating, className: cn("rounded-md px-2.5 py-1.5 text-xs", "text-muted-foreground hover:text-foreground hover:bg-accent/50", "disabled:pointer-events-none disabled:opacity-50"), children: "Cancel" })] })] }))] }));
+}
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+const APPROVAL_STATUS_MAP = {
+    pending: VendorApprovalStatus.PENDING,
+    approved: VendorApprovalStatus.APPROVED,
+    rejected: VendorApprovalStatus.REJECTED,
+};
+const APPROVAL_STATUS_LABELS = {
+    [VendorApprovalStatus.UNSPECIFIED]: "Unspecified",
+    [VendorApprovalStatus.PENDING]: "Pending",
+    [VendorApprovalStatus.APPROVED]: "Approved",
+    [VendorApprovalStatus.REJECTED]: "Rejected",
+};
+function approvalStatusToKey(status) {
+    switch (status) {
+        case VendorApprovalStatus.PENDING:
+            return "pending";
+        case VendorApprovalStatus.APPROVED:
+            return "approved";
+        case VendorApprovalStatus.REJECTED:
+            return "rejected";
+        default:
+            return "unspecified";
+    }
+}
+// ---------------------------------------------------------------------------
+// View mode
+// ---------------------------------------------------------------------------
+function ViewMode({ spec, createdAt, updatedAt, }) {
+    return (_jsxs("dl", { className: "space-y-2.5", children: [_jsx(Field, { label: "Provider", value: spec?.provider }), _jsx(Field, { label: "Client ID", value: spec?.clientId, mono: true }), _jsx(Field, { label: "Client secret", value: "\u2022\u2022\u2022\u2022\u2022\u2022\u2022\u2022" }), _jsx(Field, { label: "Authorization URL", value: spec?.authorizationUrl, mono: true }), _jsx(Field, { label: "Token URL", value: spec?.tokenUrl, mono: true }), spec?.scopes && spec.scopes.length > 0 && (_jsx(Field, { label: "Scopes", value: spec.scopes.join(", "), mono: true })), spec?.userinfoUrl && (_jsx(Field, { label: "Userinfo URL", value: spec.userinfoUrl, mono: true })), spec?.scopeParameterName && (_jsx(Field, { label: "Scope parameter name", value: spec.scopeParameterName, mono: true })), spec?.vendorApprovalStatus !== undefined &&
+                spec.vendorApprovalStatus !== VendorApprovalStatus.UNSPECIFIED && (_jsx(Field, { label: "Vendor approval", value: APPROVAL_STATUS_LABELS[spec.vendorApprovalStatus] ??
+                    "Unknown" })), spec?.vendorApprovalDocsUrl && (_jsx(Field, { label: "Approval docs", value: spec.vendorApprovalDocsUrl, mono: true })), _jsxs("div", { className: "flex gap-6", children: [createdAt && (_jsx(Field, { label: "Created", value: formatDate(timestampDate(createdAt)) })), updatedAt && (_jsx(Field, { label: "Updated", value: formatDate(timestampDate(updatedAt)) }))] })] }));
+}
+// ---------------------------------------------------------------------------
+// Shared primitives
+// ---------------------------------------------------------------------------
+function Field({ label, value, mono, }) {
+    if (!value)
+        return null;
+    return (_jsxs("div", { children: [_jsx("dt", { className: "text-muted-foreground text-[0.65rem] font-medium", children: label }), _jsx("dd", { className: cn("text-foreground mt-0.5 break-all text-xs", mono && "font-mono"), children: value })] }));
+}
+function FieldInput({ id, label, value, onChange, placeholder, hint, type = "text", disabled, required, }) {
+    return (_jsxs("div", { className: "space-y-1", children: [_jsx("label", { htmlFor: id, className: "text-xs font-medium text-foreground", children: label }), _jsx("input", { id: id, type: type, value: value, onChange: (e) => onChange(e.target.value), placeholder: placeholder, disabled: disabled, required: required, className: cn("w-full rounded-md border border-input bg-background px-2.5 py-1.5 text-xs text-foreground", "placeholder:text-muted-foreground", "focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring", "disabled:pointer-events-none disabled:opacity-50") }), hint && (_jsx("p", { className: "text-[0.65rem] text-muted-foreground", children: hint }))] }));
+}
+function formatDate(date) {
+    return date.toLocaleDateString(undefined, {
+        month: "short",
+        day: "numeric",
+        year: "numeric",
+    });
+}
+// ---------------------------------------------------------------------------
+// Icons
+// ---------------------------------------------------------------------------
+function ArrowLeftIcon() {
+    return (_jsx("svg", { width: "12", height: "12", viewBox: "0 0 16 16", fill: "none", stroke: "currentColor", strokeWidth: "1.5", strokeLinecap: "round", strokeLinejoin: "round", "aria-hidden": "true", children: _jsx("path", { d: "M10 3L5 8l5 5" }) }));
+}
+function SpinnerIcon() {
+    return (_jsx("svg", { width: "12", height: "12", viewBox: "0 0 16 16", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", className: "animate-spin", "aria-hidden": "true", children: _jsx("path", { d: "M8 2a6 6 0 1 0 6 6" }) }));
+}
+//# sourceMappingURL=OAuthAppDetailPanel.js.map