Fix Copilot login prompt appearing after integrator sign-in

[RNViththagan]

Fixes wso2/product-integrator#1319

• Fix Copilot login prompt appearing after integrator sign-in
• Fix state machine not transitioning after integrator sign-in
• Soften AI panel sign-out button to show red only on hover

Summary by CodeRabbit

• Bug Fixes

  • Improved SSO login flow handling and credential storage logic.
  • Fixed authentication state management for already logged-in scenarios.

• Style

  • Enhanced Sign Out button styling with improved hover transitions and updated theme colors.

[coderabbitai]

📝 Walkthrough

Walkthrough

Centralizes SSO completion into completeSsoSignIn() and refactors openLogin and the platform login listener to reuse it; listener now respects existing non-BI_INTEL credentials, restricts bridging states, routes Unauthenticated via LOGIN, completes SSO flow via the helper, and emits LOGOUT only for BI_INTEL sign-outs.

Changes

Cohort / File(s)	Summary
AI Machine SSO & Login Logic workspaces/ballerina/ballerina-extension/src/views/ai-panel/aiMachine.ts	Adds completeSsoSignIn() to centralize: platform STS retrieval → STS→Copilot token exchange → store BI_INTEL credentials → emit COMPLETE_AUTH. openLogin now reuses this helper. subscribeIsLoggedIn listener updated to consult getAuthCredentials(), avoid overriding non-BI_INTEL methods, handle only Unauthenticated or Authenticating.ssoFlow, send LOGIN when Unauthenticated, run helper for SSO completion (errors → CANCEL_LOGIN), and emit LOGOUT only when stored method is BI_INTEL.
SettingsPanel Sign-out Styling workspaces/ballerina/ballerina-visualizer/src/views/AIPanel/SettingsPanel/index.tsx	Refactors SignOutButton styling: replaces transition: all with targeted color/border-color transitions, forces background: transparent, changes default text color and border variables, and modifies hover to explicitly set color and border-color (removes opacity-based hover).

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant AI_Machine as AI Machine
    participant Platform
    participant Copilot
    participant CredStore as Credential Store

    Client->>AI_Machine: openLogin / subscribe event
    AI_Machine->>Platform: request STS
    Platform-->>AI_Machine: return STS
    AI_Machine->>Copilot: exchange STS for Copilot token
    Copilot-->>AI_Machine: return Copilot token
    AI_Machine->>CredStore: store credentials as `BI_INTEL`
    CredStore-->>AI_Machine: confirm store
    AI_Machine-->>Client: emit COMPLETE_AUTH (or LOGIN/CANCEL_LOGIN/LOGOUT per state)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 I hopped to fetch a short-lived key,
Swapped it quick and tucked it neatly,
Listeners trimmed, no duplicate traces,
Logout only when BI_INTEL graces,
A tidy hop, now code feels cheery. 🥕

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is minimal and does not follow the required template structure with sections for Purpose, Goals, Approach, UI Component Development, security checks, and other required areas.	Complete the PR description using the repository template. Include Purpose (link to issue #1576), Goals, Approach, UI Component Development checklist, security checks, test environment details, and other applicable sections from the template.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main fix: preventing the Copilot login prompt from appearing after integrator sign-in, which aligns with the core issue being resolved.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[RNViththagan]

@CodeRabbit review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@workspaces/ballerina/ballerina-extension/src/views/ai-panel/aiMachine.ts`:
- Around line 408-416: bridgePlatformLogin currently always sends
AIMachineEventType.COMPLETE_AUTH which is only handled in
Authenticating.ssoFlow, so when called from the inUnauthenticated path the
machine stays in Unauthenticated; update bridgePlatformLogin to detect the
caller/state and emit a transition handled by Unauthenticated (or add a new
event) instead of unconditionally sending COMPLETE_AUTH — e.g., add a
conditional around aiStateService.send to dispatch an event handled by the
Unauthenticated flow (or create and dispatch a new AIMachineEventType like
COMPLETE_AUTH_EXTERNAL and wire that into the inUnauthenticated transition), and
update the state machine handlers (Authenticating.ssoFlow or the
inUnauthenticated transition) accordingly so storing BI_INTEL credentials leads
to a real state transition.
- Around line 570-574: The catch block that currently only logs
bridgePlatformLogin errors must also notify the state machine so the UI can
recover from Authentication.ssoFlow; replace or augment the console.error in the
catch with a send(...) call that dispatches a cancel/failure event (e.g. send({
type: "CANCEL_LOGIN", error }) or send({ type: "BRIDGE_LOGIN_FAILED", error }))
so the machine receives a terminal/failure event after openLogin() resolves;
locate the try/catch around bridgePlatformLogin() in aiMachine.ts and add the
send(...) call referencing the existing state machine sender (send) and include
the caught error as payload.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ad509207-6f05-4dcc-8f0e-8e6368d30f18

📥 Commits

Reviewing files that changed from the base of the PR and between 1709052 and 236395c.

📒 Files selected for processing (1)

• workspaces/ballerina/ballerina-extension/src/views/ai-panel/aiMachine.ts

[RNViththagan]

@CodeRabbit review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[RNViththagan]

@CodeRabbit review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.