AXON-1516: Call API to check Rovo Dev Entitlement (#1288)

* AXON-1516: Call API to check Rovo Dev Entitlement

* AXON-1516: fix boolean checking logic

* AXON-1516: simplify entitlement logic

Author: cabella-dot

src/analytics.ts

@@ -252,6 +252,11 @@ export function performanceEvent(tag: string, measure: number, params?: Record<s
 
 export type RovoDevEnv = 'IDE' | 'Boysenberry';
 
+export function rovoDevEntitlementCheckEvent(isEntitled: boolean, type: string, source?: string) {
+    return trackEvent('checked', 'rovoDevEntitlement', {
+        attributes: { source, isEntitled, type },
+    });
+}
 export function rovoDevNewSessionActionEvent(
     rovoDevEnv: RovoDevEnv,
     appInstanceId: string,

src/atlclients/clientManager.ts

@@ -28,6 +28,7 @@ import { Time } from '../util/time';
 import {
     AuthInfo,
     AuthInfoState,
+    BasicAuthInfo,
     DetailedSiteInfo,
     isBasicAuthInfo,
     isOAuthInfo,
@@ -39,6 +40,14 @@ import { BasicInterceptor } from './basicInterceptor';
 const oauthTTL: number = 45 * Time.MINUTES;
 const serverTTL: number = Time.FOREVER;
 
+export type ValidBasicAuthSiteData = {
+    authInfo: BasicAuthInfo;
+    host: string;
+    siteCloudId: string;
+    isValid: boolean;
+    isStaging: boolean;
+};
+
 export class ClientManager implements Disposable {
     private _clients: CacheMap = new CacheMap();
     private _queue = new PQueue({ concurrency: 1 });
@@ -201,6 +210,59 @@ export class ClientManager implements Disposable {
         return newClient;
     }
 
+    public async getValidBasicAuthCloudSites(): Promise<ValidBasicAuthSiteData[]> {
+        try {
+            const allJiraSites = Container.siteManager.getSitesAvailable(ProductJira);
+
+            const promises = allJiraSites.map(async (site) => {
+                if (!site.isCloud && !site.host.endsWith('.jira-dev.com')) {
+                    return;
+                }
+
+                const authInfo = await Container.credentialManager.getApiTokenIfExists(site);
+
+                if (!authInfo) {
+                    return;
+                }
+
+                // verify the credentials work
+                let isValid: boolean;
+                try {
+                    await this.jiraClient(site);
+                    isValid = true;
+                } catch {
+                    isValid = false;
+                }
+
+                return {
+                    authInfo,
+                    host: site.host,
+                    siteCloudId: site.id,
+                    isValid,
+                    isStaging: site.host.endsWith('.jira-dev.com'),
+                };
+            });
+
+            const results = (await Promise.all(promises)).filter((res) => res !== undefined);
+
+            return results.sort((a, b) => {
+                return a.host.localeCompare(b.host);
+            });
+        } catch (error) {
+            Logger.error(error, 'Error checking for Rovo Dev Entitlement');
+            return [];
+        }
+    }
+
+    public async getCloudPrimarySite(): Promise<ValidBasicAuthSiteData | undefined> {
+        const results = await this.getValidBasicAuthCloudSites();
+        if (results.length === 0) {
+            return undefined;
+        }
+
+        return results.filter((s) => s.isStaging)[0] || results[0];
+    }
+
     private createOAuthHTTPClient(site: DetailedSiteInfo, token: string): HTTPClient {
         return new HTTPClient(
             site.baseApiUrl,

src/container.ts

@@ -41,6 +41,7 @@ import { RovoDevLogger } from './rovo-dev/util/rovoDevLogger';
 import { SiteManager } from './siteManager';
 import { AtlascodeUriHandler, SETTINGS_URL } from './uriHandler';
 import { Experiments, FeatureFlagClient, FeatureFlagClientInitError, Features } from './util/featureFlags';
+import { RovoDevEntitlementChecker } from './util/rovo-dev-entitlement/rovoDevEntitlementChecker';
 import { AuthStatusBar } from './views/authStatusBar';
 import { HelpExplorer } from './views/HelpExplorer';
 import { JiraActiveIssueStatusBar } from './views/jira/activeIssueStatusBar';
@@ -223,6 +224,13 @@ export class Container {
             setCommandContext(CommandContext.UseNewAuthFlow, false);
         }
 
+        context.subscriptions.push(
+            (this._rovoDevEntitlementChecker = new RovoDevEntitlementChecker(this._analyticsClient)),
+        );
+
+        // Check Rovo Dev entitlement on startup
+        await this._rovoDevEntitlementChecker.checkEntitlement();
+
         // in Boysenberry we don't need to listen to Jira auth updates
         if (!process.env.ROVODEV_BBY) {
             // refresh Rovo Dev when auth sites change
@@ -666,6 +674,11 @@ export class Container {
         return this._rovodevWebviewProvider;
     }
 
+    private static _rovoDevEntitlementChecker: RovoDevEntitlementChecker;
+    public static get rovoDevEntitlementChecker() {
+        return this._rovoDevEntitlementChecker;
+    }
+
     private static _createWorkItemWebviewProvider: CreateWorkItemWebviewProvider;
     public static get createWorkItemWebviewProvider() {
         return this._createWorkItemWebviewProvider;

src/rovo-dev/rovoDevProcessManager.ts

@@ -4,12 +4,13 @@ import fs from 'fs';
 import net from 'net';
 import packageJson from 'package.json';
 import path from 'path';
+import { ValidBasicAuthSiteData } from 'src/atlclients/clientManager';
 import { downloadAndUnzip } from 'src/rovo-dev/util/downloadFile';
 import { getFsPromise } from 'src/rovo-dev/util/fsPromises';
 import { waitFor } from 'src/rovo-dev/util/waitFor';
 import { Disposable, Event, EventEmitter, ExtensionContext, Terminal, Uri, window, workspace } from 'vscode';
 
-import { DetailedSiteInfo, isBasicAuthInfo, ProductJira } from '../atlclients/authInfo';
+import { DetailedSiteInfo } from '../atlclients/authInfo';
 import { Container } from '../container';
 import { RovoDevApiClient } from './client';
 import { RovoDevDisabledReason, RovoDevEntitlementCheckFailedDetail } from './rovoDevWebviewProviderMessages';
@@ -107,58 +108,7 @@ async function getOrAssignPortForWorkspace(): Promise<number> {
     throw new Error('unable to find an available port.');
 }
 
-/**
- * Placeholder implementation for Rovo Dev CLI credential storage
- */
-async function getCloudCredentials(): Promise<
-    { username: string; key: string; host: string; isValid: boolean; isStaging: boolean } | undefined
-> {
-    try {
-        const sites = Container.siteManager.getSitesAvailable(ProductJira);
-
-        const promises = sites.map(async (site) => {
-            // *.atlassian.net are PROD cloud sites
-            // *.jira-dev.com are Staging cloud sites
-            if (!site.host.endsWith('.atlassian.net') && !site.host.endsWith('.jira-dev.com')) {
-                return undefined;
-            }
-
-            const authInfo = await Container.credentialManager.getAuthInfo(site);
-            if (!isBasicAuthInfo(authInfo)) {
-                return undefined;
-            }
-
-            // verify the credentials work
-            let isValid: boolean;
-            try {
-                await Container.clientManager.jiraClient(site);
-                isValid = true;
-            } catch {
-                isValid = false;
-            }
-
-            return {
-                username: authInfo.username,
-                key: authInfo.password,
-                host: site.host,
-                isValid,
-                isStaging: site.host.endsWith('.jira-dev.com'),
-            };
-        });
-
-        const results = (await Promise.all(promises)).filter((result) => result !== undefined);
-
-        // give priority to staging sites
-        return results.filter((x) => x.isStaging)[0] || results[0];
-    } catch (error) {
-        RovoDevLogger.error(error, 'Error fetching cloud credentials for Rovo Dev');
-        return undefined;
-    }
-}
-
-type CloudCredentials = NonNullable<Awaited<ReturnType<typeof getCloudCredentials>>>;
-
-function areCredentialsEqual(cred1?: CloudCredentials, cred2?: CloudCredentials) {
+function areCredentialsEqual(cred1?: ValidBasicAuthSiteData, cred2?: ValidBasicAuthSiteData) {
     if (cred1 === cred2) {
         return true;
     }
@@ -167,7 +117,11 @@ function areCredentialsEqual(cred1?: CloudCredentials, cred2?: CloudCredentials)
         return false;
     }
 
-    return cred1.host === cred2.host && cred1.key === cred2.key && cred1.username === cred2.username;
+    return (
+        cred1.host === cred2.host &&
+        cred1.authInfo.password === cred2.authInfo.password &&
+        cred1.authInfo.username === cred2.authInfo.username
+    );
 }
 
 export interface RovoDevProcessNotStartedState {
@@ -239,7 +193,7 @@ export abstract class RovoDevProcessManager {
         return this._onStateChanged.event;
     }
 
-    private static currentCredentials: CloudCredentials | undefined;
+    private static currentCredentials: ValidBasicAuthSiteData | undefined;
 
     /** This lock ensures this class is async-safe, preventing repeated invocations
      * of `initializeRovoDev` or `refreshRovoDevCredentials` to launch multiple processes
@@ -324,7 +278,7 @@ export abstract class RovoDevProcessManager {
 
     private static async internalInitializeRovoDev(
         context: ExtensionContext,
-        credentials: CloudCredentials | undefined,
+        credentials: ValidBasicAuthSiteData | undefined,
         forceNewInstance?: boolean,
     ) {
         if (!workspace.workspaceFolders?.length) {
@@ -403,7 +357,7 @@ export abstract class RovoDevProcessManager {
                 this.failIfRovoDevInstanceIsRunning();
             }
 
-            const credentials = await getCloudCredentials();
+            const credentials = await Container.clientManager.getCloudPrimarySite();
             await this.internalInitializeRovoDev(context, credentials, forceNewInstance);
         } finally {
             this.asyncLocked = false;
@@ -419,7 +373,7 @@ export abstract class RovoDevProcessManager {
             this.asyncLocked = true;
 
             try {
-                const credentials = await getCloudCredentials();
+                const credentials = await Container.clientManager.getCloudPrimarySite();
                 if (areCredentialsEqual(credentials, this.currentCredentials)) {
                     return;
                 }
@@ -451,7 +405,7 @@ export abstract class RovoDevProcessManager {
 
     private static async startRovoDev(
         context: ExtensionContext,
-        credentials: CloudCredentials,
+        credentials: ValidBasicAuthSiteData,
         rovoDevURIs: RovoDevURIs,
     ) {
         // skip if there is no workspace folder open
@@ -495,7 +449,7 @@ class RovoDevTerminalInstance extends Disposable {
     }
 
     public async start(
-        credentials: CloudCredentials,
+        credentials: ValidBasicAuthSiteData,
         setState: (newState: RovoDevProcessState) => void,
     ): Promise<void> {
         if (this.started) {
@@ -538,9 +492,9 @@ class RovoDevTerminalInstance extends Disposable {
                         iconPath: this.rovoDevIconUri,
                         env: {
                             USER: process.env.USER || process.env.USERNAME,
-                            USER_EMAIL: credentials.username,
+                            USER_EMAIL: credentials.authInfo.username,
                             ROVODEV_SANDBOX_ID: Container.appInstanceId,
-                            ...(credentials.key ? { USER_API_TOKEN: credentials.key } : {}),
+                            ...(credentials.authInfo.password ? { USER_API_TOKEN: credentials.authInfo.password } : {}),
                         },
                     });