SCAL-279427 Manual clients registration

[ashubham]

No description provided.

[mnk-blr]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Licenses	0	0	0	0	0 issues
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[gemini-code-assist]

Summary of Changes

Hello @ashubham, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the OAuth client management capabilities by introducing a dedicated web UI for manual client registration. This feature is particularly useful for environments that do not support dynamic client registration or require static configuration. Furthermore, it improves the user experience during authorization by allowing clients to be pre-associated with a ThoughtSpot instance, which then pre-fills the instance URL in the approval dialog.

Highlights

• New Manual Client Registration UI: Introduced a new web-based interface (static/clients.html) for manually registering OAuth clients with the ThoughtSpot MCP server. This UI allows users to configure client details such as name, redirect URIs, grant types, and response types.
• ThoughtSpot Instance Association: Added functionality to associate a registered OAuth client with a specific ThoughtSpot instance. This association can pre-fill the ThoughtSpot instance URL in the OAuth approval dialog, streamlining the user authorization flow.
• OAuth Approval Dialog Enhancement: The renderApprovalDialog function in src/oauth-manager/oauth-utils.ts was updated to automatically populate the 'ThoughtSpot Instance URL' field if the client has an associated instance URL defined in its clientUri (prefixed with x-ts-url:).
• Documentation Updates: The README.md file has been updated to include new sections detailing the manual client registration process and how to associate clients with ThoughtSpot instances, along with a note about OAuth being the preferred authentication method.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a manual client registration page and updates the OAuth flow to pre-fill the ThoughtSpot instance URL. The changes are a good addition, but there are a few issues to address. I've found a critical bug where the logic to extract the instance URL will fail due to a prefix mismatch. Additionally, the new registration page contains hardcoded URLs that will cause problems in non-production environments. I've also noted a broken link in the README and a potential broken image link on the new page. My review includes suggestions to fix these issues.

[gemini-code-assist]

The src attribute for the logo image is set to a root-relative path (/ThoughtSpot Logo 40px.svg). This may result in a broken image if the file is not served from the root of the domain. If the image is located within the static directory, consider using a relative path. If it's hosted externally, a full URL would be more reliable.