From 7535c1724a5c2a1840cb25c0ed24c16f408d284a Mon Sep 17 00:00:00 2001
From: Bryan Haberberger <bryan.j.haberberger@slu.edu>
Date: Mon, 18 Aug 2025 16:36:05 -0400
Subject: [PATCH 01/13] Users reported that the access token validation
 endpoint was always failing. (#209)

---
 routes/client.js | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/routes/client.js b/routes/client.js
index 869b3899..0713ce68 100644
--- a/routes/client.js
+++ b/routes/client.js
@@ -1,6 +1,7 @@
 import express from 'express'
 const router = express.Router()
 import auth from '../auth/index.js'
+import { getAgentClaim } from '../controllers/utils.js'
 
 router.get('/register', (req, res, next) => {
   //Register means register with the RERUM Server Auth0 client and get a new code for a refresh token.
@@ -18,6 +19,13 @@ router.get('/register', (req, res, next) => {
 
 router.post('/request-new-access-token',auth.generateNewAccessToken)
 router.post('/request-new-refresh-token',auth.generateNewRefreshToken)
-router.get('/verify',auth.checkJwt)
+
+// Verifies good tokens are from RERUM.  Fails with 401 on tokens from other platforms, or bad tokens in genreal.
+router.get('/verify', auth.checkJwt, (req, res, next) => {
+  const generatorAgent = getAgentClaim(req, next)
+  res.set("Content-Type", "text/plain")
+  res.status(200)
+  res.send("The token was verified by Auth0")
+})
 
 export default router

From 29db244b1b10fc4bb1c41e97f3082ce34536a65b Mon Sep 17 00:00:00 2001
From: Copilot <198982749+Copilot@users.noreply.github.com>
Date: Mon, 18 Aug 2025 21:47:14 +0100
Subject: [PATCH 02/13] Add comprehensive GitHub Copilot instructions with
 coding style guidelines for RERUM API development (#208)

* Initial plan

* Create comprehensive GitHub Copilot instructions with validated commands and timing

Co-authored-by: cubap <1119165+cubap@users.noreply.github.com>

* Add coding style guidelines to Copilot instructions

Co-authored-by: cubap <1119165+cubap@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: cubap <1119165+cubap@users.noreply.github.com>
---
 .github/copilot-instructions.md | 201 ++++++++++++++++++++++++++++++++
 1 file changed, 201 insertions(+)
 create mode 100644 .github/copilot-instructions.md

diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
new file mode 100644
index 00000000..9a7cdef9
--- /dev/null
+++ b/.github/copilot-instructions.md
@@ -0,0 +1,201 @@
+# RERUM API v1 Server
+Always reference these instructions first and fallback to search or bash commands only when you encounter unexpected information that does not match the info here.
+
+RERUM API v1 is a NodeJS web service for interaction with the RERUM digital object repository. It stores JSON-LD objects including Web Annotations, SharedCanvas/IIIF objects, FOAF Agents, and any valid JSON objects. Visit [rerum.io](https://rerum.io) for general information and [store.rerum.io](https://store.rerum.io/) for the hosted public instance.
+
+## Working Effectively
+
+### Prerequisites
+- **CRITICAL**: Node.js version 22.17.1 or higher is required (specified in package.json engines: ">=22.12.0")
+- MongoDB database connection for full API functionality
+- Git for version control
+
+### Bootstrap and Setup
+1. **Install Node.js 22.17.1**:
+   ```bash
+   curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
+   source ~/.bashrc
+   nvm install 22.17.1
+   nvm use 22.17.1
+   ```
+
+2. **Install dependencies**:
+   ```bash
+   npm install
+   ```
+   - NEVER CANCEL: Takes 2-5 seconds. Set timeout to 30+ seconds.
+
+3. **Create .env configuration file** (required for operation):
+   ```bash
+   # Create .env file in repository root
+   RERUM_API_VERSION=1.0.0
+   RERUM_BASE=http://localhost:3005
+   RERUM_PREFIX=http://localhost:3005/v1/
+   RERUM_ID_PREFIX=http://localhost:3005/v1/id/
+   RERUM_AGENT_CLAIM=http://localhost:3005/agent
+   RERUM_CONTEXT=http://localhost:3005/v1/context.json
+   RERUM_API_DOC=http://localhost:3005/v1/API.html
+   MONGO_CONNECTION_STRING=mongodb://localhost:27017/test
+   MONGODBNAME=test_rerum
+   MONGODBCOLLECTION=test_collection
+   DOWN=false
+   READONLY=false
+   PORT=3005
+   CLIENTID=test_client_id
+   RERUMSECRET=test_secret
+   BOT_TOKEN=test_bot_token
+   BOT_AGENT=test_bot_agent
+   AUDIENCE=test_audience
+   ISSUER_BASE_URL=https://test.auth0.com/
+   ```
+
+### Testing
+- **Route and Static File Tests** (work without database):
+  ```bash
+  npm run runtest -- __tests__/routes_mounted.test.js
+  ```
+  - NEVER CANCEL: Takes 30 seconds. Set timeout to 60+ seconds.
+
+- **Full Test Suite** (requires MongoDB connection):
+  ```bash
+  npm run runtest
+  ```
+  - NEVER CANCEL: Takes 25+ minutes (many tests timeout without MongoDB). Set timeout to 45+ minutes.
+  - **CRITICAL**: Most tests fail with 5-second timeouts if MongoDB is not connected - this is expected behavior in development environment.
+
+### Running the Application
+- **Start the server**:
+  ```bash
+  npm start
+  ```
+  - Server runs on `http://localhost:3005` (configurable via PORT in .env)
+  - Takes 2-3 seconds to start
+  - Displays "LISTENING ON 3005" when ready
+
+- **Stop the server**: `CTRL + C` or `CTRL + X`
+
+## Validation
+
+### Manual Testing Scenarios
+After making changes, ALWAYS validate these scenarios:
+
+1. **Server Startup**: 
+   ```bash
+   npm start
+   # Should display "LISTENING ON 3005" within 3 seconds
+   ```
+
+2. **Static File Serving**:
+   ```bash
+   curl -I http://localhost:3005/v1/API.html
+   curl -I http://localhost:3005/v1/context.json
+   curl -I http://localhost:3005/
+   # Should return 200 OK responses
+   ```
+
+3. **Route Mounting**:
+   ```bash
+   npm run runtest -- __tests__/routes_mounted.test.js
+   # Should pass all 17 tests in ~30 seconds
+   ```
+
+4. **API Authentication Behavior**:
+   ```bash
+   # Test create endpoint (matches example from Talend API Tester)
+   curl -X POST http://localhost:3005/v1/api/create -H "Content-Type: application/json" -d '{"@":"5"}'
+   # Should return 401 Unauthorized with proper auth message
+   
+   # Test with invalid token  
+   curl -X POST http://localhost:3005/v1/api/create -H "Authorization: Bearer fake_token" -H "Content-Type: application/json" -d '{"@":"5"}'
+   # Should return 401 with "This token did not contain a known RERUM agent"
+   ```
+
+5. **Database-dependent endpoints** (if MongoDB available):
+   ```bash
+   curl -X POST http://localhost:3005/v1/api/query -H "Content-Type: application/json" -d '{"test": "value"}'
+   # Should either work with 200 OK or return "Topology is closed" error without MongoDB
+   ```
+
+### Working Without MongoDB
+- **WORKS**: Server startup, static file serving, route mounting tests, authentication handling
+- **FAILS**: All database operations (/query, /create, /update, /delete, /id/{id}, etc.) return "Topology is closed" errors
+- **FOR DEVELOPMENT**: Use route mounting tests to validate routing changes without requiring database setup
+
+## Common Tasks
+
+### Key Directories
+- `/routes/` - Route handlers and API endpoints (Express routes)
+- `/controllers/` - Business logic controllers (CRUD operations, GOG-specific controllers)
+- `/database/` - Database connection and utilities (MongoDB integration)
+- `/auth/` - Authentication middleware (Auth0 JWT handling)
+- `/public/` - Static files (API.html, context.json, etc.)
+- `/__tests__/` - Test files (Jest test suites)
+- `/bin/rerum_v1.js` - Main application entry point
+
+### Important Files to Monitor
+- `package.json` - Dependencies and scripts (requires Node.js 22+)
+- `app.js` - Express application setup and middleware configuration
+- `routes/api-routes.js` - Main API route definitions and mounting
+- `.env` - Configuration (create from template above)
+- `jest.config.js` - Test configuration (VM modules experimental)
+
+### Architecture Notes
+- **RESTful API**: Standard HTTP methods (GET, POST, PUT, PATCH, DELETE)
+- **Authentication**: Auth0 JWT bearer tokens required for write operations
+- **Database**: MongoDB for persistent storage, versioned objects
+- **Static Files**: Served directly from `/public` directory
+- **CORS**: Fully open ("*") for cross-origin requests
+- **Specialized Routes**: Gallery of Glosses (GOG) specific endpoints in `_gog_*.js` files
+
+### Coding Style Guidelines
+- **Semicolons**: Avoid unnecessary semicolons (e.g., at the end of most lines)
+- **Control Flow**: Prefer guard clauses over if/else statements when the meaning is clear
+- **Modern JavaScript**: Use optional chaining (`?.`) and nullish coalescing (`??`) operators and ternaries for concise code when it doesn't compromise readability
+- **Language**: Use inclusive language and labels throughout the codebase
+- **Attribution**: Include attribution for contributed code or borrowed code at the top of each file
+
+### Development Workflow
+1. **After routing changes**: Always run basic route tests: `npm run runtest -- __tests__/routes_mounted.test.js`
+2. **After configuration changes**: Test server startup: `npm start` (should display "LISTENING ON 3005")
+3. **After API changes**: Test endpoints with curl as shown in validation scenarios
+4. **For Auth0 integration testing**: Contact Research Computing Group at research.computing@slu.edu
+5. **API reference**: Use documentation at http://localhost:3005/v1/API.html
+
+### Complete Change Validation Example
+```bash
+# 1. Make your changes to routes/controllers
+# 2. Test route mounting
+npm run runtest -- __tests__/routes_mounted.test.js
+
+# 3. Test server startup  
+npm start
+# Should show "LISTENING ON 3005"
+
+# 4. In another terminal, test endpoints
+curl -I http://localhost:3005/v1/API.html
+curl -X POST http://localhost:3005/v1/api/create -H "Content-Type: application/json" -d '{"test": "value"}'
+
+# 5. Stop server: CTRL + C
+```
+
+### CI/CD Notes
+- GitHub Actions run on Node.js 22
+- Tests run with: `npm install && npm run runtest`
+- Deploy uses PM2 for process management
+- Development environment available via PR to main branch
+- Production deploys on push to main branch
+
+### Troubleshooting
+- **"Unsupported engine" warnings**: Expected with Node.js 22+ due to express-oauth2-jwt-bearer package
+- **Test timeouts**: Expected without MongoDB connection - focus on route mounting tests for development  
+- **Port conflicts**: Change PORT in .env file if 3005 is taken
+- **JWT/Auth errors**: Expected in development - requires Auth0 setup for full functionality
+- **"Cannot use import statement outside a module"**: Use `npm run runtest` (not `npm test`) - requires experimental VM modules
+- **"Jest did not exit" warning**: Normal behavior - tests complete successfully despite this warning
+
+## Build and Timing Expectations
+- **npm install**: 2-5 seconds, NEVER CANCEL (timeout: 30+ seconds)
+- **Basic tests**: 30 seconds, NEVER CANCEL (timeout: 60+ seconds)  
+- **Full test suite**: 25+ minutes with timeouts, NEVER CANCEL (timeout: 45+ minutes)
+- **Server startup**: 2-3 seconds
+- **No build step required** - Direct Node.js execution
\ No newline at end of file

From b127eb17d92ed1be57e28b828e907a95822c0697 Mon Sep 17 00:00:00 2001
From: Bryan Haberberger <bryan.j.haberberger@slu.edu>
Date: Sun, 24 Aug 2025 23:09:52 -0400
Subject: [PATCH 03/13] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 862eb083..603df373 100644
--- a/README.md
+++ b/README.md
@@ -61,7 +61,7 @@ npm install
 ```
 
 #### Create the Configuration File
-Create a file named `.env` in the root folder.  In the above example, the root is `/code_folder/tiny_things`.  `/code_folder/tiny_things/.env` looks like this:
+Create a file named `.env` in the root folder.  In the above example, the root is `/code_folder/rerum_api`.  `/code_folder/rerum_api/.env` looks like this:
 
 ```shell
 RERUM_API_VERSION = 1.0.0

From 7a50ecf038ba690c3f5f263e8a09c599433c9f11 Mon Sep 17 00:00:00 2001
From: Devayani1612 <devayanichakravarthi100@gmail.com>
Date: Tue, 9 Sep 2025 11:56:29 -0500
Subject: [PATCH 04/13] Bring in changes from old repo

---
 package-lock.json | 103 ---------
 public/index.html | 529 +++++++++++++++++++++++-----------------------
 2 files changed, 261 insertions(+), 371 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 6cd31a2d..6fbe9f1c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2509,29 +2509,6 @@
       "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
       "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
     },
-    "node_modules/ip-address": {
-      "version": "9.0.5",
-      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz",
-      "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==",
-      "license": "MIT",
-      "optional": true,
-      "peer": true,
-      "dependencies": {
-        "jsbn": "1.1.0",
-        "sprintf-js": "^1.1.3"
-      },
-      "engines": {
-        "node": ">= 12"
-      }
-    },
-    "node_modules/ip-address/node_modules/sprintf-js": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz",
-      "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==",
-      "license": "BSD-3-Clause",
-      "optional": true,
-      "peer": true
-    },
     "node_modules/ipaddr.js": {
       "version": "1.9.1",
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@@ -3302,14 +3279,6 @@
         "js-yaml": "bin/js-yaml.js"
       }
     },
-    "node_modules/jsbn": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz",
-      "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==",
-      "license": "MIT",
-      "optional": true,
-      "peer": true
-    },
     "node_modules/jsesc": {
       "version": "2.5.2",
       "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz",
@@ -4212,33 +4181,6 @@
         "node": ">=8"
       }
     },
-    "node_modules/smart-buffer": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz",
-      "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==",
-      "optional": true,
-      "peer": true,
-      "engines": {
-        "node": ">= 6.0.0",
-        "npm": ">= 3.0.0"
-      }
-    },
-    "node_modules/socks": {
-      "version": "2.8.3",
-      "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.3.tgz",
-      "integrity": "sha512-l5x7VUUWbjVFbafGLxPWkYsHIhEvmF85tbIeFZWc8ZPtoMyybuEhL7Jye/ooC4/d48FgOjSJXgsF/AJPYCW8Zw==",
-      "license": "MIT",
-      "optional": true,
-      "peer": true,
-      "dependencies": {
-        "ip-address": "^9.0.5",
-        "smart-buffer": "^4.2.0"
-      },
-      "engines": {
-        "node": ">= 10.0.0",
-        "npm": ">= 3.0.0"
-      }
-    },
     "node_modules/source-map": {
       "version": "0.6.1",
       "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
@@ -6596,26 +6538,6 @@
       "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
       "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
     },
-    "ip-address": {
-      "version": "9.0.5",
-      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz",
-      "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==",
-      "optional": true,
-      "peer": true,
-      "requires": {
-        "jsbn": "1.1.0",
-        "sprintf-js": "^1.1.3"
-      },
-      "dependencies": {
-        "sprintf-js": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz",
-          "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==",
-          "optional": true,
-          "peer": true
-        }
-      }
-    },
     "ipaddr.js": {
       "version": "1.9.1",
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
@@ -7198,13 +7120,6 @@
         "esprima": "^4.0.0"
       }
     },
-    "jsbn": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz",
-      "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==",
-      "optional": true,
-      "peer": true
-    },
     "jsesc": {
       "version": "2.5.2",
       "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz",
@@ -7845,24 +7760,6 @@
       "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz",
       "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q=="
     },
-    "smart-buffer": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz",
-      "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==",
-      "optional": true,
-      "peer": true
-    },
-    "socks": {
-      "version": "2.8.3",
-      "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.3.tgz",
-      "integrity": "sha512-l5x7VUUWbjVFbafGLxPWkYsHIhEvmF85tbIeFZWc8ZPtoMyybuEhL7Jye/ooC4/d48FgOjSJXgsF/AJPYCW8Zw==",
-      "optional": true,
-      "peer": true,
-      "requires": {
-        "ip-address": "^9.0.5",
-        "smart-buffer": "^4.2.0"
-      }
-    },
     "source-map": {
       "version": "0.6.1",
       "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
diff --git a/public/index.html b/public/index.html
index 28eee8c7..72870ef6 100644
--- a/public/index.html
+++ b/public/index.html
@@ -18,18 +18,19 @@
             color: green;
             font-weight: bold;
         }
-    
+
         #intro {
             color: #979A9E;
             font-size: 12pt;
         }
-    
+
         body {
             font-family: 'Open Sans', sans-serif;
             color: #979A9E;
             background-color: #2F353E;
+            padding: 20px;
         }
-    
+
         input[type="text"] {
             background-color: #ccc;
             color: black;
@@ -37,48 +38,48 @@
             font-family: serif;
             font-size: 14pt;
         }
-    
+
         h1 {
             cursor: pointer;
             font-weight: 300;
             font-family: 'Raleway', sans-serif;
             margin-bottom: 10px;
         }
-    
+
         .navbar-brand {
             float: none;
             font-size: 2rem;
             line-height: 1.5;
             margin-bottom: 20px;
         }
-    
+
         #login {
             display: none;
         }
-    
+
         .panel-body {
             color: initial;
         }
-    
+
         .panel {
             word-break: break-word;
         }
-    
+
         .status_header {
             color: gray;
         }
-    
+
         #a_t {
             height: 170px;
             margin-bottom: 8px;
         }
-    
+
         #a_t,
         #r_t_4_a_t,
         #new_refresh_token {
             margin-bottom: 8px;
         }
-    
+
         #code_for_refresh_token {
             margin-bottom: -13px;
         }
@@ -106,287 +107,279 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 consumers can evaluate trustworthiness and relevance</li>
         </ol>
     </div>
-    <div class='panel panel-info' name="block">
-        <div class="panel-heading"> <span class="panel-title">Application Registration</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                Interacting with RERUM requires server-to-server communication, so we suggest the registrant be the
-                application developer.
-                You may want to
-                <a target="_blank" rel="noopener" href="https://rerum.io/#/future" class="linkOut">learn more about the concepts around RERUM</a>
-                before reading the API.
-            </p>
-            <p class="handHoldy">
-                If you are here for the first time and think you want to use RERUM, please
-                <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">read the API</a> first.
-            </p>
-            <p class="handHoldy">
-                If you like what you read in <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">our API documentation</a>
-                and want to begin using RERUM as a back stack service please register by clicking below.
-                Be prepared to be routed to Auth0 (don't know why?
-                <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">Read the API</a>).
-            </p>
-            <p class="handHoldy">
-                After registering, you will be returned to this page with an Auth0 Authorization code. Use that code at
-                the bottom of this page to get a refresh token
-                and an access token so you can use the API. You may notice the page has already populated known
-                information for you.
-            </p>
-        </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="register" value="Register With RERUM At Auth0" />
-        </div>
-    </div>
-    <div class='panel panel-info' name="block">
-        <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                If you believe you are already registered and want to check on your status, follow the prompts below.
-                You will be routed to Auth0 so we can verify who you are.
-            </p>
-            <div>
-                <span class="status_header"> Auth0 Status </span>
-                <kbd class="rerumStatus" id="authorizationStatus">UNKNOWN</kbd>
+
+    <div class="row">
+        <div class="col-md-6">
+            <div class='panel panel-info' name="block">
+                <div class="panel-heading"> <span class="panel-title">Application Registration</span> </div>
+                <div class="panel-body">
+                    <p class="handHoldy">
+                        Interacting with RERUM requires server-to-server communication, so we suggest the registrant be the
+                        application developer.
+                        You may want to
+                        <a target="_blank" rel="noopener" href="https://rerum.io/#/future" class="linkOut">learn more about the concepts around RERUM</a>
+                        before reading the API.
+                    </p>
+                    <p class="handHoldy">
+                        If you are here for the first time and think you want to use RERUM, please
+                        <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">read the API</a> first.
+                    </p>
+                    <p class="handHoldy">
+                        If you like what you read in <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">our API documentation</a>
+                        and want to begin using RERUM as a back stack service please register by clicking below.
+                        Be prepared to be routed to Auth0 (don't know why?
+                        <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">Read the API</a>).
+                    </p>
+                    <p class="handHoldy">
+                        After registering, you will be returned to this page with an Auth0 Authorization code. 
+                    </p>
+                </div>
+                <div class="panel-footer">
+                    <input class='btn btn-primary btn-large' type="button" id="register" value="Register With RERUM At Auth0" />
+                </div>
             </div>
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="check_status" value="Check my Authorization Status With Auth0" />
-            <!--<input class='btn btn-primary btn-large' type="button" id="login" value="Login To Get Auth Status" />-->
-        </div>
-    </div>
-    <div class='panel panel-info' name="block">
-        <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                Provide your access token below to check if it is still valid. If so, your access to RERUM will be
-                authorized. Otherwise, you will see an "unauthorized" message.
-            </p>
-            <p class="handHoldy">
-                If the token you have is not working, it may be because access tokens expire every 30 days. You can use
-                your refresh token to get a new access token.
-            </p>
-            <textarea class="form-control" id="a_t" placeholder="Your access token goes here."></textarea>
-            <div>
-                <span class="status_header"> RERUM status </span>
-                <kbd class="rerumStatus" id="rerumStatus" class="">UNKNOWN</kbd>
+        <div class="col-md-6">
+            <div class="panel panel-info" id="panel-checks">
+                <div class="panel-heading"> <span class="panel-title">Already Registered Information</span> </div>
+                <div class="panel-body">
+                    <p>
+                        If you are already registered and need to manage your tokens or check your status, click the button below.
+                    </p>
+                </div>
+                <div class="panel-footer">
+                    <input class='btn btn-primary btn-large' type="button" id="show-checks" value="Checks" />
+                </div>
             </div>
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" onclick="testAPI()" id="test_api" value="Check Access To RERUM API" />
-        </div>
     </div>
-    <div class='panel panel-info' name="block">
-        <div class="panel-heading"> <span class="panel-title">Get A New Access Token</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                Your access token to use RERUM expires every 30 days. Has it been that long or longer? Provide your
-                refresh token below to get a new access token.
-                If you lost your refresh token, you can get a new one in "Get A New Refresh Token" below.
-            </p>
-            <textarea class="form-control" placeholder="Your refresh token goes here." id="r_t_4_a_t"></textarea>
-            <div>
-                <span class="status_header"> Status </span>
-                <kbd class="rerumStatus" id="natStatus">UNKNOWN</kbd>
+
+    <div id="checks-container" style="display: none;">
+        <div class='panel panel-info' name="block" id="auth-status-panel">
+            <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    If you believe you are already registered and want to check on your status, follow the prompts below.
+                    You will be routed to Auth0 so we can verify who you are.
+                </p>
+                <div>
+                    <span class="status_header"> Auth0 Status </span>
+                    <kbd class="rerumStatus" id="authorizationStatus">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="check_status" value="Check my Authorization Status With Auth0" />
             </div>
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
+        <div class='panel panel-info' name="block" id="refresh-token-panel">
+            <div class="panel-heading"> <span class="panel-title">Get A New Refresh Token</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    You can supply a valid Auth0 Authorization Code to get a new refresh token. Use "Check my Authorization
+                    Status with Auth0" to get a valid code.
+                </p>
+                Enter your code: <textarea class="form-control" placeholder="Your Auth0 Authorization Code goes here" id="code_for_refresh_token"></textarea>
+                <br>
+                <textarea readonly class="form-control" id="new_refresh_token" placeholder="Your refresh token will appear here."></textarea>
+                <div>
+                    <span class="status_header"> Status </span>
+                    <kbd class="rerumStatus" id="nrtStatus">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="refresh_token" value="Get A New Refresh Token" />
+            </div>
         </div>
-    </div>
-    <div class='panel panel-info' name="block">
-        <div class="panel-heading"> <span class="panel-title">Get A New Refresh Token</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                You can supply a valid Auth0 Authorization Code to get a new refresh token. Use "Check my Authorization
-                Status with Auth0" to get a valid code.
-            </p>
-            Enter your code: <textarea class="form-control" placeholder="Your Auth0 Authorization Code goes here" id="code_for_refresh_token"></textarea>
-            <br>
-            <textarea readonly class="form-control" id="new_refresh_token" placeholder="Your refresh token will appear here."></textarea>
-            <div>
-                <span class="status_header"> Status </span>
-                <kbd class="rerumStatus" id="nrtStatus">UNKNOWN</kbd>
+        <div class='panel panel-info' name="block" id="access-token-panel">
+            <div class="panel-heading"> <span class="panel-title">Get A New Access Token</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    Your access token to use RERUM expires every 30 days. Has it been that long or longer? Provide your
+                    refresh token below to get a new access token.
+                    If you lost your refresh token, you can get a new one in "Get A New Refresh Token" below.
+                </p>
+                <textarea class="form-control" placeholder="Your refresh token goes here." id="r_t_4_a_t"></textarea>
+                <div>
+                    <span class="status_header"> Status </span>
+                    <kbd class="rerumStatus" id="natStatus">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
             </div>
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="refresh_token" value="Get A New Refresh Token" />
+        <div class='panel panel-info' name="block" id="test-api-panel">
+            <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    Provide your access token below to check if it is still valid. If so, your access to RERUM will be
+                    authorized. Otherwise, you will see an "unauthorized" message.
+                </p>
+                <p class="handHoldy">
+                    If the token you have is not working, it may be because access tokens expire every 30 days. You can use
+                    your refresh token to get a new access token.
+                </p>
+                <textarea class="form-control" id="a_t" placeholder="Your access token goes here."></textarea>
+                <div>
+                    <span class="status_header"> RERUM status </span>
+                    <kbd class="rerumStatus" id="rerumStatus" class="">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" onclick="testAPI()" id="test_api" value="Check Access To RERUM API" />
+            </div>
         </div>
     </div>
-    <script type="text/javascript">
-    /*
-     * The process we are mimicking here is https://auth0.com/docs/api-auth/grant/authorization-code and 
-     * https://auth0.com/docs/api-auth/tutorials/client-credentials
-     * https://auth0.com/docs/api-auth/tutorials/authorization-code-grant
-     * https://auth0.com/docs/api/authentication#authorization-code-grant
-     * https://auth0.com/docs/api-auth/grant/implicit
-     * https://auth0.com/docs/api-auth/grant/authorization-code
-     * https://auth0.com/docs/api-auth/tutorials/client-credentials
-     */
-    let access_token = ""
-    let auth_code = ""
-    let error_code = ""
-    let responseJSON = {}
-    const myURL = document.location.href
 
-    if (myURL.indexOf("access_token=") > -1) {
-        //The user registered or asked for a new token through the Client Credentials Grant flow https://auth0.com/docs/api-auth/tutorials/client-credentials
-        //Presumably, they had to come to rerum to do this.  They cannot ask for new access tokens through their servers or front end.
-        access_token = getURLHash("access_token")
-        $("#test_api").show()
-        $("#a_t").val(access_token)
-        $("#check_status").hide()
-        $("#authorizationStatus").html("Thanks for choosing RERUM!  A new token was created for you.  Keep this token in a safe place, you will need it for our API. \n\
-                You can test that your access token will work with RERUM by clicking the 'Test API' button below.  <br> token=" + access_token)
-    } else if (myURL.indexOf("code=") > -1) {
-        //The user simply checked if they were registered.  If so, they get a code.  If not, they get an error.
-        auth_code = getURLVariable("code")
-        $("#code_for_refresh_token").val(auth_code)
-        if (auth_code !== "") {
-            $("#authorizationStatus").html("AUTHORIZED: auth code=" + auth_code + ".  You are registered with the Auth0 RERUM client.  Get a new refresh token using this code.")
-        } else { //Weird
-            $("#authorizationStatus").html("UNAUTHORIZED")
+    <script type="text/javascript">
+        function getURLVariable(variable) {
+            const query = window.location.search.substring(1);
+            const vars = query.split("&");
+            for (let i = 0; i < vars.length; i++) {
+                const pair = vars[i].split("=");
+                if (pair[0] == variable) {
+                    return pair[1];
+                }
+            }
+            return false;
         }
-        $("#check_status").hide()
-    } else if (myURL.indexOf("error=") > -1) {
-        //The user registered, checked their status or asked for a new access token and there was a problem. 
-        error_code = getURLVariable("error")
-        if (error_code == "login_required") { //What they are asking for requires authentication against their user inside the RERUM Server Auth0 client.
-            $("#authorizationStatus").html("You must login with Auth0 for this check.")
-            $("#login").show()
-        } else if (error_code == "consent_required") { //The user is logged in with auth0 but has not registered with the Rerum Server Auth0 client.
-            $("#authorizationStatus").html("You have never consented to use the API, so you do not have an access token.  Get one to test access to RERUM.")
-        } else if (error_code == "interaction_required") {
-            $("#authorizationStatus").html("There are strange happenings afoot in the void of the web...")
+
+        function getURLHash(variable) {
+            let query = document.location.hash;
+            query = query.substr(1);
+            const vars = query.split("&");
+            for (let i = 0; i < vars.length; i++) {
+                const pair = vars[i].split("=");
+                if (pair[0] == variable) {
+                    return pair[1];
+                }
+            }
+            return false;
         }
-        $("#check_status").hide()
-    } else { //User came to web page, we don't know much about them.  
 
-    }
+        $('#show-checks').click(function() {
+            $('#checks-container').slideToggle();
+        });
 
-    $("#register").click(ev => fetch('/client/register').then(res => res.text()).then(url => location.href = url)) // `https://cubap.auth0.com/authorize?response_type=code&client_id=62Jsa9MxHuqhRbO20gTHs9KpKr7Ue7sl&redirect_uri=http://store.rerum.io&state=STATE`)
+        $(document).ready(function() {
+            const myURL = document.location.href;
+            const authCode = getURLVariable("code");
+            const errorCode = getURLVariable("error");
+            const login = getURLVariable("login");
 
-    $("#request_token").click(function() {
-        const refresh_token = $("#r_t_4_a_t").val()
-        if (!refresh_token) {
-            $("#r_t_4_a_t").attr("placeholder", "You must supply a refresh token here!")
-            $("#r_t_4_a_t").css("border", "2px solid yellow")
-            return false
-        }
-        fetch('/client/request-new-access-token', {
-                method: 'post',
-                headers: {
-                    "Content-Type": "application/json; charset=utf-8"
-                },
-                body: JSON.stringify({ refresh_token })
-            }).then(resp => {
-                const statusElem = $("#natStatus")
-                if (resp.status < 300) {
-                    statusElem.html("The refresh token was accepted.")
-                    return resp.json()
-                } else {
-                    $("#r_t_4_a_t").css("border", "2px solid red")
-                    statusElem.html("The refresh token was invalid.  Get a new refresh token or try again.")
-                    return Promise.reject("Invalid refresh token.")
-                }
-            })
-            .then(token => {
-                $("#a_t").val(token.access_token)
-            })
-    })
+            if (login === "true") {
+                alert("Successfully logged in!");
+            }
 
-    $("#refresh_token").click(function() {
-        //The user would like to request a new access token using the refresh token.  Send them off to log in. 
-        const authorization_code = $("#code_for_refresh_token").val()
-        if (!authorization_code) {
-            $("#code_for_refresh_token").attr("placeholder", "You must supply a code here!")
-            $("#code_for_refresh_token").css("border", "2px solid yellow")
-            return false
-        }
-        $("#code_for_refresh_token").css("border", "none")
-        $("#new_refresh_token").css("border", "none")
-        $("#new_refresh_token").val("")
+            if (authCode) {
+                $('#code_for_refresh_token').val(authCode);
+                $('#authorizationStatus').html("AUTHORIZED: Auth0 code found. You are registered. Use the button below to get a new refresh token.");
+                $('#checks-container').slideDown();
+                $('#panel-checks').hide();
+                alert("Registration successful!");
+            } else if (errorCode) {
+                $('#authorizationStatus').html(`Authentication Error: ${errorCode.replace(/_/g, ' ')}`);
+                $('#checks-container').slideDown();
+                $('#panel-checks').hide();
+            }
+        });
 
-        fetch('/client/request-new-refresh-token', {
-                method: 'post',
-                headers: {
-                    "Content-Type": "application/json; charset=utf-8"
-                },
-                body: JSON.stringify({ authorization_code })
-            }).then(resp => {
-                const statusElem = $("#nrtStatus")
-                if (resp.status < 300) {
-                    statusElem.html("Auth0 accepted the code.")
-                    return resp.json()
-                } else {
-                    $("#code_for_refresh_token").css("border", "2px solid red")
-                    statusElem.html("Auth0 rejected the code.  Check your status to get a new code and try again.")
-                    return Promise.reject("Invalid authorization code.")
-                }
-            })
-            .then(token => {
-                $("#new_refresh_token").val(token.refresh_token)
-                $("#a_t").val(token.access_token)
-            })
-    })
-    $("#check_status").click(ev => {
-        fetch('/client/register')
-            .then(res => res.text())
-            .then(url => {
-                console.log(url)
-                location.href = url
-            })
-    })
+        $("#register").click(ev => {
+            fetch('/client/register')
+                .then(res => res.text())
+                .then(url => location.href = url)
+                .catch(err => alert("Error: Could not connect to the registration service."));
+        });
 
-    // `https://cubap.auth0.com/authorize?response_type=code&client_id=62Jsa9MxHuqhRbO20gTHs9KpKr7Ue7sl&redirect_uri=http://store.rerum.io&state=STATE`)
+        $("#check_status").click(ev => {
+            fetch('/client/register')
+                .then(res => res.text())
+                .then(url => location.href = url)
+                .catch(err => alert("Error: Could not connect to the authentication service."));
+        });
 
-    function getURLVariable(variable) {
-        const query = window.location.search.substring(1)
-        const vars = query.split("&")
-        for (let i = 0; i < vars.length; i++) {
-            const pair = vars[i].split("=")
-            if (pair[0] == variable) { return pair[1] }
-        }
-        return false
-    }
+        $("#request_token").click(function() {
+            const refreshToken = $("#r_t_4_a_t").val();
+            if (!refreshToken) {
+                alert("You must provide a refresh token.");
+                return;
+            }
+            fetch('/client/request-new-access-token', {
+                    method: 'post',
+                    headers: {
+                        "Content-Type": "application/json; charset=utf-8"
+                    },
+                    body: JSON.stringify({
+                        refresh_token: refreshToken
+                    })
+                })
+                .then(resp => {
+                    if (!resp.ok) {
+                        throw new Error("Invalid refresh token.");
+                    }
+                    return resp.json();
+                })
+                .then(token => {
+                    $("#a_t").val(token.access_token);
+                    $("#natStatus").html("SUCCESS");
+                })
+                .catch(err => {
+                    $("#natStatus").html("FAILED. " + err.message);
+                });
+        });
 
-    function getURLHash(variable) {
-        let query = document.location.hash
-        query = query.substr(1)
-        const vars = query.split("&")
-        for (let i = 0; i < vars.length; i++) {
-            const pair = vars[i].split("=")
-            if (pair[0] == variable) { return pair[1] }
-        }
-        return false
-    }
+        $("#refresh_token").click(function() {
+            const authCode = $("#code_for_refresh_token").val();
+            if (!authCode) {
+                alert("You must provide an authorization code.");
+                return;
+            }
+            fetch('/client/request-new-refresh-token', {
+                    method: 'post',
+                    headers: {
+                        "Content-Type": "application/json; charset=utf-8"
+                    },
+                    body: JSON.stringify({
+                        authorization_code: authCode
+                    })
+                })
+                .then(resp => {
+                    if (!resp.ok) {
+                        throw new Error("Invalid authorization code.");
+                    }
+                    return resp.json();
+                })
+                .then(token => {
+                    $("#new_refresh_token").val(token.refresh_token);
+                    $("#a_t").val(token.access_token);
+                    $("#nrtStatus").html("SUCCESS");
+                })
+                .catch(err => {
+                    $("#nrtStatus").html("FAILED. " + err.message);
+                });
+        });
 
-    function testAPI() {
-        const userProvidedToken = $("#a_t").val()
-        if (!userProvidedToken) {
-            $("#a_t").attr("placeholder", "You must supply an access token here!")
-            $("#a_t").css("border", "2px solid yellow")
-            return false
+        function testAPI() {
+            const userProvidedToken = $("#a_t").val();
+            if (!userProvidedToken) {
+                alert("You must provide an access token to test.");
+                return;
+            }
+            fetch('/client/verify', {
+                    headers: {
+                        Authorization: `Bearer ${userProvidedToken}`
+                    }
+                })
+                .then(res => {
+                    if (!res.ok) {
+                        throw new Error("Unauthorized");
+                    }
+                    $("#rerumStatus").html("AUTHORIZED");
+                })
+                .catch(() => {
+                    $("#rerumStatus").html("UNAUTHORIZED. Refresh your access token and try again.");
+                });
         }
-
-        $("#a_t").css("border", "none")
-        const statusElem = $("#rerumStatus")
-        statusElem.html("WORKING...")
-
-        fetch('/client/verify', {
-                headers: {
-                    Authorization: `Bearer ${userProvidedToken}`
-                }
-            })
-            .then(res => {
-                if (!res.ok) { throw Error("Catch me!") }
-                statusElem.html("AUTHORIZED")
-                $("#test_api").show()
-            })
-            .catch(err => {
-                statusElem.html("UNAUTHORIZED. Refresh your access token and try again. If you still have trouble, <a class='linkOut' href=''>contact us at RERUM</a>.")
-                $("#a_t").css("border", "2px solid red")
-            })
-    }
     </script>
 </body>
 

From 5c98dd74c68e9e0ffbd4e44aba6d2e95cd49f249 Mon Sep 17 00:00:00 2001
From: unknown <joel.aikkarakudiyiljoby@slu.edu>
Date: Thu, 11 Sep 2025 14:16:20 -0500
Subject: [PATCH 05/13] Issue #4 changed

---
 public/index.html | 50 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/public/index.html b/public/index.html
index 72870ef6..ad1a43ef 100644
--- a/public/index.html
+++ b/public/index.html
@@ -190,6 +190,23 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 <input class='btn btn-primary btn-large' type="button" id="refresh_token" value="Get A New Refresh Token" />
             </div>
         </div>
+        <div class='panel panel-info' name="block" id="access-token-display-panel">
+            <div class="panel-heading"> 
+                <span class="panel-title">Access Token</span> 
+            </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    When you generate a new refresh token, an access token is also created. 
+                    It will be displayed here automatically. The access token generated from generating
+                    a new access token will also be displayed here
+                </p>
+                <textarea readonly class="form-control" id="a_t" placeholder="Your access token will appear here."></textarea>
+                <div>
+                    <span class="status_header"> Access Token Expiration </span>
+                    <kbd class="rerumStatus" id="refreshAccessExp">UNKNOWN</kbd>
+                </div>
+            </div>
+        </div>
         <div class='panel panel-info' name="block" id="access-token-panel">
             <div class="panel-heading"> <span class="panel-title">Get A New Access Token</span> </div>
             <div class="panel-body">
@@ -197,6 +214,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                     Your access token to use RERUM expires every 30 days. Has it been that long or longer? Provide your
                     refresh token below to get a new access token.
                     If you lost your refresh token, you can get a new one in "Get A New Refresh Token" below.
+                    The generated access token will be displayed in the box above
                 </p>
                 <textarea class="form-control" placeholder="Your refresh token goes here." id="r_t_4_a_t"></textarea>
                 <div>
@@ -321,14 +339,30 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 })
                 .then(token => {
                     $("#a_t").val(token.access_token);
+
+                    // Calculate expiration (30 days from now)
+                    const expirationDate = new Date();
+                    expirationDate.setDate(expirationDate.getDate() + 30);
+                    const expString = expirationDate.toLocaleString();
+
+                    // Update expiration displays
+                    $("#refreshAccessExp").html(expString);
+                    $("#testAccessExp").html(expString);
+
                     $("#natStatus").html("SUCCESS");
+                    alert("The old access token has been invalidated. A new one is now active.");
                 })
                 .catch(err => {
                     $("#natStatus").html("FAILED. " + err.message);
                 });
         });
 
+        let firstRefreshShown = false;
         $("#refresh_token").click(function() {
+            if (!confirm("Requesting a new refresh token invalidates the old one. Do you want to continue?")) {
+                return; // cancel the request if user clicks "Cancel"
+            }
+
             const authCode = $("#code_for_refresh_token").val();
             if (!authCode) {
                 alert("You must provide an authorization code.");
@@ -351,8 +385,24 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 })
                 .then(token => {
                     $("#new_refresh_token").val(token.refresh_token);
+
+                    // Fill access tokens in both places
                     $("#a_t").val(token.access_token);
+
+                    // Calculate expiration (30 days from now)
+                    const expirationDate = new Date();
+                    expirationDate.setDate(expirationDate.getDate() + 30);
+                    const expString = expirationDate.toLocaleString();
+
+                    // Update expiration displays
+                    $("#refreshAccessExp").html(expString);
+                    $("#testAccessExp").html(expString);
+
                     $("#nrtStatus").html("SUCCESS");
+                    if (!firstRefreshShown) {
+                        alert("Your new Refresh Token replaces the old one. Keep it safe! A new Access Token has also been issued.");
+                        firstRefreshShown = true;
+                    }
                 })
                 .catch(err => {
                     $("#nrtStatus").html("FAILED. " + err.message);

From db2821198edd0d147565d72f16e1e41a29d535ff Mon Sep 17 00:00:00 2001
From: LuisPalmejar21 <luis.palmejar@slu.edu>
Date: Fri, 12 Sep 2025 08:14:50 -0500
Subject: [PATCH 06/13] Added the token display at near the top of the page.
 Not completely done, but made progress with it.

---
 public/index.html | 46 +++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 41 insertions(+), 5 deletions(-)

diff --git a/public/index.html b/public/index.html
index 28eee8c7..6a9e981e 100644
--- a/public/index.html
+++ b/public/index.html
@@ -23,6 +23,11 @@
             color: #979A9E;
             font-size: 12pt;
         }
+
+        .column {
+            float: left;
+            width: 50%;
+        }
     
         body {
             font-family: 'Open Sans', sans-serif;
@@ -106,7 +111,36 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 consumers can evaluate trustworthiness and relevance</li>
         </ol>
     </div>
-    <div class='panel panel-info' name="block">
+    <div class="column"> <!-- Column for Refresh Token -->
+        <div class='panel panel-info' name="block">
+            
+                <div class="panel-heading"> <span class="panel-title">Refresh Token</span> </div>
+                <div class="panel-body">
+                    <p class="handHoldy">
+                        “⚠️ Most important token. Do not lose it.”
+                    </p>
+                    <p class="handHoldy" id="RefreshTokenDisplay">
+                        Your refresh token will appear here.
+                    </p>
+                </div>
+            
+        </div>
+    </div>
+    <div class="column"> <!-- Column for Access Token -->
+        <div class='panel panel-info' name="block">
+            
+                <div class="panel-heading"> <span class="panel-title">Access Token</span> </div>
+                <div class="panel-body">
+                    <p class="handHoldy">
+                        “Valid for 30 days. You can refresh anytime.”
+                    </p>
+                    <p class="handHoldy" id="AccessTokenDisplay">
+                        Your access token will appear here.
+                    </p>
+                </div>
+        </div>
+    </div>
+    <div class='panel panel-info' name="block"> <!-- Application Registration -->
         <div class="panel-heading"> <span class="panel-title">Application Registration</span> </div>
         <div class="panel-body">
             <p class="handHoldy">
@@ -137,7 +171,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             <input class='btn btn-primary btn-large' type="button" id="register" value="Register With RERUM At Auth0" />
         </div>
     </div>
-    <div class='panel panel-info' name="block">
+    <div class='panel panel-info' name="block"> <!-- Auth0 Authorization Status -->
         <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
         <div class="panel-body">
             <p class="handHoldy">
@@ -154,7 +188,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             <!--<input class='btn btn-primary btn-large' type="button" id="login" value="Login To Get Auth Status" />-->
         </div>
     </div>
-    <div class='panel panel-info' name="block">
+    <div class='panel panel-info' name="block"> <!-- Test RERUM API Access -->
         <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
         <div class="panel-body">
             <p class="handHoldy">
@@ -175,7 +209,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             <input class='btn btn-primary btn-large' type="button" onclick="testAPI()" id="test_api" value="Check Access To RERUM API" />
         </div>
     </div>
-    <div class='panel panel-info' name="block">
+    <div class='panel panel-info' name="block"> <!-- Get A New Access Token -->
         <div class="panel-heading"> <span class="panel-title">Get A New Access Token</span> </div>
         <div class="panel-body">
             <p class="handHoldy">
@@ -193,7 +227,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
         </div>
     </div>
-    <div class='panel panel-info' name="block">
+    <div class='panel panel-info' name="block"> <!-- Get A New Refresh Token -->
         <div class="panel-heading"> <span class="panel-title">Get A New Refresh Token</span> </div>
         <div class="panel-body">
             <p class="handHoldy">
@@ -325,6 +359,8 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             })
             .then(token => {
                 $("#new_refresh_token").val(token.refresh_token)
+                $("#RefreshTokenDisplay").html(token.refresh_token)
+                $("#AccessTokenDisplay").html(token.access_token)
                 $("#a_t").val(token.access_token)
             })
     })

From 191849e7665da10eba1f88bd4d4ac2d965bc3077 Mon Sep 17 00:00:00 2001
From: LuisPalmejar21 <luis.palmejar@slu.edu>
Date: Tue, 16 Sep 2025 13:57:34 -0500
Subject: [PATCH 07/13] Cloned the code from dev_devayani to dev_luis due to
 mistakenly merging my code to dev_devayani instead of a pull request.

---
 public/index.html | 639 ++++++++++++++++++++++++++--------------------
 1 file changed, 358 insertions(+), 281 deletions(-)

diff --git a/public/index.html b/public/index.html
index 6a9e981e..1ae20393 100644
--- a/public/index.html
+++ b/public/index.html
@@ -18,23 +18,19 @@
             color: green;
             font-weight: bold;
         }
-    
+
         #intro {
             color: #979A9E;
             font-size: 12pt;
         }
 
-        .column {
-            float: left;
-            width: 50%;
-        }
-    
         body {
             font-family: 'Open Sans', sans-serif;
             color: #979A9E;
             background-color: #2F353E;
+            padding: 20px;
         }
-    
+
         input[type="text"] {
             background-color: #ccc;
             color: black;
@@ -42,48 +38,53 @@
             font-family: serif;
             font-size: 14pt;
         }
-    
+
+        .column {
+            float: left;
+            width: 50%;
+        }
+        
         h1 {
             cursor: pointer;
             font-weight: 300;
             font-family: 'Raleway', sans-serif;
             margin-bottom: 10px;
         }
-    
+
         .navbar-brand {
             float: none;
             font-size: 2rem;
             line-height: 1.5;
             margin-bottom: 20px;
         }
-    
+
         #login {
             display: none;
         }
-    
+
         .panel-body {
             color: initial;
         }
-    
+
         .panel {
             word-break: break-word;
         }
-    
+
         .status_header {
             color: gray;
         }
-    
+
         #a_t {
             height: 170px;
             margin-bottom: 8px;
         }
-    
+
         #a_t,
         #r_t_4_a_t,
         #new_refresh_token {
             margin-bottom: 8px;
         }
-    
+
         #code_for_refresh_token {
             margin-bottom: -13px;
         }
@@ -111,236 +112,179 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 consumers can evaluate trustworthiness and relevance</li>
         </ol>
     </div>
-    <div class="column"> <!-- Column for Refresh Token -->
-        <div class='panel panel-info' name="block">
-            
-                <div class="panel-heading"> <span class="panel-title">Refresh Token</span> </div>
+
+    <div class="row">
+        <div class="col-md-6">
+            <div class='panel panel-info' name="block">
+                <div class="panel-heading"> <span class="panel-title">Application Registration</span> </div>
                 <div class="panel-body">
                     <p class="handHoldy">
-                        “⚠️ Most important token. Do not lose it.”
+                        Interacting with RERUM requires server-to-server communication, so we suggest the registrant be the
+                        application developer.
+                        You may want to
+                        <a target="_blank" rel="noopener" href="https://rerum.io/#/future" class="linkOut">learn more about the concepts around RERUM</a>
+                        before reading the API.
                     </p>
-                    <p class="handHoldy" id="RefreshTokenDisplay">
-                        Your refresh token will appear here.
+                    <p class="handHoldy">
+                        If you are here for the first time and think you want to use RERUM, please
+                        <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">read the API</a> first.
                     </p>
-                </div>
-            
-        </div>
-    </div>
-    <div class="column"> <!-- Column for Access Token -->
-        <div class='panel panel-info' name="block">
-            
-                <div class="panel-heading"> <span class="panel-title">Access Token</span> </div>
-                <div class="panel-body">
                     <p class="handHoldy">
-                        “Valid for 30 days. You can refresh anytime.”
+                        If you like what you read in <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">our API documentation</a>
+                        and want to begin using RERUM as a back stack service please register by clicking below.
+                        Be prepared to be routed to Auth0 (don't know why?
+                        <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">Read the API</a>).
                     </p>
-                    <p class="handHoldy" id="AccessTokenDisplay">
-                        Your access token will appear here.
+                    <p class="handHoldy">
+                        After registering, you will be returned to this page with an Auth0 Authorization code. 
                     </p>
                 </div>
-        </div>
-    </div>
-    <div class='panel panel-info' name="block"> <!-- Application Registration -->
-        <div class="panel-heading"> <span class="panel-title">Application Registration</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                Interacting with RERUM requires server-to-server communication, so we suggest the registrant be the
-                application developer.
-                You may want to
-                <a target="_blank" rel="noopener" href="https://rerum.io/#/future" class="linkOut">learn more about the concepts around RERUM</a>
-                before reading the API.
-            </p>
-            <p class="handHoldy">
-                If you are here for the first time and think you want to use RERUM, please
-                <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">read the API</a> first.
-            </p>
-            <p class="handHoldy">
-                If you like what you read in <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">our API documentation</a>
-                and want to begin using RERUM as a back stack service please register by clicking below.
-                Be prepared to be routed to Auth0 (don't know why?
-                <a target="_blank" rel="noopener" href="https://store.rerum.io/API.html" class="linkOut">Read the API</a>).
-            </p>
-            <p class="handHoldy">
-                After registering, you will be returned to this page with an Auth0 Authorization code. Use that code at
-                the bottom of this page to get a refresh token
-                and an access token so you can use the API. You may notice the page has already populated known
-                information for you.
-            </p>
-        </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="register" value="Register With RERUM At Auth0" />
-        </div>
-    </div>
-    <div class='panel panel-info' name="block"> <!-- Auth0 Authorization Status -->
-        <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                If you believe you are already registered and want to check on your status, follow the prompts below.
-                You will be routed to Auth0 so we can verify who you are.
-            </p>
-            <div>
-                <span class="status_header"> Auth0 Status </span>
-                <kbd class="rerumStatus" id="authorizationStatus">UNKNOWN</kbd>
+                <div class="panel-footer">
+                    <input class='btn btn-primary btn-large' type="button" id="register" value="Register With RERUM At Auth0" />
+                </div>
             </div>
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="check_status" value="Check my Authorization Status With Auth0" />
-            <!--<input class='btn btn-primary btn-large' type="button" id="login" value="Login To Get Auth Status" />-->
+        <div class="col-md-6">
+            <div class="panel panel-info" id="panel-checks">
+                <div class="panel-heading"> <span class="panel-title">Already Registered Information</span> </div>
+                <div class="panel-body">
+                    <p>
+                        If you are already registered and need to manage your tokens or check your status, click the button below.
+                    </p>
+                </div>
+                <div class="panel-footer">
+                    <input class='btn btn-primary btn-large' type="button" id="show-checks" value="Checks" />
+                </div>
+            </div>
         </div>
     </div>
-    <div class='panel panel-info' name="block"> <!-- Test RERUM API Access -->
-        <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                Provide your access token below to check if it is still valid. If so, your access to RERUM will be
-                authorized. Otherwise, you will see an "unauthorized" message.
-            </p>
-            <p class="handHoldy">
-                If the token you have is not working, it may be because access tokens expire every 30 days. You can use
-                your refresh token to get a new access token.
-            </p>
-            <textarea class="form-control" id="a_t" placeholder="Your access token goes here."></textarea>
-            <div>
-                <span class="status_header"> RERUM status </span>
-                <kbd class="rerumStatus" id="rerumStatus" class="">UNKNOWN</kbd>
+
+    <div id="checks-container" style="display: none;">
+        <div class='panel panel-info' name="block" id="token-display-panel"> <!-- Token Displays -->     
+            <div class="panel-heading"> <span class="panel-title">Tokens</span> 
             </div>
+            <div class="panel-body">
+                <div class = "column"> <!-- Access Token Column -->                 
+                            <p class="handHoldy">
+                                Access Token: Valid for 30 days. You can refresh anytime.
+                            </p>
+                            <p class="handHoldy">
+                                <textarea readonly class="form-control" id="AccessTokenDisplay" placeholder="Your access token will appear here."></textarea>
+                            </p>                      
+                </div>
+                <div class = "column"> <!-- Refresh Token Column -->  
+                            <p class="handHoldy">
+                                Refresh Token: ⚠️ Most important token. Do not lose it.”
+                            </p>
+                            <p class="handHoldy">
+                                <textarea readonly class="form-control" id="RefreshTokenDisplay" placeholder="Your refresh token will appear here."></textarea>
+                            </p>
+                </div>
+            </div>
+            <div class="panel-footer">
+                        <input class='btn btn-primary btn-large' type="button" id="download_token" value="Download Tokens" />
+            </div>                   
+                
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" onclick="testAPI()" id="test_api" value="Check Access To RERUM API" />
+        <div class='panel panel-info' name="block" id="auth-status-panel">
+            <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    If you believe you are already registered and want to check on your status, follow the prompts below.
+                    You will be routed to Auth0 so we can verify who you are.
+                </p>
+                <div>
+                    <span class="status_header"> Auth0 Status </span>
+                    <kbd class="rerumStatus" id="authorizationStatus">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="check_status" value="Check my Authorization Status With Auth0" />
+            </div>
         </div>
-    </div>
-    <div class='panel panel-info' name="block"> <!-- Get A New Access Token -->
-        <div class="panel-heading"> <span class="panel-title">Get A New Access Token</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                Your access token to use RERUM expires every 30 days. Has it been that long or longer? Provide your
-                refresh token below to get a new access token.
-                If you lost your refresh token, you can get a new one in "Get A New Refresh Token" below.
-            </p>
-            <textarea class="form-control" placeholder="Your refresh token goes here." id="r_t_4_a_t"></textarea>
-            <div>
-                <span class="status_header"> Status </span>
-                <kbd class="rerumStatus" id="natStatus">UNKNOWN</kbd>
+        <div class='panel panel-info' name="block" id="refresh-token-panel">
+            <div class="panel-heading"> <span class="panel-title">Get A New Refresh Token</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    You can supply a valid Auth0 Authorization Code to get a new refresh token. Use "Check my Authorization
+                    Status with Auth0" to get a valid code.
+                </p>
+                Enter your code: <textarea class="form-control" placeholder="Your Auth0 Authorization Code goes here" id="code_for_refresh_token"></textarea>
+                <br>
+                <textarea readonly class="form-control" id="new_refresh_token" placeholder="Your refresh token will appear here."></textarea>
+                <div>
+                    <span class="status_header"> Status </span>
+                    <kbd class="rerumStatus" id="nrtStatus">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="refresh_token" value="Get A New Refresh Token" />
             </div>
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
+        <div class='panel panel-info' name="block" id="access-token-display-panel">
+            <div class="panel-heading"> 
+                <span class="panel-title">Access Token</span> 
+            </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    When you generate a new refresh token, an access token is also created. 
+                    It will be displayed here automatically. The access token generated from generating
+                    a new access token will also be displayed here
+                </p>
+                <textarea readonly class="form-control" id="a_t" placeholder="Your access token will appear here."></textarea>
+                <div>
+                    <span class="status_header"> Access Token Expiration </span>
+                    <kbd class="rerumStatus" id="refreshAccessExp">UNKNOWN</kbd>
+                </div>
+            </div>
         </div>
-    </div>
-    <div class='panel panel-info' name="block"> <!-- Get A New Refresh Token -->
-        <div class="panel-heading"> <span class="panel-title">Get A New Refresh Token</span> </div>
-        <div class="panel-body">
-            <p class="handHoldy">
-                You can supply a valid Auth0 Authorization Code to get a new refresh token. Use "Check my Authorization
-                Status with Auth0" to get a valid code.
-            </p>
-            Enter your code: <textarea class="form-control" placeholder="Your Auth0 Authorization Code goes here" id="code_for_refresh_token"></textarea>
-            <br>
-            <textarea readonly class="form-control" id="new_refresh_token" placeholder="Your refresh token will appear here."></textarea>
-            <div>
-                <span class="status_header"> Status </span>
-                <kbd class="rerumStatus" id="nrtStatus">UNKNOWN</kbd>
+        <div class='panel panel-info' name="block" id="access-token-panel">
+            <div class="panel-heading"> <span class="panel-title">Get A New Access Token</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    Your access token to use RERUM expires every 30 days. Has it been that long or longer? Provide your
+                    refresh token below to get a new access token.
+                    If you lost your refresh token, you can get a new one in "Get A New Refresh Token" below.
+                    The generated access token will be displayed in the box above
+                </p>
+                <textarea class="form-control" placeholder="Your refresh token goes here." id="r_t_4_a_t"></textarea>
+                <div>
+                    <span class="status_header"> Status </span>
+                    <kbd class="rerumStatus" id="natStatus">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
             </div>
         </div>
-        <div class="panel-footer">
-            <input class='btn btn-primary btn-large' type="button" id="refresh_token" value="Get A New Refresh Token" />
+        <div class='panel panel-info' name="block" id="test-api-panel">
+            <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    Provide your access token below to check if it is still valid. If so, your access to RERUM will be
+                    authorized. Otherwise, you will see an "unauthorized" message.
+                </p>
+                <p class="handHoldy">
+                    If the token you have is not working, it may be because access tokens expire every 30 days. You can use
+                    your refresh token to get a new access token.
+                </p>
+                <textarea class="form-control" id="a_t" placeholder="Your access token goes here."></textarea>
+                <div>
+                    <span class="status_header"> RERUM status </span>
+                    <kbd class="rerumStatus" id="rerumStatus" class="">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" onclick="testAPI()" id="test_api" value="Check Access To RERUM API" />
+            </div>
         </div>
     </div>
-    <script type="text/javascript">
-    /*
-     * The process we are mimicking here is https://auth0.com/docs/api-auth/grant/authorization-code and 
-     * https://auth0.com/docs/api-auth/tutorials/client-credentials
-     * https://auth0.com/docs/api-auth/tutorials/authorization-code-grant
-     * https://auth0.com/docs/api/authentication#authorization-code-grant
-     * https://auth0.com/docs/api-auth/grant/implicit
-     * https://auth0.com/docs/api-auth/grant/authorization-code
-     * https://auth0.com/docs/api-auth/tutorials/client-credentials
-     */
-    let access_token = ""
-    let auth_code = ""
-    let error_code = ""
-    let responseJSON = {}
-    const myURL = document.location.href
-
-    if (myURL.indexOf("access_token=") > -1) {
-        //The user registered or asked for a new token through the Client Credentials Grant flow https://auth0.com/docs/api-auth/tutorials/client-credentials
-        //Presumably, they had to come to rerum to do this.  They cannot ask for new access tokens through their servers or front end.
-        access_token = getURLHash("access_token")
-        $("#test_api").show()
-        $("#a_t").val(access_token)
-        $("#check_status").hide()
-        $("#authorizationStatus").html("Thanks for choosing RERUM!  A new token was created for you.  Keep this token in a safe place, you will need it for our API. \n\
-                You can test that your access token will work with RERUM by clicking the 'Test API' button below.  <br> token=" + access_token)
-    } else if (myURL.indexOf("code=") > -1) {
-        //The user simply checked if they were registered.  If so, they get a code.  If not, they get an error.
-        auth_code = getURLVariable("code")
-        $("#code_for_refresh_token").val(auth_code)
-        if (auth_code !== "") {
-            $("#authorizationStatus").html("AUTHORIZED: auth code=" + auth_code + ".  You are registered with the Auth0 RERUM client.  Get a new refresh token using this code.")
-        } else { //Weird
-            $("#authorizationStatus").html("UNAUTHORIZED")
-        }
-        $("#check_status").hide()
-    } else if (myURL.indexOf("error=") > -1) {
-        //The user registered, checked their status or asked for a new access token and there was a problem. 
-        error_code = getURLVariable("error")
-        if (error_code == "login_required") { //What they are asking for requires authentication against their user inside the RERUM Server Auth0 client.
-            $("#authorizationStatus").html("You must login with Auth0 for this check.")
-            $("#login").show()
-        } else if (error_code == "consent_required") { //The user is logged in with auth0 but has not registered with the Rerum Server Auth0 client.
-            $("#authorizationStatus").html("You have never consented to use the API, so you do not have an access token.  Get one to test access to RERUM.")
-        } else if (error_code == "interaction_required") {
-            $("#authorizationStatus").html("There are strange happenings afoot in the void of the web...")
-        }
-        $("#check_status").hide()
-    } else { //User came to web page, we don't know much about them.  
-
-    }
-
-    $("#register").click(ev => fetch('/client/register').then(res => res.text()).then(url => location.href = url)) // `https://cubap.auth0.com/authorize?response_type=code&client_id=62Jsa9MxHuqhRbO20gTHs9KpKr7Ue7sl&redirect_uri=http://store.rerum.io&state=STATE`)
-
-    $("#request_token").click(function() {
-        const refresh_token = $("#r_t_4_a_t").val()
-        if (!refresh_token) {
-            $("#r_t_4_a_t").attr("placeholder", "You must supply a refresh token here!")
-            $("#r_t_4_a_t").css("border", "2px solid yellow")
-            return false
-        }
-        fetch('/client/request-new-access-token', {
-                method: 'post',
-                headers: {
-                    "Content-Type": "application/json; charset=utf-8"
-                },
-                body: JSON.stringify({ refresh_token })
-            }).then(resp => {
-                const statusElem = $("#natStatus")
-                if (resp.status < 300) {
-                    statusElem.html("The refresh token was accepted.")
-                    return resp.json()
-                } else {
-                    $("#r_t_4_a_t").css("border", "2px solid red")
-                    statusElem.html("The refresh token was invalid.  Get a new refresh token or try again.")
-                    return Promise.reject("Invalid refresh token.")
-                }
-            })
-            .then(token => {
-                $("#a_t").val(token.access_token)
-            })
-    })
-
-    $("#refresh_token").click(function() {
-        //The user would like to request a new access token using the refresh token.  Send them off to log in. 
-        const authorization_code = $("#code_for_refresh_token").val()
-        if (!authorization_code) {
-            $("#code_for_refresh_token").attr("placeholder", "You must supply a code here!")
-            $("#code_for_refresh_token").css("border", "2px solid yellow")
-            return false
-        }
-        $("#code_for_refresh_token").css("border", "none")
-        $("#new_refresh_token").css("border", "none")
-        $("#new_refresh_token").val("")
 
-        fetch('/client/request-new-refresh-token', {
+    <script type="text/javascript">
+        function NewRefreshToken(){ // This function generates a new refresh token, needed to generate an access token respectively.
+       const authorization_code = $("#code_for_refresh_token").val()
+       fetch('/client/request-new-refresh-token', {
+        
                 method: 'post',
                 headers: {
                     "Content-Type": "application/json; charset=utf-8"
@@ -349,80 +293,213 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             }).then(resp => {
                 const statusElem = $("#nrtStatus")
                 if (resp.status < 300) {
-                    statusElem.html("Auth0 accepted the code.")
                     return resp.json()
                 } else {
                     $("#code_for_refresh_token").css("border", "2px solid red")
-                    statusElem.html("Auth0 rejected the code.  Check your status to get a new code and try again.")
                     return Promise.reject("Invalid authorization code.")
                 }
             })
             .then(token => {
                 $("#new_refresh_token").val(token.refresh_token)
-                $("#RefreshTokenDisplay").html(token.refresh_token)
-                $("#AccessTokenDisplay").html(token.access_token)
                 $("#a_t").val(token.access_token)
-            })
-    })
-    $("#check_status").click(ev => {
-        fetch('/client/register')
-            .then(res => res.text())
-            .then(url => {
-                console.log(url)
-                location.href = url
-            })
-    })
-
-    // `https://cubap.auth0.com/authorize?response_type=code&client_id=62Jsa9MxHuqhRbO20gTHs9KpKr7Ue7sl&redirect_uri=http://store.rerum.io&state=STATE`)
-
-    function getURLVariable(variable) {
-        const query = window.location.search.substring(1)
-        const vars = query.split("&")
-        for (let i = 0; i < vars.length; i++) {
-            const pair = vars[i].split("=")
-            if (pair[0] == variable) { return pair[1] }
-        }
-        return false
+                
+                $("#RefreshTokenDisplay").val(token.refresh_token)
+                $("#AccessTokenDisplay").val(token.access_token)
+            })  
     }
 
-    function getURLHash(variable) {
-        let query = document.location.hash
-        query = query.substr(1)
-        const vars = query.split("&")
-        for (let i = 0; i < vars.length; i++) {
-            const pair = vars[i].split("=")
-            if (pair[0] == variable) { return pair[1] }
+        function getURLVariable(variable) {
+            const query = window.location.search.substring(1);
+            const vars = query.split("&");
+            for (let i = 0; i < vars.length; i++) {
+                const pair = vars[i].split("=");
+                if (pair[0] == variable) {
+                    return pair[1];
+                }
+            }
+            return false;
         }
-        return false
-    }
 
-    function testAPI() {
-        const userProvidedToken = $("#a_t").val()
-        if (!userProvidedToken) {
-            $("#a_t").attr("placeholder", "You must supply an access token here!")
-            $("#a_t").css("border", "2px solid yellow")
-            return false
+        function getURLHash(variable) {
+            let query = document.location.hash;
+            query = query.substr(1);
+            const vars = query.split("&");
+            for (let i = 0; i < vars.length; i++) {
+                const pair = vars[i].split("=");
+                if (pair[0] == variable) {
+                    return pair[1];
+                }
+            }
+            return false;
         }
 
-        $("#a_t").css("border", "none")
-        const statusElem = $("#rerumStatus")
-        statusElem.html("WORKING...")
+        $('#show-checks').click(function() {
+            $('#checks-container').slideToggle();
+        });
 
-        fetch('/client/verify', {
-                headers: {
-                    Authorization: `Bearer ${userProvidedToken}`
-                }
-            })
-            .then(res => {
-                if (!res.ok) { throw Error("Catch me!") }
-                statusElem.html("AUTHORIZED")
-                $("#test_api").show()
-            })
-            .catch(err => {
-                statusElem.html("UNAUTHORIZED. Refresh your access token and try again. If you still have trouble, <a class='linkOut' href=''>contact us at RERUM</a>.")
-                $("#a_t").css("border", "2px solid red")
-            })
-    }
+        $(document).ready(function() {
+            const myURL = document.location.href;
+            const authCode = getURLVariable("code");
+            const errorCode = getURLVariable("error");
+            const login = getURLVariable("login");
+
+            if (login === "true") {
+                alert("Successfully logged in!");
+            }
+
+            if (authCode) {
+                $('#code_for_refresh_token').val(authCode);
+                $('#authorizationStatus').html("AUTHORIZED: Auth0 code found. You are registered. Use the button below to get a new refresh token.");
+                $('#checks-container').slideDown();
+                $('#panel-checks').hide();
+                alert("Registration successful!");
+            } else if (errorCode) {
+                $('#authorizationStatus').html(`Authentication Error: ${errorCode.replace(/_/g, ' ')}`);
+                $('#checks-container').slideDown();
+                $('#panel-checks').hide();
+            }
+        });
+
+        $("#register").click(ev => {
+            fetch('/client/register')
+                .then(res => res.text())
+                .then(url => location.href = url)
+                .catch(err => alert("Error: Could not connect to the registration service."));
+        });
+
+        $("#check_status").click(ev => {
+            fetch('/client/register')
+                .then(res => res.text())
+                .then(url => location.href = url)
+                .catch(err => alert("Error: Could not connect to the authentication service."));
+        });
+
+        $("#request_token").click(function() {
+            const refreshToken = $("#r_t_4_a_t").val();
+            if (!refreshToken) {
+                alert("You must provide a refresh token.");
+                return;
+            }
+            fetch('/client/request-new-access-token', {
+                    method: 'post',
+                    headers: {
+                        "Content-Type": "application/json; charset=utf-8"
+                    },
+                    body: JSON.stringify({
+                        refresh_token: refreshToken
+                    })
+                })
+                .then(resp => {
+                    if (!resp.ok) {
+                        throw new Error("Invalid refresh token.");
+                    }
+                    return resp.json();
+                })
+                .then(token => {
+                    $("#a_t").val(token.access_token);
+
+                    // Calculate expiration (30 days from now)
+                    const expirationDate = new Date();
+                    expirationDate.setDate(expirationDate.getDate() + 30);
+                    const expString = expirationDate.toLocaleString();
+
+                    // Update expiration displays
+                    $("#refreshAccessExp").html(expString);
+                    $("#testAccessExp").html(expString);
+
+                    $("#natStatus").html("SUCCESS");
+                    alert("The old access token has been invalidated. A new one is now active.");
+                })
+                .catch(err => {
+                    $("#natStatus").html("FAILED. " + err.message);
+                });
+        });
+
+        let firstRefreshShown = false;
+        $("#refresh_token").click(function() {
+            if (!confirm("Requesting a new refresh token invalidates the old one. Do you want to continue?")) {
+                return; // cancel the request if user clicks "Cancel"
+            }
+
+            const authCode = $("#code_for_refresh_token").val();
+            if (!authCode) {
+                alert("You must provide an authorization code.");
+                return;
+            }
+            fetch('/client/request-new-refresh-token', {
+                    method: 'post',
+                    headers: {
+                        "Content-Type": "application/json; charset=utf-8"
+                    },
+                    body: JSON.stringify({
+                        authorization_code: authCode
+                    })
+                })
+                .then(resp => {
+                    if (!resp.ok) {
+                        throw new Error("Invalid authorization code.");
+                    }
+                    return resp.json();
+                })
+                .then(token => {
+                    $("#new_refresh_token").val(token.refresh_token);
+
+                    // Fill access tokens in both places
+                    $("#a_t").val(token.access_token);
+
+                    // Calculate expiration (30 days from now)
+                    const expirationDate = new Date();
+                    expirationDate.setDate(expirationDate.getDate() + 30);
+                    const expString = expirationDate.toLocaleString();
+
+                    // Update expiration displays
+                    $("#refreshAccessExp").html(expString);
+                    $("#testAccessExp").html(expString);
+
+                    $("#nrtStatus").html("SUCCESS");
+                    if (!firstRefreshShown) {
+                        alert("Your new Refresh Token replaces the old one. Keep it safe! A new Access Token has also been issued.");
+                        firstRefreshShown = true;
+                    }
+                })
+                .catch(err => {
+                    $("#nrtStatus").html("FAILED. " + err.message);
+                });
+        });
+
+        $("#download_token").click(function(){ // This function downloads the access and refresh tokens to a .txt file
+            const link = document.createElement("a")
+            const AccessTokenDownload = $("#AccessTokenDisplay").val() 
+            const RefreshTokenDownload = $("#RefreshTokenDisplay").val()
+            const content = ["Access Token: " + AccessTokenDownload + "\nRefresh Token: " + RefreshTokenDownload]
+            const blob = new Blob([content], { type: 'text/plain;charset=utf-8' });
+            link.href = URL.createObjectURL(blob);
+            link.download = "Tokens.txt";
+            link.click();
+            URL.revokeObjectURL(link.href);
+        })
+
+        function testAPI() {
+            const userProvidedToken = $("#a_t").val();
+            if (!userProvidedToken) {
+                alert("You must provide an access token to test.");
+                return;
+            }
+            fetch('/client/verify', {
+                    headers: {
+                        Authorization: `Bearer ${userProvidedToken}`
+                    }
+                })
+                .then(res => {
+                    if (!res.ok) {
+                        throw new Error("Unauthorized");
+                    }
+                    $("#rerumStatus").html("AUTHORIZED");
+                })
+                .catch(() => {
+                    $("#rerumStatus").html("UNAUTHORIZED. Refresh your access token and try again.");
+                });
+        }
     </script>
 </body>
 

From fcaa8f373723348e6773e85f6558f838e1d3559b Mon Sep 17 00:00:00 2001
From: LuisPalmejar21 <luis.palmejar@slu.edu>
Date: Tue, 16 Sep 2025 14:15:34 -0500
Subject: [PATCH 08/13] Made changes to satisfy the requirements according to
 https://github.com/oss-slu/rerum_server_nodejs/issues/3.

---
 public/index.html | 79 +++++++++++++++++++++++++++++++----------------
 1 file changed, 52 insertions(+), 27 deletions(-)

diff --git a/public/index.html b/public/index.html
index 1ae20393..35d7ab95 100644
--- a/public/index.html
+++ b/public/index.html
@@ -281,31 +281,54 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
     </div>
 
     <script type="text/javascript">
-        function NewRefreshToken(){ // This function generates a new refresh token, needed to generate an access token respectively.
-       const authorization_code = $("#code_for_refresh_token").val()
-       fetch('/client/request-new-refresh-token', {
-        
-                method: 'post',
-                headers: {
-                    "Content-Type": "application/json; charset=utf-8"
-                },
-                body: JSON.stringify({ authorization_code })
-            }).then(resp => {
-                const statusElem = $("#nrtStatus")
-                if (resp.status < 300) {
-                    return resp.json()
-                } else {
-                    $("#code_for_refresh_token").css("border", "2px solid red")
-                    return Promise.reject("Invalid authorization code.")
-                }
-            })
-            .then(token => {
-                $("#new_refresh_token").val(token.refresh_token)
-                $("#a_t").val(token.access_token)
-                
-                $("#RefreshTokenDisplay").val(token.refresh_token)
-                $("#AccessTokenDisplay").val(token.access_token)
-            })  
+        function GenerateTokens(){ // This function generates access and refresh tokens after a user registers.
+        const authCode = $("#code_for_refresh_token").val();
+            if (!authCode) {
+                alert("You must provide an authorization code.");
+                return;
+            }
+            fetch('/client/request-new-refresh-token', {
+                    method: 'post',
+                    headers: {
+                        "Content-Type": "application/json; charset=utf-8"
+                    },
+                    body: JSON.stringify({
+                        authorization_code: authCode
+                    })
+                })
+                .then(resp => {
+                    if (!resp.ok) {
+                        throw new Error("Invalid authorization code.");
+                    }
+                    return resp.json();
+                })
+                .then(token => {
+                    $("#new_refresh_token").val(token.refresh_token);
+
+                    // Fill access tokens in both places
+                    $("#a_t").val(token.access_token);
+
+                    // Calculate expiration (30 days from now)
+                    const expirationDate = new Date();
+                    expirationDate.setDate(expirationDate.getDate() + 30);
+                    const expString = expirationDate.toLocaleString();
+
+                    // Update expiration displays
+                    $("#refreshAccessExp").html(expString);
+                    $("#testAccessExp").html(expString);
+
+                    $("#RefreshTokenDisplay").val(token.refresh_token)
+                    $("#AccessTokenDisplay").val(token.access_token)
+
+                    $("#nrtStatus").html("SUCCESS");
+                    if (!firstRefreshShown) {
+                        alert("Your new Refresh Token replaces the old one. Keep it safe! A new Access Token has also been issued.");
+                        firstRefreshShown = true;
+                    }
+                })
+                .catch(err => {
+                    $("#nrtStatus").html("FAILED. " + err.message);
+                }); 
     }
 
         function getURLVariable(variable) {
@@ -334,8 +357,8 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
         }
 
         $('#show-checks').click(function() {
-            $('#checks-container').slideToggle();
-        });
+        $('#checks-container').slideToggle();
+    });
 
         $(document).ready(function() {
             const myURL = document.location.href;
@@ -353,6 +376,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 $('#checks-container').slideDown();
                 $('#panel-checks').hide();
                 alert("Registration successful!");
+                GenerateTokens()
             } else if (errorCode) {
                 $('#authorizationStatus').html(`Authentication Error: ${errorCode.replace(/_/g, ' ')}`);
                 $('#checks-container').slideDown();
@@ -365,6 +389,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 .then(res => res.text())
                 .then(url => location.href = url)
                 .catch(err => alert("Error: Could not connect to the registration service."));
+                
         });
 
         $("#check_status").click(ev => {

From dbc95512516b53497c461f8791443575983375a8 Mon Sep 17 00:00:00 2001
From: unknown <joel.aikkarakudiyiljoby@slu.edu>
Date: Fri, 19 Sep 2025 01:54:01 -0500
Subject: [PATCH 09/13] Issue #9 and #5 changes

---
 public/index.html | 99 ++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 94 insertions(+), 5 deletions(-)

diff --git a/public/index.html b/public/index.html
index 1300363e..4cfca98f 100644
--- a/public/index.html
+++ b/public/index.html
@@ -150,6 +150,19 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 <div class="panel-body">
                     <p>
                         If you are already registered and need to manage your tokens or check your status, click the button below.
+                        When you click <strong>Checks</strong>, several panels will appear to help you manage authentication:
+                    </p>
+                    <ul>
+                        <li><strong>Tokens</strong> — Displays your most recent Access Token and Refresh Token.</li>
+                        <li><strong>Auth0 Authorization Status</strong> — Shows whether you are currently recognized by Auth0.</li>
+                        <li><strong>Get A New Refresh Token</strong> — Lets you exchange an Auth0 Authorization Code for a brand new Refresh Token. ⚠️ This invalidates your old Refresh Token.</li>
+                        <li><strong>Access Token</strong> — Displays the Access Token generated alongside your Refresh Token and shows its expiration date.</li>
+                        <li><strong>Get A New Access Token</strong> — Allows you to generate a new Access Token using your Refresh Token.</li>
+                        <li><strong>Verify Any Token</strong> — Paste in any Access Token to check whether it is still valid.</li>
+                        <li><strong>Test RERUM API Access</strong> — Uses your Access Token to test if you can reach the RERUM API successfully.</li>
+                    </ul>
+                    <p>
+                        Use these tools to keep your tokens up to date and verify access to the RERUM services.
                     </p>
                 </div>
                 <div class="panel-footer">
@@ -256,6 +269,24 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
             </div>
         </div>
+        <div class='panel panel-info' name="block" id="verify-any-token-panel">
+            <div class="panel-heading"> 
+                <span class="panel-title">Verify Any Token</span> 
+            </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                Paste any access token here to check if it is still valid.
+                </p>
+                <textarea class="form-control" id="any_token_input" placeholder="Your token goes here."></textarea>
+                    <div>
+                        <span class="status_header"> Token Status </span>
+                        <kbd class="rerumStatus" id="anyTokenStatus">UNKNOWN</kbd>
+                    </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="verify_any_token" value="Verify Token" />
+            </div>
+        </div>
         <div class='panel panel-info' name="block" id="test-api-panel">
             <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
             <div class="panel-body">
@@ -356,28 +387,55 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
         });
 
         $(document).ready(function() {
-            const myURL = document.location.href;
             const authCode = getURLVariable("code");
             const errorCode = getURLVariable("error");
             const login = getURLVariable("login");
 
+            // Successful login flow (explicit flag)
             if (login === "true") {
-                alert("Successfully logged in!");
+                alert("Login successful — your auth token has been generated.");
+                $('#checks-container').slideDown();
+                $('#panel-checks').hide();
+                clearQueryParams();
+                return;
             }
 
+            // Registration or login based on history
             if (authCode) {
                 $('#code_for_refresh_token').val(authCode);
                 $('#authorizationStatus').html("AUTHORIZED: Auth0 code found. You are registered. Use the button below to get a new refresh token.");
                 $('#checks-container').slideDown();
                 $('#panel-checks').hide();
-                alert("Registration successful!");
-                GenerateTokens()
-            } else if (errorCode) {
+
+                if (!localStorage.getItem("hasRegistered")) {
+                    // First time seeing a code → registration
+                    alert("Registration successful — login through Auth0 authorization to receive your auth token.");
+                    localStorage.setItem("hasRegistered", "true");
+                } else {
+                    // Already registered → treat this as login
+                    alert("Login successful — your auth token has been generated.");
+                }
+                clearQueryParams();
+                return;
+            }
+
+            // Error flow
+            if (errorCode) {
                 $('#authorizationStatus').html(`Authentication Error: ${errorCode.replace(/_/g, ' ')}`);
                 $('#checks-container').slideDown();
                 $('#panel-checks').hide();
+                alert(`Authentication Error: ${errorCode.replace(/_/g, ' ')}`);
+                clearQueryParams();
             }
         });
+
+        // Helper to remove query params from URL after handling
+        function clearQueryParams() {
+            if (window.history.replaceState) {
+                const cleanUrl = window.location.protocol + "//" + window.location.host + window.location.pathname;
+                window.history.replaceState({}, document.title, cleanUrl);
+            }
+        }
         
         $("#register").click(ev => {
             fetch('/client/register')
@@ -493,6 +551,37 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             URL.revokeObjectURL(link.href);
         })
 
+        // Verify any token (access only for now)
+        $("#verify_any_token").click(function() {
+            const token = $("#any_token_input").val().trim();
+            if (!token) {
+                alert("Please paste a token.");
+                return;
+            }
+
+            // Simple malformed check (JWT should have 3 parts)
+            if (token.split(".").length !== 3) {
+                $("#anyTokenStatus").html("❌ Malformed token.");
+                return;
+            }
+
+            fetch('/client/verify', {
+                headers: {
+                Authorization: `Bearer ${token}`
+                }
+            })
+            .then(res => {
+                if (!res.ok) {
+                throw new Error("Unauthorized");
+                }
+                // If the server says OK, then ✅ valid
+                $("#anyTokenStatus").html("✅ Token is valid");
+            })
+            .catch(() => {
+                $("#anyTokenStatus").html("❌ Token expired or invalid.");
+            });
+        });
+
         function testAPI() {
             const userProvidedToken = $("#a_t").val();
             if (!userProvidedToken) {

From f43aba795576f949a5ba3ade7e22c3a58f9efc16 Mon Sep 17 00:00:00 2001
From: unknown <joel.aikkarakudiyiljoby@slu.edu>
Date: Fri, 19 Sep 2025 09:37:49 -0500
Subject: [PATCH 10/13] Fixing display bugs

---
 public/index.html | 35 +++++++++++++++++++----------------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/public/index.html b/public/index.html
index 4cfca98f..649a1b74 100644
--- a/public/index.html
+++ b/public/index.html
@@ -173,6 +173,22 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
     </div>
 
     <div id="checks-container" style="display: none;">
+        <div class='panel panel-info' name="block" id="auth-status-panel">
+            <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                    If you believe you are already registered and want to check on your status, follow the prompts below.
+                    You will be routed to Auth0 so we can verify who you are.
+                </p>
+                <div>
+                    <span class="status_header"> Auth0 Status </span>
+                    <kbd class="rerumStatus" id="authorizationStatus">UNKNOWN</kbd>
+                </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="check_status" value="Check my Authorization Status With Auth0" />
+            </div>
+        </div>
         <div class='panel panel-info' name="block" id="token-display-panel">
             <div class="panel-heading"> <span class="panel-title">Tokens</span>
             </div>
@@ -198,22 +214,6 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 <input class='btn btn-primary btn-large' type="button" id="download_token" value="Download Tokens" />
             </div>
         </div>
-        <div class='panel panel-info' name="block" id="auth-status-panel">
-            <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
-            <div class="panel-body">
-                <p class="handHoldy">
-                    If you believe you are already registered and want to check on your status, follow the prompts below.
-                    You will be routed to Auth0 so we can verify who you are.
-                </p>
-                <div>
-                    <span class="status_header"> Auth0 Status </span>
-                    <kbd class="rerumStatus" id="authorizationStatus">UNKNOWN</kbd>
-                </div>
-            </div>
-            <div class="panel-footer">
-                <input class='btn btn-primary btn-large' type="button" id="check_status" value="Check my Authorization Status With Auth0" />
-            </div>
-        </div>
         <div class='panel panel-info' name="block" id="refresh-token-panel">
             <div class="panel-heading"> <span class="panel-title">Get A New Refresh Token</span> </div>
             <div class="panel-body">
@@ -481,6 +481,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
 
                     $("#refreshAccessExp").html(expString);
                     $("#testAccessExp").html(expString);
+                    $("#AccessTokenDisplay").val(token.access_token);
 
                     $("#natStatus").html("SUCCESS");
                     alert("The old access token has been invalidated. A new one is now active.");
@@ -527,6 +528,8 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
 
                     $("#refreshAccessExp").html(expString);
                     $("#testAccessExp").html(expString);
+                    $("#RefreshTokenDisplay").val(token.refresh_token);
+                    $("#AccessTokenDisplay").val(token.access_token);
 
                     $("#nrtStatus").html("SUCCESS");
                     if (!firstRefreshShown) {

From b4fc00250f5e13cfe72b767b7969636e6fc27d7d Mon Sep 17 00:00:00 2001
From: unknown <joel.aikkarakudiyiljoby@slu.edu>
Date: Mon, 22 Sep 2025 16:30:13 -0500
Subject: [PATCH 11/13] Removed verfiy section

---
 public/index.html | 49 -----------------------------------------------
 1 file changed, 49 deletions(-)

diff --git a/public/index.html b/public/index.html
index 649a1b74..b822c68c 100644
--- a/public/index.html
+++ b/public/index.html
@@ -269,24 +269,6 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
             </div>
         </div>
-        <div class='panel panel-info' name="block" id="verify-any-token-panel">
-            <div class="panel-heading"> 
-                <span class="panel-title">Verify Any Token</span> 
-            </div>
-            <div class="panel-body">
-                <p class="handHoldy">
-                Paste any access token here to check if it is still valid.
-                </p>
-                <textarea class="form-control" id="any_token_input" placeholder="Your token goes here."></textarea>
-                    <div>
-                        <span class="status_header"> Token Status </span>
-                        <kbd class="rerumStatus" id="anyTokenStatus">UNKNOWN</kbd>
-                    </div>
-            </div>
-            <div class="panel-footer">
-                <input class='btn btn-primary btn-large' type="button" id="verify_any_token" value="Verify Token" />
-            </div>
-        </div>
         <div class='panel panel-info' name="block" id="test-api-panel">
             <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
             <div class="panel-body">
@@ -554,37 +536,6 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             URL.revokeObjectURL(link.href);
         })
 
-        // Verify any token (access only for now)
-        $("#verify_any_token").click(function() {
-            const token = $("#any_token_input").val().trim();
-            if (!token) {
-                alert("Please paste a token.");
-                return;
-            }
-
-            // Simple malformed check (JWT should have 3 parts)
-            if (token.split(".").length !== 3) {
-                $("#anyTokenStatus").html("❌ Malformed token.");
-                return;
-            }
-
-            fetch('/client/verify', {
-                headers: {
-                Authorization: `Bearer ${token}`
-                }
-            })
-            .then(res => {
-                if (!res.ok) {
-                throw new Error("Unauthorized");
-                }
-                // If the server says OK, then ✅ valid
-                $("#anyTokenStatus").html("✅ Token is valid");
-            })
-            .catch(() => {
-                $("#anyTokenStatus").html("❌ Token expired or invalid.");
-            });
-        });
-
         function testAPI() {
             const userProvidedToken = $("#a_t").val();
             if (!userProvidedToken) {

From eaa4f7320f1d29c778230dbc6e5efe0eeef57ae7 Mon Sep 17 00:00:00 2001
From: unknown <joel.aikkarakudiyiljoby@slu.edu>
Date: Mon, 22 Sep 2025 16:33:41 -0500
Subject: [PATCH 12/13] Minor change

---
 public/index.html | 1 -
 1 file changed, 1 deletion(-)

diff --git a/public/index.html b/public/index.html
index b822c68c..bea54f9a 100644
--- a/public/index.html
+++ b/public/index.html
@@ -158,7 +158,6 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                         <li><strong>Get A New Refresh Token</strong> — Lets you exchange an Auth0 Authorization Code for a brand new Refresh Token. ⚠️ This invalidates your old Refresh Token.</li>
                         <li><strong>Access Token</strong> — Displays the Access Token generated alongside your Refresh Token and shows its expiration date.</li>
                         <li><strong>Get A New Access Token</strong> — Allows you to generate a new Access Token using your Refresh Token.</li>
-                        <li><strong>Verify Any Token</strong> — Paste in any Access Token to check whether it is still valid.</li>
                         <li><strong>Test RERUM API Access</strong> — Uses your Access Token to test if you can reach the RERUM API successfully.</li>
                     </ul>
                     <p>

From a9d2f5ab548274e3995add977e694fe2a62778d0 Mon Sep 17 00:00:00 2001
From: LuisPalmejar21 <luis.palmejar@slu.edu>
Date: Mon, 22 Sep 2025 17:01:36 -0500
Subject: [PATCH 13/13] Implemented the Copy tokens button. Deleted the token
 display section which had the download and copy buttons. The download and
 copy buttons are added in "Get a New Refresh Token" and "Access Token".

---
 public/index.html | 300 +++++++++++++++++++++++++++++++---------------
 1 file changed, 202 insertions(+), 98 deletions(-)

diff --git a/public/index.html b/public/index.html
index 35d7ab95..8aea6ac8 100644
--- a/public/index.html
+++ b/public/index.html
@@ -38,10 +38,15 @@
             font-family: serif;
             font-size: 14pt;
         }
-
+        
         .column {
             float: left;
-            width: 50%;
+            width: 33%;
+        }
+
+        .column2 {
+            float: right;
+            width: 9%;
         }
         
         h1 {
@@ -150,6 +155,19 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 <div class="panel-body">
                     <p>
                         If you are already registered and need to manage your tokens or check your status, click the button below.
+                        When you click <strong>Checks</strong>, several panels will appear to help you manage authentication:
+                    </p>
+                    <ul>
+                        <li><strong>Tokens</strong> — Displays your most recent Access Token and Refresh Token.</li>
+                        <li><strong>Auth0 Authorization Status</strong> — Shows whether you are currently recognized by Auth0.</li>
+                        <li><strong>Get A New Refresh Token</strong> — Lets you exchange an Auth0 Authorization Code for a brand new Refresh Token. ⚠️ This invalidates your old Refresh Token.</li>
+                        <li><strong>Access Token</strong> — Displays the Access Token generated alongside your Refresh Token and shows its expiration date.</li>
+                        <li><strong>Get A New Access Token</strong> — Allows you to generate a new Access Token using your Refresh Token.</li>
+                        <li><strong>Verify Any Token</strong> — Paste in any Access Token to check whether it is still valid.</li>
+                        <li><strong>Test RERUM API Access</strong> — Uses your Access Token to test if you can reach the RERUM API successfully.</li>
+                    </ul>
+                    <p>
+                        Use these tools to keep your tokens up to date and verify access to the RERUM services.
                     </p>
                 </div>
                 <div class="panel-footer">
@@ -160,32 +178,6 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
     </div>
 
     <div id="checks-container" style="display: none;">
-        <div class='panel panel-info' name="block" id="token-display-panel"> <!-- Token Displays -->     
-            <div class="panel-heading"> <span class="panel-title">Tokens</span> 
-            </div>
-            <div class="panel-body">
-                <div class = "column"> <!-- Access Token Column -->                 
-                            <p class="handHoldy">
-                                Access Token: Valid for 30 days. You can refresh anytime.
-                            </p>
-                            <p class="handHoldy">
-                                <textarea readonly class="form-control" id="AccessTokenDisplay" placeholder="Your access token will appear here."></textarea>
-                            </p>                      
-                </div>
-                <div class = "column"> <!-- Refresh Token Column -->  
-                            <p class="handHoldy">
-                                Refresh Token: ⚠️ Most important token. Do not lose it.”
-                            </p>
-                            <p class="handHoldy">
-                                <textarea readonly class="form-control" id="RefreshTokenDisplay" placeholder="Your refresh token will appear here."></textarea>
-                            </p>
-                </div>
-            </div>
-            <div class="panel-footer">
-                        <input class='btn btn-primary btn-large' type="button" id="download_token" value="Download Tokens" />
-            </div>                   
-                
-        </div>
         <div class='panel panel-info' name="block" id="auth-status-panel">
             <div class="panel-heading"> <span class="panel-title">Auth0 Authorization Status</span> </div>
             <div class="panel-body">
@@ -212,9 +204,18 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 Enter your code: <textarea class="form-control" placeholder="Your Auth0 Authorization Code goes here" id="code_for_refresh_token"></textarea>
                 <br>
                 <textarea readonly class="form-control" id="new_refresh_token" placeholder="Your refresh token will appear here."></textarea>
+
                 <div>
+                <div class="column">
                     <span class="status_header"> Status </span>
-                    <kbd class="rerumStatus" id="nrtStatus">UNKNOWN</kbd>
+                        <kbd class="rerumStatus" id="nrtStatus">UNKNOWN</kbd>  
+                </div> 
+                <div class="column2">
+                    <input class='btn btn-primary btn-large' type="button" id="copy_refresh_token" value="Copy" />
+                </div>
+                <div class="column2">
+                    <input class='btn btn-primary btn-large' type="button" id="download_refresh_token" value="Download" />
+                </div> 
                 </div>
             </div>
             <div class="panel-footer">
@@ -222,19 +223,27 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
             </div>
         </div>
         <div class='panel panel-info' name="block" id="access-token-display-panel">
-            <div class="panel-heading"> 
-                <span class="panel-title">Access Token</span> 
+            <div class="panel-heading">
+                <span class="panel-title">Access Token</span>
             </div>
             <div class="panel-body">
                 <p class="handHoldy">
-                    When you generate a new refresh token, an access token is also created. 
+                    When you generate a new refresh token, an access token is also created.
                     It will be displayed here automatically. The access token generated from generating
                     a new access token will also be displayed here
                 </p>
                 <textarea readonly class="form-control" id="a_t" placeholder="Your access token will appear here."></textarea>
                 <div>
-                    <span class="status_header"> Access Token Expiration </span>
-                    <kbd class="rerumStatus" id="refreshAccessExp">UNKNOWN</kbd>
+                    <div class="column">
+                        <span class="status_header"> Access Token Expiration </span>
+                        <kbd class="rerumStatus" id="refreshAccessExp">UNKNOWN</kbd> 
+                    </div>
+                    <div class="column2">
+                        <input class='btn btn-primary btn-large' type="button" id="copy_access_token" value="Copy" />
+                    </div>
+                    <div class="column2">
+                        <input class='btn btn-primary btn-large' type="button" id="download_access_token" value="Download" />
+                    </div> 
                 </div>
             </div>
         </div>
@@ -257,6 +266,24 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 <input class='btn btn-primary btn-large' type="button" id="request_token" value="Get A New Access Token" />
             </div>
         </div>
+        <div class='panel panel-info' name="block" id="verify-any-token-panel">
+            <div class="panel-heading"> 
+                <span class="panel-title">Verify Any Token</span> 
+            </div>
+            <div class="panel-body">
+                <p class="handHoldy">
+                Paste any access token here to check if it is still valid.
+                </p>
+                <textarea class="form-control" id="any_token_input" placeholder="Your token goes here."></textarea>
+                    <div>
+                        <span class="status_header"> Token Status </span>
+                        <kbd class="rerumStatus" id="anyTokenStatus">UNKNOWN</kbd>
+                    </div>
+            </div>
+            <div class="panel-footer">
+                <input class='btn btn-primary btn-large' type="button" id="verify_any_token" value="Verify Token" />
+            </div>
+        </div>
         <div class='panel panel-info' name="block" id="test-api-panel">
             <div class="panel-heading"> <span class="panel-title">Test RERUM API Access</span> </div>
             <div class="panel-body">
@@ -281,55 +308,36 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
     </div>
 
     <script type="text/javascript">
-        function GenerateTokens(){ // This function generates access and refresh tokens after a user registers.
+        /*
+        function CheckAuthorizationStatus(){
         const authCode = $("#code_for_refresh_token").val();
             if (!authCode) {
                 alert("You must provide an authorization code.");
                 return;
             }
             fetch('/client/request-new-refresh-token', {
-                    method: 'post',
-                    headers: {
-                        "Content-Type": "application/json; charset=utf-8"
-                    },
-                    body: JSON.stringify({
-                        authorization_code: authCode
-                    })
+                method: 'post',
+                headers: {
+                    "Content-Type": "application/json; charset=utf-8"
+                },
+                body: JSON.stringify({
+                    authorization_code: authCode
                 })
-                .then(resp => {
-                    if (!resp.ok) {
-                        throw new Error("Invalid authorization code.");
-                    }
-                    return resp.json();
-                })
-                .then(token => {
-                    $("#new_refresh_token").val(token.refresh_token);
-
-                    // Fill access tokens in both places
-                    $("#a_t").val(token.access_token);
-
-                    // Calculate expiration (30 days from now)
-                    const expirationDate = new Date();
-                    expirationDate.setDate(expirationDate.getDate() + 30);
-                    const expString = expirationDate.toLocaleString();
-
-                    // Update expiration displays
-                    $("#refreshAccessExp").html(expString);
-                    $("#testAccessExp").html(expString);
-
-                    $("#RefreshTokenDisplay").val(token.refresh_token)
-                    $("#AccessTokenDisplay").val(token.access_token)
-
-                    $("#nrtStatus").html("SUCCESS");
-                    if (!firstRefreshShown) {
-                        alert("Your new Refresh Token replaces the old one. Keep it safe! A new Access Token has also been issued.");
-                        firstRefreshShown = true;
-                    }
-                })
-                .catch(err => {
-                    $("#nrtStatus").html("FAILED. " + err.message);
-                }); 
-    }
+            })
+            .then(resp => {
+                if (!resp.ok) {
+                    throw new Error("Invalid authorization code.");
+                }
+                return resp.json();
+            })
+            .then(token => {
+                alert("Your Auth0 code is valid! ✅ You are now authorized to use the RERUM API");
+            })
+            .catch(err => {
+                $("#nrtStatus").html("FAILED. " + err.message);
+            });
+        }
+        */
 
         function getURLVariable(variable) {
             const query = window.location.search.substring(1);
@@ -357,39 +365,65 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
         }
 
         $('#show-checks').click(function() {
-        $('#checks-container').slideToggle();
-    });
+            $('#checks-container').slideToggle();
+        });
 
         $(document).ready(function() {
-            const myURL = document.location.href;
             const authCode = getURLVariable("code");
             const errorCode = getURLVariable("error");
             const login = getURLVariable("login");
 
+            // Successful login flow (explicit flag)
             if (login === "true") {
-                alert("Successfully logged in!");
+                alert("Login successful — your auth token has been generated.");
+                $('#checks-container').slideDown();
+                $('#panel-checks').hide();
+                clearQueryParams();
+                return;
             }
 
+            // Registration or login based on history
             if (authCode) {
                 $('#code_for_refresh_token').val(authCode);
-                $('#authorizationStatus').html("AUTHORIZED: Auth0 code found. You are registered. Use the button below to get a new refresh token.");
+                $('#authorizationStatus').html("✅");
                 $('#checks-container').slideDown();
                 $('#panel-checks').hide();
-                alert("Registration successful!");
-                GenerateTokens()
-            } else if (errorCode) {
-                $('#authorizationStatus').html(`Authentication Error: ${errorCode.replace(/_/g, ' ')}`);
+
+                if (!localStorage.getItem("hasRegistered")) {
+                    // First time seeing a code → registration
+                    alert("Registration successful — login through Auth0 authorization to receive your auth token.");
+                    localStorage.setItem("hasRegistered", "true");
+                } else {
+                    // Already registered → treat this as login
+                    alert("Login successful — your auth token has been generated.");
+                }
+                clearQueryParams();
+                return;
+            }
+
+            // Error flow
+            if (errorCode) {
+                $('#authorizationStatus').html("❌");
                 $('#checks-container').slideDown();
                 $('#panel-checks').hide();
+                alert(`Authentication Error: ${errorCode.replace(/_/g, ' ')}`);
+                clearQueryParams();
             }
         });
 
+        // Helper to remove query params from URL after handling
+        function clearQueryParams() {
+            if (window.history.replaceState) {
+                const cleanUrl = window.location.protocol + "//" + window.location.host + window.location.pathname;
+                window.history.replaceState({}, document.title, cleanUrl);
+            }
+        }
+        
         $("#register").click(ev => {
             fetch('/client/register')
                 .then(res => res.text())
                 .then(url => location.href = url)
                 .catch(err => alert("Error: Could not connect to the registration service."));
-                
         });
 
         $("#check_status").click(ev => {
@@ -423,14 +457,13 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 .then(token => {
                     $("#a_t").val(token.access_token);
 
-                    // Calculate expiration (30 days from now)
                     const expirationDate = new Date();
                     expirationDate.setDate(expirationDate.getDate() + 30);
                     const expString = expirationDate.toLocaleString();
 
-                    // Update expiration displays
                     $("#refreshAccessExp").html(expString);
                     $("#testAccessExp").html(expString);
+                    $("#AccessTokenDisplay").val(token.access_token);
 
                     $("#natStatus").html("SUCCESS");
                     alert("The old access token has been invalidated. A new one is now active.");
@@ -443,7 +476,7 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
         let firstRefreshShown = false;
         $("#refresh_token").click(function() {
             if (!confirm("Requesting a new refresh token invalidates the old one. Do you want to continue?")) {
-                return; // cancel the request if user clicks "Cancel"
+                return; 
             }
 
             const authCode = $("#code_for_refresh_token").val();
@@ -469,15 +502,12 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 .then(token => {
                     $("#new_refresh_token").val(token.refresh_token);
 
-                    // Fill access tokens in both places
                     $("#a_t").val(token.access_token);
 
-                    // Calculate expiration (30 days from now)
                     const expirationDate = new Date();
                     expirationDate.setDate(expirationDate.getDate() + 30);
                     const expString = expirationDate.toLocaleString();
 
-                    // Update expiration displays
                     $("#refreshAccessExp").html(expString);
                     $("#testAccessExp").html(expString);
 
@@ -492,18 +522,83 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
                 });
         });
 
-        $("#download_token").click(function(){ // This function downloads the access and refresh tokens to a .txt file
+        $("#download_access_token").click(function(){
+            const link = document.createElement("a")
+            const AccessTokenDownload = $("#a_t").val()
+            const content = [AccessTokenDownload]
+            const blob = new Blob([content], { type: 'text/plain;charset=utf-8' });
+            link.href = URL.createObjectURL(blob);
+            link.download = "AccessToken.txt";
+            link.click();
+            URL.revokeObjectURL(link.href);
+        })
+
+        $("#download_refresh_token").click(function(){
             const link = document.createElement("a")
-            const AccessTokenDownload = $("#AccessTokenDisplay").val() 
-            const RefreshTokenDownload = $("#RefreshTokenDisplay").val()
-            const content = ["Access Token: " + AccessTokenDownload + "\nRefresh Token: " + RefreshTokenDownload]
+            const RefreshTokenDownload = $("#new_refresh_token").val()
+            const content = [RefreshTokenDownload]
             const blob = new Blob([content], { type: 'text/plain;charset=utf-8' });
             link.href = URL.createObjectURL(blob);
-            link.download = "Tokens.txt";
+            link.download = "RefreshToken.txt";
             link.click();
             URL.revokeObjectURL(link.href);
         })
 
+        $("#copy_access_token").click(async function(){ 
+            
+            const copyText = $("#a_t").val()
+            try {
+                await navigator.clipboard.writeText(copyText);
+                alert("Copied the text: " + copyText);
+            } catch (err) {
+                console.error('Failed to copy: ', err);
+                alert('Failed to copy text.');
+            }
+        });
+
+        $("#copy_refresh_token").click(async function(){ 
+            
+            const copyText = $("#new_refresh_token").val()
+            try {
+                await navigator.clipboard.writeText(copyText);
+                alert("Copied the text: " + copyText);
+            } catch (err) {
+                console.error('Failed to copy: ', err);
+                alert('Failed to copy text.');
+            }
+        });
+
+        // Verify any token (access only for now)
+        $("#verify_any_token").click(function() {
+            const token = $("#any_token_input").val().trim();
+            if (!token) {
+                alert("Please paste a token.");
+                return;
+            }
+
+            // Simple malformed check (JWT should have 3 parts)
+            if (token.split(".").length !== 3) {
+                $("#anyTokenStatus").html("❌ Malformed token.");
+                return;
+            }
+
+            fetch('/client/verify', {
+                headers: {
+                Authorization: `Bearer ${token}`
+                }
+            })
+            .then(res => {
+                if (!res.ok) {
+                throw new Error("Unauthorized");
+                }
+                // If the server says OK, then ✅ valid
+                $("#anyTokenStatus").html("✅ Token is valid");
+            })
+            .catch(() => {
+                $("#anyTokenStatus").html("❌ Token expired or invalid.");
+            });
+        });
+
         function testAPI() {
             const userProvidedToken = $("#a_t").val();
             if (!userProvidedToken) {
@@ -528,4 +623,13 @@ <h1 onclick="window.location='https://rerum.io'" target="_blank" class="navbar-b
     </script>
 </body>
 
-</html>
\ No newline at end of file
+</html>
+
+
+        
+   
+
+
+
+
+