Merge pull request #162 from simonredfern/develop

Debug pages say if env vars are set.

Author: simonredfern

server/routes/status.ts

@@ -30,6 +30,7 @@ import type { Request, Response } from 'express'
 import { Container } from 'typedi'
 import OBPClientService from '../services/OBPClientService.js'
 import { OAuth2ProviderManager } from '../services/OAuth2ProviderManager.js'
+import { OAuth2ProviderFactory } from '../services/OAuth2ProviderFactory.js'
 import { commitId } from '../app.js'
 import {
   RESOURCE_DOCS_API_VERSION,
@@ -42,6 +43,42 @@ const router = Router()
 // Get services from container
 const obpClientService = Container.get(OBPClientService)
 const providerManager = Container.get(OAuth2ProviderManager)
+const providerFactory = Container.get(OAuth2ProviderFactory)
+
+/**
+ * Map provider name to the expected environment variable names
+ */
+function getProviderEnvVarNames(providerName: string): { clientId: string; clientSecret: string } {
+  const mapping: Record<string, { clientId: string; clientSecret: string }> = {
+    'obp-oidc': {
+      clientId: 'VITE_OBP_OIDC_CLIENT_ID',
+      clientSecret: 'VITE_OBP_OIDC_CLIENT_SECRET'
+    },
+    'keycloak': {
+      clientId: 'VITE_KEYCLOAK_CLIENT_ID',
+      clientSecret: 'VITE_KEYCLOAK_CLIENT_SECRET'
+    },
+    'google': {
+      clientId: 'VITE_GOOGLE_CLIENT_ID',
+      clientSecret: 'VITE_GOOGLE_CLIENT_SECRET'
+    },
+    'github': {
+      clientId: 'VITE_GITHUB_CLIENT_ID',
+      clientSecret: 'VITE_GITHUB_CLIENT_SECRET'
+    }
+  }
+
+  if (mapping[providerName]) {
+    return mapping[providerName]
+  }
+
+  // Generic fallback for custom/unknown providers
+  const upperName = providerName.toUpperCase().replace(/-/g, '_')
+  return {
+    clientId: `VITE_${upperName}_CLIENT_ID`,
+    clientSecret: `VITE_${upperName}_CLIENT_SECRET`
+  }
+}
 
 const connectors = [
   'akka_vDec2018',
@@ -199,14 +236,25 @@ router.get('/status/providers', (req: Request, res: Response) => {
       }
     }
 
+    // Get factory-configured strategies (env vars loaded) vs discovered providers
+    const configuredStrategies = providerFactory.getConfiguredProviders()
+
+    // Build per-provider explorer readiness
+    const explorerReadiness = allProviderStatus.map((status) => ({
+      ...status,
+      explorerCredentialsConfigured: providerFactory.hasStrategy(status.name),
+      explorerEnvVars: getProviderEnvVarNames(status.name)
+    }))
+
     res.json({
       summary: {
         totalConfigured: availableProviders.length,
         availableProviders: availableProviders,
         obpApiHost: process.env.VITE_OBP_API_HOST || 'not configured',
-        sharedRedirectUrl: sharedRedirectUrl
+        sharedRedirectUrl: sharedRedirectUrl,
+        explorerConfiguredStrategies: configuredStrategies
       },
-      providerStatus: allProviderStatus,
+      providerStatus: explorerReadiness,
       environmentConfig: envConfig,
       note: 'Credentials are masked for security. Format: first2...last2'
     })
@@ -295,6 +343,8 @@ router.get('/status/oidc-debug', async (req: Request, res: Response) => {
         providerName: provider.provider,
         wellKnownUrl: provider.url,
         success: false,
+        explorerCredentialsConfigured: providerFactory.hasStrategy(provider.provider),
+        explorerEnvVars: getProviderEnvVarNames(provider.provider),
         oidcConfiguration: null as any,
         error: null as string | null,
         endpoints: {
@@ -398,6 +448,8 @@ router.get('/status/oidc-debug', async (req: Request, res: Response) => {
     }
 
     // Compile summary
+    const explorerConfiguredStrategies = providerFactory.getConfiguredProviders()
+
     const summary = {
       timestamp: new Date().toISOString(),
       obpApiReachable: step1.success,
@@ -407,7 +459,8 @@ router.get('/status/oidc-debug', async (req: Request, res: Response) => {
       currentlyAvailable: availableProviders.length,
       configuredInEnvironment: Object.values(envConfig).filter(
         (c) => typeof c === 'object' && 'configured' in c && c.configured
-      ).length
+      ).length,
+      explorerConfiguredStrategies
     }
 
     res.json({

src/views/OIDCDebugView.vue

@@ -97,9 +97,14 @@
             >
               <div class="provider-header">
                 <h3>{{ provider.providerName }}</h3>
-                <el-tag :type="provider.success ? 'success' : 'danger'" size="small">
-                  {{ provider.success ? 'Success' : 'Failed' }}
-                </el-tag>
+                <div class="provider-tags">
+                  <el-tag :type="provider.success ? 'success' : 'danger'" size="small">
+                    OIDC: {{ provider.success ? 'Reachable' : 'Failed' }}
+                  </el-tag>
+                  <el-tag :type="provider.explorerCredentialsConfigured ? 'success' : 'warning'" size="small">
+                    Explorer: {{ provider.explorerCredentialsConfigured ? 'Configured' : 'No Credentials' }}
+                  </el-tag>
+                </div>
               </div>
 
               <div class="provider-details">
@@ -118,6 +123,11 @@
                   </div>
                 </div>
 
+                <div v-if="provider.success && !provider.explorerCredentialsConfigured" class="warning-message">
+                  <strong>Warning:</strong> OIDC provider is reachable, but API Explorer has no credentials configured for '{{ provider.providerName }}'.
+                  Login via this provider will not work until <code>{{ provider.explorerEnvVars?.clientId }}</code> and <code>{{ provider.explorerEnvVars?.clientSecret }}</code> are set in your .env file.
+                </div>
+
                 <div v-if="provider.error" class="error-message">
                   <strong>Error:</strong> {{ provider.error }}
                 </div>
@@ -181,6 +191,8 @@ interface DebugInfo {
         jwks: string | null
       }
       issuer: string | null
+      explorerCredentialsConfigured?: boolean
+      explorerEnvVars?: { clientId: string; clientSecret: string }
     }>
   }
 }
@@ -383,6 +395,11 @@ h1 {
   word-break: break-all;
 }
 
+.provider-tags {
+  display: flex;
+  gap: 8px;
+}
+
 .error-message {
   padding: 10px;
   background: #fef0f0;
@@ -392,6 +409,15 @@ h1 {
   font-size: 14px;
 }
 
+.warning-message {
+  padding: 10px;
+  background: #fdf6ec;
+  border-left: 4px solid #e6a23c;
+  border-radius: 4px;
+  color: #e6a23c;
+  font-size: 14px;
+}
+
 .endpoints-section {
   display: flex;
   flex-direction: column;

src/views/ProvidersStatusView.vue

@@ -76,6 +76,10 @@
             <label>OBP API Host:</label>
             <span class="value">{{ status.summary.obpApiHost }}</span>
           </div>
+          <div class="summary-item">
+            <label>API Explorer Configured Strategies:</label>
+            <span class="value">{{ (status.summary.explorerConfiguredStrategies || []).join(', ') || 'None' }}</span>
+          </div>
         </div>
       </el-card>
 
@@ -91,7 +95,7 @@
           v-for="provider in status.providerStatus"
           :key="provider.name"
           class="provider-card"
-          :class="{ 'provider-healthy': provider.available, 'provider-unhealthy': !provider.available }"
+          :class="{ 'provider-healthy': provider.available && provider.explorerCredentialsConfigured, 'provider-unhealthy': !provider.available || !provider.explorerCredentialsConfigured }"
           shadow="hover"
         >
           <template #header>
@@ -108,16 +112,43 @@
               <span>{{ provider.name }}</span>
             </div>
             <div class="provider-detail">
-              <label>Status:</label>
+              <label>OIDC Provider Reachable:</label>
               <span :class="provider.available ? 'status-ok' : 'status-error'">
-                {{ provider.available ? 'Available' : 'Unavailable' }}
+                {{ provider.available ? 'Yes' : 'No' }}
+              </span>
+            </div>
+            <div class="provider-detail">
+              <label>API Explorer Credentials:</label>
+              <span :class="provider.explorerCredentialsConfigured ? 'status-ok' : 'status-error'">
+                {{ provider.explorerCredentialsConfigured ? 'Configured' : 'Missing' }}
               </span>
             </div>
             <div class="provider-detail">
               <label>Last Checked:</label>
               <span>{{ formatDate(provider.lastChecked) }}</span>
             </div>
 
+            <!-- Warning if provider is reachable but Explorer has no credentials -->
+            <div v-if="provider.available && !provider.explorerCredentialsConfigured" class="error-section">
+              <div class="error-header">
+                <el-icon class="error-icon"><WarningFilled /></el-icon>
+                <span class="error-category">Configuration Error</span>
+              </div>
+              <div class="error-message">
+                <strong>Warning:</strong> This OIDC provider is reachable, but API Explorer does not have credentials configured for it. Login will not work.
+              </div>
+              <div class="troubleshooting-hints">
+                <div class="hint-title">
+                  <el-icon><InfoFilled /></el-icon>
+                  <strong>Fix:</strong>
+                </div>
+                <ul class="hint-list">
+                  <li>Set <code>{{ provider.explorerEnvVars?.clientId }}</code> and <code>{{ provider.explorerEnvVars?.clientSecret }}</code> in your .env file</li>
+                  <li>Restart the API Explorer server after updating .env</li>
+                </ul>
+              </div>
+            </div>
+
             <!-- Enhanced Error Display -->
             <div v-if="provider.error" class="error-section">
               <div class="error-header">
@@ -206,6 +237,8 @@ interface ProviderStatus {
   status: string
   lastChecked: Date
   error?: string
+  explorerCredentialsConfigured?: boolean
+  explorerEnvVars?: { clientId: string; clientSecret: string }
 }
 
 interface EnvConfig {
@@ -219,6 +252,7 @@ interface StatusResponse {
     totalConfigured: number
     availableProviders: string[]
     obpApiHost: string
+    explorerConfiguredStrategies?: string[]
   }
   providerStatus: ProviderStatus[]
   environmentConfig: EnvConfig