tftsr-devops_investigation/src-tauri/src/integrations/mod.rs

pub mod auth;
pub mod azuredevops;
pub mod callback_server;
pub mod confluence;
pub mod servicenow;
pub mod webview_auth;

use serde::{Deserialize, Serialize};

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ConnectionResult {
    pub success: bool,
    pub message: String,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct PublishResult {
    pub url: String,
    pub id: String,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct TicketResult {
    pub id: String,
    pub ticket_number: String,
    pub url: String,
}

/// Authentication method for integration services
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(tag = "method")]
pub enum AuthMethod {
    #[serde(rename = "oauth2")]
    OAuth2 {
        access_token: String,
        expires_at: Option<i64>,
    },
    #[serde(rename = "cookies")]
    Cookies {
        cookies: Vec<webview_auth::Cookie>,
    },
    #[serde(rename = "token")]
    Token {
        token: String,
        token_type: String, // "Bearer", "Basic", etc.
    },
}
feat: initial implementation of TFTSR IT Triage & RCA application Implements Phases 1-8 of the TFTSR implementation plan. Rust backend (Tauri 2.x, src-tauri/): - Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama - PII detection engine: 11 regex patterns with overlap resolution - SQLCipher AES-256 encrypted database with 10 versioned migrations - 28 Tauri IPC commands for triage, analysis, document, and system ops - Ollama: hardware probe, model recommendations, pull/delete with events - RCA and blameless post-mortem Markdown document generators - PDF export via printpdf - Audit log: SHA-256 hash of every external data send - Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2) Frontend (React 18 + TypeScript + Vite, src/): - 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings - 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives - 3 Zustand stores: session, settings (persisted), history - Type-safe tauriCommands.ts matching Rust backend types exactly - 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs) DevOps: - .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push - .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload Verified: - cargo check: zero errors - tsc --noEmit: zero errors - vitest run: 13/13 unit tests passing Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> 2026-03-15 03:36:25 +00:00			`pub mod auth;`
			`pub mod azuredevops;`
feat: implement OAuth2 callback server with automatic token exchange Phase 2.2: OAuth2 flow - Part 3 (Callback server) COMPLETE ✅ Implemented: - Local HTTP server on localhost:8765 using warp * GET /callback?code=...&state=... - OAuth redirect handler * GET /health - Health check endpoint * Graceful shutdown with oneshot channel - Automatic callback handling * Server auto-starts on first initiate_oauth call * Background task listens for OAuth redirects * Automatically exchanges code for token * Stores encrypted token in database * Logs audit event for each successful OAuth - Updated initiate_oauth command * Starts callback server if not running * Stores (service, verifier) tuple in OAuth state * Returns auth URL to open in browser/webview - Updated handle_oauth_callback_internal * Accepts AppState reference (not State) * Called automatically by callback server * Exchanges code, encrypts token, stores in DB - Beautiful success/error HTML pages * Green checkmark on success * Auto-closes window after 3 seconds * Clear error messages on failure - Global state management * OAUTH_STATE: Maps state key -> (service, verifier) * CALLBACK_SERVER_SHUTDOWN: Holds shutdown channel * Thread-safe with Mutex wrappers Dependencies added: - warp 0.3 - Lightweight HTTP framework TDD tests (7 passing with --test-threads=1): Callback server tests: * Health endpoint verification * Callback parameter parsing * Missing/partial parameter handling * Graceful shutdown Integration command tests: * OAuth state storage and retrieval * Multiple key management * OAuthInitResponse serialization COMPLETE OAUTH2 FLOW: 1. User calls initiate_oauth("confluence") 2. Callback server starts (if not running) 3. Frontend receives auth URL 4. User opens URL in browser/webview 5. User authorizes, redirected to localhost:8765/callback?code=... 6. Callback server receives redirect 7. Token exchanged automatically 8. Token encrypted and stored in DB 9. Success page shown to user 10. Window auto-closes Next: Frontend components (AuthWindow, Settings UI, CSP updates) 2026-04-03 19:59:39 +00:00			`pub mod callback_server;`
feat: initial implementation of TFTSR IT Triage & RCA application Implements Phases 1-8 of the TFTSR implementation plan. Rust backend (Tauri 2.x, src-tauri/): - Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama - PII detection engine: 11 regex patterns with overlap resolution - SQLCipher AES-256 encrypted database with 10 versioned migrations - 28 Tauri IPC commands for triage, analysis, document, and system ops - Ollama: hardware probe, model recommendations, pull/delete with events - RCA and blameless post-mortem Markdown document generators - PDF export via printpdf - Audit log: SHA-256 hash of every external data send - Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2) Frontend (React 18 + TypeScript + Vite, src/): - 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings - 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives - 3 Zustand stores: session, settings (persisted), history - Type-safe tauriCommands.ts matching Rust backend types exactly - 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs) DevOps: - .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push - .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload Verified: - cargo check: zero errors - tsc --noEmit: zero errors - vitest run: 13/13 unit tests passing Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> 2026-03-15 03:36:25 +00:00			`pub mod confluence;`
			`pub mod servicenow;`
feat: add multi-mode authentication for integrations (v0.2.10) Implement three authentication methods for Confluence, ServiceNow, and Azure DevOps: 1. OAuth2 - Traditional OAuth flow for enterprise SSO environments 2. Embedded Browser - Webview-based login that captures session cookies/tokens - Solves VPN constraints: users authenticate off-VPN via web UI - Extracted credentials work on-VPN for API calls - Based on confluence-publisher agent pattern 3. Manual Token - Direct API token/PAT input as fallback Changes: - Add webview_auth.rs module for embedded browser authentication - Implement authenticate_with_webview and extract_cookies_from_webview commands - Implement save_manual_token command with validation - Add AuthMethod enum to support all three modes - Add RadioGroup UI component for mode selection - Complete rewrite of Integrations settings page with mode-specific UI - Add secondary button variant for UI consistency VPN-friendly design: Users can authenticate via webview when off-VPN (web UI accessible), then use extracted cookies for API calls when on-VPN (API requires VPN). Addresses enterprise SSO limitations where OAuth app registration is blocked. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> 2026-04-03 22:26:09 +00:00			`pub mod webview_auth;`
feat: initial implementation of TFTSR IT Triage & RCA application Implements Phases 1-8 of the TFTSR implementation plan. Rust backend (Tauri 2.x, src-tauri/): - Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama - PII detection engine: 11 regex patterns with overlap resolution - SQLCipher AES-256 encrypted database with 10 versioned migrations - 28 Tauri IPC commands for triage, analysis, document, and system ops - Ollama: hardware probe, model recommendations, pull/delete with events - RCA and blameless post-mortem Markdown document generators - PDF export via printpdf - Audit log: SHA-256 hash of every external data send - Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2) Frontend (React 18 + TypeScript + Vite, src/): - 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings - 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives - 3 Zustand stores: session, settings (persisted), history - Type-safe tauriCommands.ts matching Rust backend types exactly - 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs) DevOps: - .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push - .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload Verified: - cargo check: zero errors - tsc --noEmit: zero errors - vitest run: 13/13 unit tests passing Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> 2026-03-15 03:36:25 +00:00
			`use serde::{Deserialize, Serialize};`

			`#[derive(Debug, Clone, Serialize, Deserialize)]`
			`pub struct ConnectionResult {`
			`pub success: bool,`
			`pub message: String,`
			`}`

			`#[derive(Debug, Clone, Serialize, Deserialize)]`
			`pub struct PublishResult {`
			`pub url: String,`
			`pub id: String,`
			`}`

			`#[derive(Debug, Clone, Serialize, Deserialize)]`
			`pub struct TicketResult {`
feat: implement Confluence, ServiceNow, and Azure DevOps REST API clients - Confluence: OAuth2 bearer auth, list_spaces, search_pages, publish_page, update_page - ServiceNow: Basic auth, search_incidents, create_incident, get_incident, update_incident - Azure DevOps: OAuth2 bearer auth, search_work_items, create_work_item, get_work_item, update_work_item - Added TicketResult.id field to support both sys_id and ticket_number - All implementations follow TDD with mockito HTTP mocking - 19 tests passing across all three integrations 2026-04-03 20:43:37 +00:00			`pub id: String,`
feat: initial implementation of TFTSR IT Triage & RCA application Implements Phases 1-8 of the TFTSR implementation plan. Rust backend (Tauri 2.x, src-tauri/): - Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama - PII detection engine: 11 regex patterns with overlap resolution - SQLCipher AES-256 encrypted database with 10 versioned migrations - 28 Tauri IPC commands for triage, analysis, document, and system ops - Ollama: hardware probe, model recommendations, pull/delete with events - RCA and blameless post-mortem Markdown document generators - PDF export via printpdf - Audit log: SHA-256 hash of every external data send - Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2) Frontend (React 18 + TypeScript + Vite, src/): - 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings - 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives - 3 Zustand stores: session, settings (persisted), history - Type-safe tauriCommands.ts matching Rust backend types exactly - 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs) DevOps: - .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push - .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload Verified: - cargo check: zero errors - tsc --noEmit: zero errors - vitest run: 13/13 unit tests passing Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> 2026-03-15 03:36:25 +00:00			`pub ticket_number: String,`
			`pub url: String,`
			`}`
feat: add multi-mode authentication for integrations (v0.2.10) Implement three authentication methods for Confluence, ServiceNow, and Azure DevOps: 1. OAuth2 - Traditional OAuth flow for enterprise SSO environments 2. Embedded Browser - Webview-based login that captures session cookies/tokens - Solves VPN constraints: users authenticate off-VPN via web UI - Extracted credentials work on-VPN for API calls - Based on confluence-publisher agent pattern 3. Manual Token - Direct API token/PAT input as fallback Changes: - Add webview_auth.rs module for embedded browser authentication - Implement authenticate_with_webview and extract_cookies_from_webview commands - Implement save_manual_token command with validation - Add AuthMethod enum to support all three modes - Add RadioGroup UI component for mode selection - Complete rewrite of Integrations settings page with mode-specific UI - Add secondary button variant for UI consistency VPN-friendly design: Users can authenticate via webview when off-VPN (web UI accessible), then use extracted cookies for API calls when on-VPN (API requires VPN). Addresses enterprise SSO limitations where OAuth app registration is blocked. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> 2026-04-03 22:26:09 +00:00
			`/// Authentication method for integration services`
			`#[derive(Debug, Clone, Serialize, Deserialize)]`
			`#[serde(tag = "method")]`
			`pub enum AuthMethod {`
			`#[serde(rename = "oauth2")]`
			`OAuth2 {`
			`access_token: String,`
			`expires_at: Option<i64>,`
			`},`
			`#[serde(rename = "cookies")]`
			`Cookies {`
			`cookies: Vec<webview_auth::Cookie>,`
			`},`
			`#[serde(rename = "token")]`
			`Token {`
			`token: String,`
			`token_type: String, // "Bearer", "Basic", etc.`
			`},`
			`}`