Open piyumaldk opened 1 month ago
Had a discussion on 2024/07/23 with APIM, IS, and AI team on how to proceed with the task.
Meeting notes:
Decided that one person from IS side and me from APIM side will work on this for now.
Decided that we need to further clarify below things in the future
Decided that it's needed to clearly separate task works and one person from IS side and me should discuss and decide that.
Decided that two issues will be maintained to track this from both teams.
Decided that both teams should finalise feature requirements and come up with a general requirements list.
Started working on the task from 24th July.
General users can log into the subscription portal.
After logging into the portal, users will be able to generate a token by providing a unique name. The name should be unique among other tokens created by the same user (e.g., "dev"). Users have a limit of 10 tokens. If a user wants to generate an 11th token, they must remove an existing token.
Logged-in users can view previously generated tokens information, which include:
Generated tokens will expire after 2 months (from the date of user creation) for general users, at which point users will not be able to regenerate tokens or create new ones. Paid users do not have such restrictions if we introduce paid users to the portal in the future. In that case, we have to discuss the token expiration method for those users.
Once a user generates a token, the token will be visible only at that time, and the UI will inform the user to save the token somewhere safe.
Users can log out and will be redirected to the login page.
Generated tokens (underneath applications) should have below metadata.
Portal should know if the user logged in is a free user or paid user possibly through a flag, where initial development is only for free users but we have a possibility of improving the product to handle paid users as well to give them access to regenerate tokens.
User Login
Feature Display:
Subscription Management:
Key Management:
UI Display:
User Profile Management:
Discussed the requirements with the person from IS team and agreed on below requirements.
Below are the users who will get the access for the portal.
General users can log into the AI Subscription portal.
After logging into the portal, users will be able to generate a token by providing a unique name. The name should be unique among other tokens created by the same user (e.g., "dev"). Users have a limit of 10 tokens. If a user wants to generate an 11th token, they must remove an existing token.
Logged-in users can view previously generated tokens information, which include:
Generated tokens will expire after 2 months (from the date of user creation) for general users, at which point users will not be able to regenerate tokens or create new ones. Paid users do not have such restrictions if we introduce paid users to the portal in the future. In that case, we have to discuss the token expiration method for those users.
Once a user generates a token, the token will be visible only at that time, and the UI will inform the user to save the token somewhere safe.
Users can log out and will be redirected to the login page.
Generated tokens (underneath applications) should have below metadata.
Portal should know if the user logged in is a free user or paid user possibly through a flag, where initial development is only for free users but we have a possibility of improving the product to handle paid users as well to give them access to regenerate tokens.
However, we decided that we will need further discussions on below matters.
How to show the generated key? (Only key or whole config)
Do we give the access to generate one key for multiple products?
How should we handle expired dates?
I did some initial UI sketches like below.
With above UI sketches, I had a discussion with another UI expert and AI expert from APIM team. After some discussions, we agreed on the final UI/UX sketch. It was later introduced to the person who is working from IS team side on this task and he also agreed on the UI/UX design.
Below is the finalised design. (Please note that we yet to have a proper design review on this)
We had a design review on 2024/07/28 at 1.30PM - SLST (Recording is attached to the event)
Meeting was 1.30 hours long and discussed from architecture perspective to UX perspective.
Below are the final conclusions on the UX level.
A new sketch was designed addressing required changes. This sketch was confirmed by a key person from the last review.
In next design review, we have to decide on the technologies to use (Since UI sketch is almost finalised). Hence before going for the next design review, I have tried and tested some of the technologies to verify feasibility with the use cases. Below are the current findings.
Joined [IAM Engineering] Bi-Weekly UI/UX Design Review in order to get the UI/UX sketches reviewed and to decide the technologies to use.
Below are the key points from the 2nd (final) design review with IS team
To use ViteJS as the react framework.
To use Oxygen UI ( Since Oxygen UI was implemented on top of Material UI, in such cases where Oxygen UI cannot accomplished the expected results, I will use Material )
To use ESLint with restricted rules to overcome the code quality.
Discussed a warning on Oxygen UI ( I was informed that even this comes from Oxygen UI, this comes within Material UI and when Material UI fix this, they will do a major update for Oxygen UI, hence decided to ignore the warning for now)
Discussed the UI/UX and since timeline is strict for the project, decided to start implementing without designing Figma and do required changes on top of the code.
Please find below finalised design
Login Page ( Asgardeo Branding )
Landing Page as below
After the review meeting, had another meeting with an APIM UI/UX expert and discussed all the above things and decided to go with decided technologies and designs.
Since the design is finalized, I have shared it in the architecture email thread [1]. (Since we did not receive any feedback via email, we are proceeding with the implementation)
[1] [Architecture][IS] Deployment Architecture for AI Features in Product-IS
Implemented the project with decided technologies for the last four days. For now, project is done in a personal private repo.
Since backend is not ready, used mockup hardcoded responses for the implementation.
Finished implementing the decided design of landing page with Asgardeo login (Using React Asgardeo SDK).
All the requirements in terms of functionality (including danger action validations and tooltips) have been implemented. The remaining tasks are UI/UX improvements.
Had to move from Asgardeo SDK to Choreo managed authentication using Asgardeo due to a service requirement.
Deployed the frontend in Choreo using Asgardeo (Managed Authentication)
Change the authentication from default to sub organisation SSO due to a requirement of the service side implementation.
Presented the UI, service, and architecture to the AI team and got the feedback [1]
Implemented micro level details of UI and validations.
Had 2 offline reviews with UI expert of APIM
There were some changes required as the authentication flow changed (Due to a limitation on Asgardeo) hence need to change the whole UX/UI flow starting from designs
Designed new UI / UX and got reviewed them
Below are the finalised sketches
Whole UI flow
Implemented those changes with hardcoded responses (Some data structures has been changed due to some blockers form backend side)
[1] https://drive.google.com/file/d/1tt0tQMyVC9ZHBK4NtGiv0_-F4tFQR8AN/view
Complemented UI/UX implementation (Excluding backend connection)
Since, implementation is completed, schedule a UX review (As the final review)
Since, implementation is completed, schedule a code review (As project is a product which was written from scratch and contains 37 files)
Got the backend service, hence started connecting the backend again.
Improved error handling and introduced new pages for errors while connecting backend for server level issues.
As for today, still working on connecting backend and mitigating coming errors as they come.
[1] https://docs.google.com/document/d/1KOu0Y3V4LtctPKwaQieSo8muqqWxpyY8oZCm_kstaQ4/edit?usp=sharing [2] https://docs.google.com/document/d/1YbKspf2kVMSzJqZvx53SxxFtt0CyNqMqnMiOj4KsNI8/edit?usp=sharing
Completely finished connecting the backend to the portal (Functioning part)
Because of a limitation on the Asgardeo app, we currently can only generate 2 keys (We have sent a mail to Asgardeo to get the tier increased)
Tried to merge PR after doing some changes [1], but it seems APIM team does not have write access so informed other developer (Person who asked for the repo creation). He will ask to correctly give the access to relevant teams.
Since now we have a functioning portal, tried to use APIM AI services using that key.
[1] https://github.com/wso2-enterprise/ai-subscription-portal/pull/1
Description
In earlier versions of the API Manager and Identity Server releases, the product managed the AI feature's authorization through the onprem keys of Choreo.
For future versions, to correct the design flaws, a new portal has been proposed where administrative users can log in and generate keys. The plan is to deploy the portal for public access. This solution introduces a more user-friendly approach for key generation.
Affected Component
APIM
Version
4.4.0
Related Issues
No response
Suggested Labels
No response