fix(admin-ui): resolve navigation hang when redirecting to SSA page (#2672)

[faisalsiddique4400]

fix(admin-ui): resolve navigation hang when redirecting to SSA page (#2672)

Summary

The Admin UI was getting stuck while navigating to the SSA page, preventing proper application launch in nightly builds. The UI would hang during routing and the SSA page would not load.

Problem

• After launching Admin UI in Flex nightly, navigation to the SSA page would not complete.
• The application appeared stuck during route transition.
• Users were unable to proceed to SSA or complete initial workflows.

Root Cause

• Improper routing and state handling during navigation to the SSA page.
• Navigation lifecycle was not completing due to unresolved state or redirect conditions.

Fix Details

• Corrected routing logic for SSA navigation.
• Ensured navigation state resolves properly before triggering redirects.
• Added safeguards to prevent repeated or blocked navigation calls.
• Verified successful Admin UI launch and SSA page accessibility.

Result

• Admin UI launches successfully without navigation hang.
• SSA page loads correctly.
• Routing behavior is stable and predictable.

🔗 Ticket

Closes: #2672

Summary by CodeRabbit

• Bug Fixes

  • Improved handling of missing/invalid license keys with clearer status updates and more robust error flows
  • Refined loading-screen and API key/config display logic to reduce unnecessary loaders and tighten visibility of the Upload SSA flow
  • Increased reliability of initial authentication/config fetches and backend status reporting (including backend status on token fetch failures)

• Style

  • Enhanced dropzone styling: better spacing, alignment, and adjusted font sizing

• Chores

  • Added cursor-related entries to the project ignore file

• Chores

  • Updated backend API response typings and user-info handling (internal API type adjustments)

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds Cursor IDE ignore entries; tightens license/error handling in LicenseSaga (including backend-status mapping and explicit missing-license flow); restructures ApiKeyRedirect loader conditional; introduces BackendApi types and updates usages; adds one-time dispatch guard in AppAuthProvider; and adjusts SSA upload dropzone styling.

Changes

Cohort / File(s)	Summary
Gitignore admin-ui/.gitignore	Added Cursor IDE ignore entries: .cursor/, .cursorrules.
License handling (saga) admin-ui/app/redux/sagas/LicenseSaga.ts	Imported ApiErrorLike, added getBackendStatusFromError, dispatches setBackendStatus on API/token errors, and added explicit handling for no-valid-license (dispatches retrieveLicenseKeyResponse, checkLicensePresentResponse({ isLicenseValid: false }), and generateTrialLicenseResponse(null)).
Redirect / Loading Logic admin-ui/app/utils/ApiKeyRedirect.tsx	Rewrote showRedirectingLoader gating to require isConfigValid !== false and consolidated inner conditions; adjusted UploadSSA and ApiKey rendering branches to consider backendStatus.active.
Backend API types & usage admin-ui/app/redux/api/backend-api.ts, admin-ui/app/redux/api/types/BackendApi.ts	Added/exported FetchUserInfoResult and PolicyStoreApiResponse; updated fetchUserInformation and fetchPolicyStore signatures and HTTP client typing to use the new types.
App auth & user-info flow admin-ui/app/utils/AppAuthProvider.tsx	Added one-time dispatch guard (hasDispatchedConfigCheck via useRef), switched to FetchUserInfoResult handling (-1 sentinel), and added presence check for policyStoreResponse.data before dispatching parsed policy store JSON.
SSA Styling admin-ui/app/utils/styles/UploadSSA.style.ts	Updated dropzone layout (minHeight, flex centering, padding, boxSizing), reduced error text size, and centered dropzone text.

Sequence Diagram(s)

sequenceDiagram
    participant UI as Admin UI (ApiKeyRedirect)
    participant Saga as LicenseSaga
    participant API as Backend API
    participant Store as Redux Store

    UI->>Saga: trigger license/config check
    Saga->>API: fetch API access token / license
    API-->>Saga: success or ApiErrorLike
    alt success with valid license
        Saga->>Store: dispatch license-present/valid responses
    else no valid license or error
        Saga->>Store: dispatch retrieveLicenseKeyResponse (missing)
        Saga->>Store: dispatch checkLicensePresentResponse(false)
        Saga->>Store: dispatch generateTrialLicenseResponse(null)
        Saga->>Store: dispatch setBackendStatus (if ApiErrorLike)
    end
    UI->>Store: read license/config and backendStatus
    UI-->>UI: evaluate showRedirectingLoader and render UploadSSA / ApiKey / loader

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat(admin-ui): revamp Reloading, Timeout, Add SSA, and Profile pages as per Figma #2658 — overlaps changes to admin-ui/app/utils/ApiKeyRedirect.tsx and SSA styling (similar redirect/loader logic and style edits).
• feat(admin-ui): change in process of accessing config-api endpoints in Admin UI  #2570 — related changes to LicenseSaga, AppAuthProvider, and BackendApi type usage (FetchUserInfoResult, PolicyStoreApiResponse).

Suggested reviewers

• duttarnab
• moabu

Poem

🐰 I hopped through branches, quick and spry,
Found loaders, keys, and a cursor to hide,
I nudged the saga when tokens went dry,
Centered the dropzone, let styles glide,
Now the admin UI hops with pride. ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title clearly describes the main fix: resolving a navigation hang when redirecting to the SSA page, which directly matches the primary objective and linked issue #2672.
Linked Issues check	✅ Passed	The code changes address the core issue: improved state handling in AppAuthProvider (one-time config check guard), corrected routing logic in ApiKeyRedirect (backend status validation for UploadSSA), enhanced error handling in LicenseSaga, and added style improvements. These changes collectively resolve the navigation hang and prevent SSA page load failures.
Out of Scope Changes check	✅ Passed	All changes are scoped to fixing the SSA navigation hang: state management improvements, routing logic corrections, backend status validation, type safety enhancements, and styling adjustments. The .gitignore update for Cursor files is a minor supporting change. No unrelated functionality modifications detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch admin-ui-issue-2672

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@admin-ui/app/redux/sagas/LicenseSaga.ts`:
- Around line 123-125: The no-key branch in LicenseSaga dispatches
retrieveLicenseKeyResponse and checkLicensePresentResponse but does not clear
generateTrialLicenseResponse, leaving stale trial-license state; update the else
branch in LicenseSaga to also dispatch generateTrialLicenseResponse with a
cleared/failed payload (e.g., isTrialGenerated: false and/or null payload) so
any previous successful trial generation is reset when no valid license key is
found, ensuring Redux state keys generateTrialLicenseResponse,
retrieveLicenseKeyResponse, and checkLicensePresentResponse are all consistent.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0168eda and 3a64bdb.

📒 Files selected for processing (4)

• admin-ui/.gitignore
• admin-ui/app/redux/sagas/LicenseSaga.ts
• admin-ui/app/utils/ApiKeyRedirect.tsx
• admin-ui/app/utils/styles/UploadSSA.style.ts

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@admin-ui/app/redux/sagas/LicenseSaga.ts`:
- Around line 40-45: getBackendStatusFromError currently yields null for
errorMessage when response.data is missing (e.g. network/CORS failures); update
getBackendStatusFromError to preserve a fallback message by checking
err?.message or String(error) (or a hardcoded fallback like "Network error")
when err.response?.data?.responseMessage and err.response?.data?.message are
absent, and return that non-null string as errorMessage while keeping the rest
of the returned shape (active: false, statusCode detection) intact.
- Around line 50-55: After successfully fetching the token in the defaultToken
flow (the call to fetchApiTokenWithDefaultScopes and the subsequent yield
put(setApiDefaultToken(defaultToken))), reset the transient backend error state
by dispatching setBackendStatus with active: true, errorMessage: null,
statusCode: null so prior failures don't leave the UI in a "backend down" state;
add this yield put immediately after setApiDefaultToken(defaultToken) in
LicenseSaga and keep the existing catch handling that logs via devLogger.error
and uses getBackendStatusFromError.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 733b065 and cd0d46d.

📒 Files selected for processing (1)

• admin-ui/app/redux/sagas/LicenseSaga.ts

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@admin-ui/app/utils/AppAuthProvider.tsx`:
- Around line 219-221: The promise chain in AppAuthProvider.tsx that handles
fetchUserInformation returns early when value === -1, causing a silent failure;
update the .then handler (where value is checked and assigned to ujwt) to handle
the -1 sentinel by setting an error state or dispatching a user-visible
notification and ensuring auth state is updated (e.g., set isAuthenticated false
or call logout) so the component/UI doesn't stay stuck; modify the .then for
FetchUserInfoResult and related state setters or auth dispatchers in the
AppAuthProvider component to surface the error and short-circuit to a clear
fallback path instead of returning silently.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cd0d46d and 080bfb4.

📒 Files selected for processing (3)

• admin-ui/app/redux/api/backend-api.ts
• admin-ui/app/redux/api/types/BackendApi.ts
• admin-ui/app/utils/AppAuthProvider.tsx

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

admin-ui/app/utils/ApiKeyRedirect.tsx (1)

75-81: 🧹 Nitpick | 🔵 Trivial

Consider extracting nested ternary for readability.

The 4-level nested ternary is difficult to follow and maintain. Consider refactoring to a helper function or extracting the logic into a clearly named variable.

♻️ Suggested refactor using a helper function

+  const renderMainContent = () => {
+    if (isConfigValid === false) {
+      return backendStatus.active ? <UploadSSA /> : null
+    }
+    if (!isTimeout && isUnderThresholdLimit && shouldShowApiKey) {
+      return <ApiKey />
+    }
+    return null
+  }
+
   return (
     <React.Fragment>
       <Container>
-        {isConfigValid === false && backendStatus.active ? (
-          <UploadSSA />
-        ) : isConfigValid === false ? null : !isTimeout && isUnderThresholdLimit ? (
-          shouldShowApiKey ? (
-            <ApiKey />
-          ) : null
-        ) : null}
+        {renderMainContent()}

         {!backendStatus.active && (

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@admin-ui/app/utils/ApiKeyRedirect.tsx` around lines 75 - 81, The JSX contains
a hard-to-read 4-level nested ternary rendering expression around isConfigValid,
backendStatus.active, isTimeout, isUnderThresholdLimit and shouldShowApiKey that
returns UploadSSA, ApiKey or null; extract this logic into a clearly named
helper function or boolean variables (e.g., computeApiKeyRender() or const
shouldRenderUploadSSA / const shouldRenderApiKey) and replace the nested ternary
with a single, descriptive expression (or call to the helper) so that the
rendering decisions for UploadSSA and ApiKey are easy to follow and test.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@admin-ui/app/utils/ApiKeyRedirect.tsx`:
- Around line 75-81: The JSX contains a hard-to-read 4-level nested ternary
rendering expression around isConfigValid, backendStatus.active, isTimeout,
isUnderThresholdLimit and shouldShowApiKey that returns UploadSSA, ApiKey or
null; extract this logic into a clearly named helper function or boolean
variables (e.g., computeApiKeyRender() or const shouldRenderUploadSSA / const
shouldRenderApiKey) and replace the nested ternary with a single, descriptive
expression (or call to the helper) so that the rendering decisions for UploadSSA
and ApiKey are easy to follow and test.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 080bfb4 and 2fa4037.

📒 Files selected for processing (1)

• admin-ui/app/utils/ApiKeyRedirect.tsx

[sonarqubecloud]

Quality Gate passed for 'Gluu Admin UI'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud