Make CW auto-reconnect on startup (#3619)

* Make CW auto-reconnect on startup

This fixes the issue when CW does not auto-reconnect on IDE startup.
CW will try to auto-connect when the connection(accessToken is expired)
It will first try to use the refresh token to refresh, if failed, it
will prompt a notification for people to re-auth(go through the browser
login flow again).
Also did some refactors to ensure:
1. CW actions are not performed when CW is logged out, or CW needs to re-auth,
for the case when CW needs to refresh, refresh the token and continue with
the CW action.
2. Reuse helpers for serveral parts for reconnect, refresh, showing expiry
notification and expiry check.

* add back codescan reset logic

Author: andrewyuq

jetbrains-core/src/software/aws/toolkits/jetbrains/core/credentials/ToolkitAuthManager.kt

@@ -224,26 +224,30 @@ fun reauthProviderIfNeeded(project: Project?, tokenProvider: BearerTokenProvider
     return tokenProvider
 }
 
-fun maybeReauthProviderIfNeeded(project: Project?, tokenProvider: BearerTokenProvider, onReauthRequired: (SsoOidcException?) -> Any) {
+// Return true if need to re-auth, false otherwise
+fun maybeReauthProviderIfNeeded(project: Project?, tokenProvider: BearerTokenProvider, onReauthRequired: (SsoOidcException?) -> Any): Boolean {
     val state = tokenProvider.state()
     when (state) {
         BearerTokenAuthState.NOT_AUTHENTICATED -> {
             getLogger<ToolkitAuthManager>().info { "Token provider NOT_AUTHENTICATED, requesting login" }
             onReauthRequired(null)
+            return true
         }
 
         BearerTokenAuthState.NEEDS_REFRESH -> {
             try {
-                runUnderProgressIfNeeded(project, message("credentials.sono.login.refreshing"), true) {
+                return runUnderProgressIfNeeded(project, message("credentials.sono.login.refreshing"), true) {
                     tokenProvider.resolveToken()
                     BearerTokenProviderListener.notifyCredUpdate(tokenProvider.id)
+                    return@runUnderProgressIfNeeded false
                 }
             } catch (e: SsoOidcException) {
                 getLogger<ToolkitAuthManager>().warn(e) { "Redriving AWS Builder ID login flow since token could not be refreshed" }
                 onReauthRequired(e)
+                return true
             }
         }
 
-        BearerTokenAuthState.AUTHORIZED -> {}
+        BearerTokenAuthState.AUTHORIZED -> { return false }
     }
 }

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererCodeScanManager.kt

@@ -58,6 +58,7 @@ import software.aws.toolkits.jetbrains.services.codewhisperer.codescan.listeners
 import software.aws.toolkits.jetbrains.services.codewhisperer.codescan.sessionconfig.CodeScanSessionConfig
 import software.aws.toolkits.jetbrains.services.codewhisperer.editor.CodeWhispererEditorUtil.overlaps
 import software.aws.toolkits.jetbrains.services.codewhisperer.explorer.CodeWhispererExplorerActionManager
+import software.aws.toolkits.jetbrains.services.codewhisperer.explorer.isCodeWhispererEnabled
 import software.aws.toolkits.jetbrains.services.codewhisperer.model.CodeScanTelemetryEvent
 import software.aws.toolkits.jetbrains.services.codewhisperer.telemetry.CodeWhispererTelemetryService
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererColorUtil.INACTIVE_TEXT_COLOR
@@ -126,14 +127,15 @@ class CodeWhispererCodeScanManager(val project: Project) {
      * Triggers a code scan and displays results in the new tab in problems view panel.
      */
     fun runCodeScan() {
+        if (!isCodeWhispererEnabled(project)) return
+
         // Return if a scan is already in progress.
         if (isCodeScanInProgress.getAndSet(true)) return
-        if (CodeWhispererUtil.isConnectionExpired(project)) {
-            promptReAuth(project) {
-                isCodeScanInProgress.set(false)
-            }
+        if (promptReAuth(project)) {
+            isCodeScanInProgress.set(false)
             return
         }
+
         // Prepare for a code scan
         beforeCodeScan()
         // launch code scan coroutine

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/explorer/CodeWhispererExplorerActionManager.kt

@@ -20,7 +20,8 @@ import software.aws.toolkits.jetbrains.core.explorer.refreshDevToolTree
 import software.aws.toolkits.jetbrains.services.codewhisperer.credentials.CodeWhispererLoginType
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererConstants
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.getConnectionStartUrl
-import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.isConnectionExpired
+import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.isAccessTokenExpired
+import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.isRefreshTokenExpired
 import software.aws.toolkits.telemetry.AwsTelemetry
 import java.time.LocalDateTime
 
@@ -119,7 +120,7 @@ class CodeWhispererExplorerActionManager : PersistentStateComponent<CodeWhispere
 
     fun checkActiveCodeWhispererConnectionType(project: Project) = when {
         actionState.token != null -> CodeWhispererLoginType.Accountless
-        isConnectionExpired(project) -> CodeWhispererLoginType.Expired
+        isAccessTokenExpired(project) || isRefreshTokenExpired(project) -> CodeWhispererLoginType.Expired
         else -> {
             val conn = ToolkitConnectionManager.getInstance(project).activeConnectionForFeature(CodeWhispererConnection.getInstance())
             if (conn != null) {
@@ -198,3 +199,7 @@ interface CodeWhispererActivationChangedListener {
 fun isCodeWhispererEnabled(project: Project) = with(CodeWhispererExplorerActionManager.getInstance()) {
     checkActiveCodeWhispererConnectionType(project) != CodeWhispererLoginType.Logout
 }
+
+fun isCodeWhispererExpired(project: Project) = with(CodeWhispererExplorerActionManager.getInstance()) {
+    checkActiveCodeWhispererConnectionType(project) == CodeWhispererLoginType.Expired
+}

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/explorer/nodes/CodeWhispererReconnectNode.kt

@@ -4,13 +4,8 @@
 package software.aws.toolkits.jetbrains.services.codewhisperer.explorer.nodes
 
 import com.intellij.icons.AllIcons
-import com.intellij.openapi.application.ApplicationManager
 import com.intellij.openapi.project.Project
-import software.aws.toolkits.jetbrains.core.credentials.BearerSsoConnection
-import software.aws.toolkits.jetbrains.core.credentials.ToolkitConnectionManager
-import software.aws.toolkits.jetbrains.core.credentials.loginSso
-import software.aws.toolkits.jetbrains.core.credentials.pinning.CodeWhispererConnection
-import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.getConnectionStartUrl
+import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.reconnectCodeWhisperer
 import software.aws.toolkits.resources.message
 import java.awt.event.MouseEvent
 
@@ -21,12 +16,6 @@ class CodeWhispererReconnectNode(nodeProject: Project) : CodeWhispererActionNode
     AllIcons.Actions.Execute
 ) {
     override fun onDoubleClick(event: MouseEvent) {
-        val connection = ToolkitConnectionManager.getInstance(project).activeConnectionForFeature(CodeWhispererConnection.getInstance())
-        if (connection !is BearerSsoConnection) return
-        ApplicationManager.getApplication().executeOnPooledThread {
-            getConnectionStartUrl(connection)?.let { startUrl ->
-                loginSso(project, startUrl, scopes = connection.scopes)
-            }
-        }
+        reconnectCodeWhisperer(project)
     }
 }

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/service/CodeWhispererService.kt

@@ -62,7 +62,6 @@ import software.aws.toolkits.jetbrains.services.codewhisperer.util.CaretMovement
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererConstants
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.checkCompletionType
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.checkEmptyRecommendations
-import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.isConnectionExpired
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.notifyErrorCodeWhispererUsageLimit
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.promptReAuth
 import software.aws.toolkits.resources.message
@@ -81,15 +80,9 @@ class CodeWhispererService {
         if (!isCodeWhispererEnabled(project)) return
 
         latencyContext.credentialFetchingStart = System.nanoTime()
-        if (isConnectionExpired(project)) {
-            if (triggerTypeInfo.triggerType == CodewhispererTriggerType.AutoTrigger) {
-                if (reAuthPromptShown) return
-                promptReAuth(project, ::markReAuthPromptShown)
-            } else {
-                promptReAuth(project)
-            }
-            return
-        }
+
+        if (promptReAuth(project)) return
+
         latencyContext.credentialFetchingEnd = System.nanoTime()
         val psiFile = runReadAction { PsiDocumentManager.getInstance(project).getPsiFile(editor.document) }
 
@@ -621,10 +614,12 @@ class CodeWhispererService {
         const val KET_SESSION_ID = "x-amzn-SessionId"
         private var reAuthPromptShown = false
 
-        private fun markReAuthPromptShown() {
+        fun markReAuthPromptShown() {
             reAuthPromptShown = true
         }
 
+        fun hasReAuthPromptBeenShown() = reAuthPromptShown
+
         fun buildCodeWhispererRequest(
             fileContextInfo: FileContextInfo
         ): GenerateCompletionsRequest {

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/startup/CodeWhispererProjectStartupActivity.kt

@@ -19,6 +19,7 @@ import software.aws.toolkits.jetbrains.services.codewhisperer.status.CodeWhisper
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererConstants
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.notifyErrorAccountless
 import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.notifyWarnAccountless
+import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.promptReAuth
 import java.time.LocalDateTime
 import java.util.Date
 import java.util.Timer
@@ -40,6 +41,9 @@ class CodeWhispererProjectStartupActivity : StartupActivity.DumbAware {
         if (!isCodeWhispererEnabled(project)) return
         if (runOnce) return
 
+        // Reconnect CodeWhisperer on startup
+        promptReAuth(project)
+
         CodeWhispererAutoTriggerService.getInstance().determineUserGroupIfNeeded()
 
         // install intellsense autotrigger listener, this only need to be executed 1 time

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/status/CodeWhispererStatusBarWidget.kt

@@ -13,16 +13,11 @@ import com.intellij.openapi.wm.StatusBarWidget
 import com.intellij.openapi.wm.impl.status.EditorBasedWidget
 import com.intellij.ui.AnimatedIcon
 import com.intellij.util.Consumer
-import software.aws.toolkits.jetbrains.core.credentials.BearerSsoConnection
-import software.aws.toolkits.jetbrains.core.credentials.ToolkitConnectionManager
-import software.aws.toolkits.jetbrains.core.credentials.loginSso
-import software.aws.toolkits.jetbrains.core.credentials.pinning.CodeWhispererConnection
 import software.aws.toolkits.jetbrains.core.credentials.sso.bearer.BearerTokenProviderListener
-import software.aws.toolkits.jetbrains.services.codewhisperer.credentials.CodeWhispererLoginType
-import software.aws.toolkits.jetbrains.services.codewhisperer.explorer.CodeWhispererExplorerActionManager
+import software.aws.toolkits.jetbrains.services.codewhisperer.explorer.isCodeWhispererExpired
 import software.aws.toolkits.jetbrains.services.codewhisperer.service.CodeWhispererInvocationStateChangeListener
 import software.aws.toolkits.jetbrains.services.codewhisperer.service.CodeWhispererInvocationStatus
-import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil
+import software.aws.toolkits.jetbrains.services.codewhisperer.util.CodeWhispererUtil.reconnectCodeWhisperer
 import software.aws.toolkits.resources.message
 import java.awt.event.MouseEvent
 import javax.swing.Icon
@@ -59,39 +54,23 @@ class CodeWhispererStatusBarWidget(project: Project) :
 
     override fun getClickConsumer(): Consumer<MouseEvent>? = null
 
-    override fun getPopupStep(): ListPopup? {
-        val connectionType = CodeWhispererExplorerActionManager.getInstance().checkActiveCodeWhispererConnectionType(project)
-        return if (connectionType == CodeWhispererLoginType.Expired) {
-            JBPopupFactory.getInstance().createConfirmation(message("codewhisperer.statusbar.popup.title"), ::reconnect, 0)
+    override fun getPopupStep(): ListPopup? =
+        if (isCodeWhispererExpired(project)) {
+            JBPopupFactory.getInstance().createConfirmation(message("codewhisperer.statusbar.popup.title"), { reconnectCodeWhisperer(project) }, 0)
         } else {
             null
         }
-    }
-
-    private fun reconnect() {
-        val connection = ToolkitConnectionManager.getInstance(project).activeConnectionForFeature(CodeWhispererConnection.getInstance())
-        if (connection !is BearerSsoConnection) {
-            return
-        }
-        ApplicationManager.getApplication().executeOnPooledThread {
-            CodeWhispererUtil.getConnectionStartUrl(connection)?.let { startUrl ->
-                loginSso(project, startUrl, scopes = connection.scopes)
-            }
-        }
-    }
 
     override fun getSelectedValue(): String = message("codewhisperer.statusbar.display_name")
 
-    override fun getIcon(): Icon {
-        val connectionType = CodeWhispererExplorerActionManager.getInstance().checkActiveCodeWhispererConnectionType(project)
-        return if (connectionType == CodeWhispererLoginType.Expired) {
+    override fun getIcon(): Icon =
+        if (isCodeWhispererExpired(project)) {
             AllIcons.General.BalloonWarning
         } else if (CodeWhispererInvocationStatus.getInstance().hasExistingInvocation()) {
             AnimatedIcon.Default()
         } else {
             AllIcons.Actions.Commit
         }
-    }
 
     companion object {
         const val ID = "aws.codewhisperer.statusWidget"

jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/util/CodeWhispererUtil.kt

@@ -25,6 +25,8 @@ import software.aws.toolkits.jetbrains.services.codewhisperer.actions.ConnectWit
 import software.aws.toolkits.jetbrains.services.codewhisperer.actions.DoNotShowAgainActionError
 import software.aws.toolkits.jetbrains.services.codewhisperer.actions.DoNotShowAgainActionWarn
 import software.aws.toolkits.jetbrains.services.codewhisperer.explorer.CodeWhispererExplorerActionManager
+import software.aws.toolkits.jetbrains.services.codewhisperer.explorer.isCodeWhispererExpired
+import software.aws.toolkits.jetbrains.services.codewhisperer.service.CodeWhispererService
 import software.aws.toolkits.jetbrains.utils.notifyError
 import software.aws.toolkits.jetbrains.utils.notifyInfo
 import software.aws.toolkits.jetbrains.utils.notifyWarn
@@ -92,40 +94,46 @@ object CodeWhispererUtil {
         listOf(CodeWhispererSsoLearnMoreAction(), ConnectWithAwsToContinueActionError(), DoNotShowAgainActionError())
     )
 
-    fun isConnectionExpired(project: Project): Boolean {
+    fun isAccessTokenExpired(project: Project): Boolean {
         val tokenProvider = tokenProvider(project) ?: return false
         val state = tokenProvider.state()
-        return state == BearerTokenAuthState.NEEDS_REFRESH || state == BearerTokenAuthState.NOT_AUTHENTICATED
+        return state == BearerTokenAuthState.NEEDS_REFRESH
     }
 
-    fun promptReAuth(project: Project, callback: () -> Unit = {}) {
-        val connection = ToolkitConnectionManager.getInstance(project).activeConnectionForFeature(CodeWhispererConnection.getInstance())
-        if (connection !is BearerSsoConnection) return
-        val tokenProvider = tokenProvider(project) ?: return
-        maybeReauthProviderIfNeeded(project, tokenProvider) {
+    fun isRefreshTokenExpired(project: Project): Boolean {
+        val tokenProvider = tokenProvider(project) ?: return false
+        val state = tokenProvider.state()
+        return state == BearerTokenAuthState.NOT_AUTHENTICATED
+    }
+
+    // This will be called only when there's a CW connection, but it has expired(either accessToken or refreshToken)
+    // 1. If connection is expired, try to refresh
+    // 2. If not able to refresh, requesting re-login by showing a notification
+    // 3. The notification will be shown at most once per IDE session
+    // Return true if need to re-auth, false otherwise
+    fun promptReAuth(project: Project): Boolean {
+        if (CodeWhispererService.hasReAuthPromptBeenShown()) return false
+        if (!isCodeWhispererExpired(project)) return false
+        val tokenProvider = tokenProvider(project) ?: return false
+        return maybeReauthProviderIfNeeded(project, tokenProvider) {
             runInEdt {
-                notifyConnectionExpiredRequestReauth(project, connection)
-                callback()
+                notifyConnectionExpiredRequestReauth(project)
+                CodeWhispererService.markReAuthPromptShown()
             }
         }
     }
 
-    private fun notifyConnectionExpiredRequestReauth(project: Project, connection: BearerSsoConnection?) {
-        connection ?: return
+    private fun notifyConnectionExpiredRequestReauth(project: Project) {
         if (CodeWhispererExplorerActionManager.getInstance().getConnectionExpiredDoNotShowAgain()) {
             return
         }
         notifyError(
-            message("toolkit.sso_expire.dialog.title", connection.label),
+            message("toolkit.sso_expire.dialog.title"),
             message("toolkit.sso_expire.dialog_message"),
             project,
             listOf(
                 NotificationAction.create(message("toolkit.sso_expire.dialog.yes_button")) { _, notification ->
-                    ApplicationManager.getApplication().executeOnPooledThread {
-                        getConnectionStartUrl(connection)?.let { startUrl ->
-                            loginSso(project, startUrl, scopes = connection.scopes)
-                        }
-                    }
+                    reconnectCodeWhisperer(project)
                     notification.expire()
                 },
                 NotificationAction.create(message("toolkit.sso_expire.dialog.no_button")) { _, notification ->
@@ -150,6 +158,16 @@ object CodeWhispererUtil {
         ?.getConnectionSettings()
         ?.tokenProvider
         ?.delegate as? BearerTokenProvider
+
+    fun reconnectCodeWhisperer(project: Project) {
+        val connection = ToolkitConnectionManager.getInstance(project).activeConnectionForFeature(CodeWhispererConnection.getInstance())
+        if (connection !is BearerSsoConnection) return
+        ApplicationManager.getApplication().executeOnPooledThread {
+            getConnectionStartUrl(connection)?.let { startUrl ->
+                loginSso(project, startUrl, scopes = connection.scopes)
+            }
+        }
+    }
 }
 
 enum class CaretMovement {