Platfrom Auth API UI rework

[tomkis]

Summary

Refactoring of platform auth in the UI fixes code review comments in #1741

Documentation

• No Docs Needed:

Base does not yet have any docs.

[gemini-code-assist]

Summary of Changes

Hello @tomkis, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the platform's authentication and authorization API interactions, primarily focusing on Agent-to-Agent (A2A) communication. It introduces a new utility for creating authenticated fetch requests, centralizing token handling. Concurrently, it enhances the validation of global permissions, particularly for A2A proxy access, by implementing stricter schema-based rules. These changes streamline how authentication tokens are managed and applied, ensuring more consistent and secure API calls across the SDK and UI.

Highlights

• Centralized Authenticated Fetch Utility: A new utility function, createAuthenticatedFetch, has been introduced in the TypeScript SDK. This function standardizes the process of adding Authorization: Bearer headers to API requests, promoting a consistent and centralized approach to handling authentication tokens.
• Stricter A2A Proxy Permissions Validation: The globalPermissionsGrantSchema in the TypeScript SDK now includes enhanced validation rules for the a2a_proxy field. These rules prevent a2a_proxy from being an empty array and disallow mixing the wildcard * with specific provider IDs, ensuring more precise and secure permission grants.
• Deprecation of Direct Context Token Passing: UI components have been updated to reflect a shift in how contextToken is handled. It is now indicated that the context token should be managed through the A2A client's fetch implementation (leveraging the new authenticated fetch utility) rather than being passed directly to fulfillment functions, streamlining token management.
• Schema-based Permission Validation: The createContextToken function in the TypeScript SDK has been refactored to utilize Zod schemas for validating globalPermissions and contextPermissions. This replaces previous manual checks with a more robust and type-safe schema-based validation mechanism.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the authentication and API client creation logic in the AgentStack UI and SDK. A new createAuthenticatedFetch helper is introduced in the TypeScript SDK to standardize adding authentication headers, and this is used to clean up the UI code. Validation for permission grants has been improved by moving it into Zod schemas, which is a great change.

Overall, the changes are well-structured and improve the codebase. I have one minor suggestion to remove a leftover console.log statement.

Also, there's a small typo in the pull request title: "Platfrom" should be "Platform".