insforge 0.3.3 → 1.2.10

package/backend/src/providers/logs/local.provider.ts

@@ -0,0 +1,185 @@
+import { promises as fs, createReadStream } from 'fs';
+import { createInterface } from 'readline';
+import path from 'path';
+import { LogSchema, LogSourceSchema, LogStatsSchema } from '@insforge/shared-schemas';
+import { BaseLogProvider } from './base.provider.js';
+import logger from '@/utils/logger.js';
+
+export class LocalFileProvider extends BaseLogProvider {
+  private logsDir: string = '';
+  private logFiles: Record<string, string> = {
+    'insforge.logs': 'insforge.logs.jsonl',
+    'postgres.logs': 'postgres.logs.jsonl',
+    'postgREST.logs': 'postgrest.logs.jsonl',
+    'function.logs': 'function.logs.jsonl',
+  };
+
+  async initialize(): Promise<void> {
+    this.logsDir = process.env.LOGS_DIR || path.resolve(process.cwd(), 'insforge-logs');
+    try {
+      await fs.mkdir(this.logsDir, { recursive: true });
+    } catch {
+      // Directory already exists
+    }
+    logger.info(`File-based analytics initialized at: ${this.logsDir}`);
+  }
+
+  getLogSources(): Promise<LogSourceSchema[]> {
+    const sources: LogSourceSchema[] = [];
+    let id = 1;
+
+    for (const [name, filename] of Object.entries(this.logFiles)) {
+      sources.push({ id: String(id++), name, token: filename });
+    }
+
+    return Promise.resolve(sources);
+  }
+
+  async getLogsBySource(
+    sourceName: string,
+    limit: number = 100,
+    beforeTimestamp?: string
+  ): Promise<{
+    logs: LogSchema[];
+    total: number;
+    tableName: string;
+  }> {
+    const filename = this.logFiles[sourceName];
+    if (!filename) {
+      return { logs: [], total: 0, tableName: sourceName };
+    }
+
+    const filePath = path.join(this.logsDir, filename);
+    const logs = await this.readLogsFromFile(filePath, limit, beforeTimestamp);
+
+    return {
+      logs,
+      total: logs.length,
+      tableName: sourceName,
+    };
+  }
+
+  private async readLogsFromFile(
+    filePath: string,
+    limit: number,
+    beforeTimestamp?: string
+  ): Promise<LogSchema[]> {
+    try {
+      await fs.access(filePath);
+    } catch {
+      return [];
+    }
+
+    const logs: LogSchema[] = [];
+    const beforeMs = beforeTimestamp ? Date.parse(beforeTimestamp) : Date.now();
+
+    const fileStream = createReadStream(filePath);
+    const rl = createInterface({ input: fileStream, crlfDelay: Infinity });
+
+    for await (const line of rl) {
+      if (!line.trim()) {
+        continue;
+      }
+
+      try {
+        const log = JSON.parse(line);
+
+        // Only process Vector-transformed logs (have appname field)
+        if (!log.appname) {
+          continue;
+        }
+
+        const logTime = new Date(log.timestamp).getTime();
+
+        if (logTime < beforeMs) {
+          // For error logs, include error and stack in eventMessage to match CloudWatch display
+          let eventMessage = log.event_message || '';
+          if (log.level === 'error' && log.error) {
+            eventMessage = `${eventMessage}\n\nError: ${log.error}`;
+            if (log.stack) {
+              eventMessage += `\n\nStack Trace:\n${log.stack}`;
+            }
+          }
+
+          logs.push({
+            id: `${logTime}-${Math.random()}`,
+            timestamp: log.timestamp,
+            eventMessage,
+            body: log,
+          });
+        }
+      } catch {
+        // Skip invalid JSON lines
+      }
+    }
+
+    // Return most recent logs up to limit
+    return logs.slice(-limit);
+  }
+
+  async getLogSourceStats(): Promise<LogStatsSchema[]> {
+    const stats: LogStatsSchema[] = [];
+
+    for (const [name, filename] of Object.entries(this.logFiles)) {
+      const filePath = path.join(this.logsDir, filename);
+      try {
+        const fileStats = await fs.stat(filePath);
+        const logs = await this.readLogsFromFile(filePath, 1000);
+
+        stats.push({
+          source: name,
+          count: logs.length,
+          lastActivity: fileStats.mtime.toISOString(),
+        });
+      } catch {
+        // File doesn't exist
+      }
+    }
+
+    return stats;
+  }
+
+  async searchLogs(
+    query: string,
+    sourceName?: string,
+    limit: number = 100,
+    offset: number = 0
+  ): Promise<{
+    logs: (LogSchema & { source: string })[];
+    total: number;
+  }> {
+    const results: (LogSchema & { source: string })[] = [];
+    const searchLower = query.toLowerCase();
+
+    const filesToSearch = sourceName
+      ? [{ name: sourceName, filename: this.logFiles[sourceName] }]
+      : Object.entries(this.logFiles).map(([name, filename]) => ({ name, filename }));
+
+    for (const { name, filename } of filesToSearch) {
+      if (!filename) {
+        continue;
+      }
+
+      const filePath = path.join(this.logsDir, filename);
+      const logs = await this.readLogsFromFile(filePath, 10000);
+
+      for (const log of logs) {
+        const messageMatch = log.eventMessage.toLowerCase().includes(searchLower);
+        const metadataMatch = JSON.stringify(log.body).toLowerCase().includes(searchLower);
+
+        if (messageMatch || metadataMatch) {
+          results.push({ ...log, source: name });
+        }
+      }
+    }
+
+    return {
+      logs: results.slice(offset, offset + limit),
+      total: results.length,
+    };
+  }
+
+  async close(): Promise<void> {
+    // No cleanup needed for file-based provider
+  }
+}

package/backend/src/providers/oauth/base.provider.ts

@@ -0,0 +1,29 @@
+import type { OAuthUserData } from '@/types/auth.js';
+
+/**
+ * OAuth provider interface
+ * Defines the contract that all OAuth providers must implement
+ */
+export interface OAuthProvider {
+  /**
+   * Generate OAuth authorization URL
+   * @param state - Optional state parameter for CSRF protection
+   * @returns Authorization URL
+   */
+  generateOAuthUrl(state?: string): Promise<string>;
+
+  /**
+   * Handle OAuth callback and exchange code/token for user info
+   * @param payload - OAuth callback payload containing code or token
+   * @returns User data from OAuth provider
+   */
+  handleCallback(payload: { code?: string; token?: string }): Promise<OAuthUserData>;
+
+  /**
+   * Handle shared OAuth callback (for shared keys)
+   * Optional - not all providers support shared OAuth
+   * @param payloadData - Payload data from shared OAuth callback
+   * @returns User data transformed to standard format
+   */
+  handleSharedCallback?(payloadData: Record<string, unknown>): OAuthUserData;
+}

package/backend/src/providers/oauth/discord.provider.ts

@@ -0,0 +1,195 @@
+import axios from 'axios';
+import logger from '@/utils/logger.js';
+import { getApiBaseUrl } from '@/utils/environment.js';
+import { OAuthConfigService } from '@/services/auth/oauth-config.service.js';
+import { OAuthProvider } from './base.provider.js';
+import type { DiscordUserInfo, OAuthUserData } from '@/types/auth.js';
+
+/**
+ * Discord OAuth Service
+ * Handles all Discord OAuth operations including URL generation, token exchange, and user info retrieval
+ */
+export class DiscordOAuthProvider implements OAuthProvider {
+  private static instance: DiscordOAuthProvider;
+
+  private constructor() {
+    // Initialize OAuth helpers if needed
+  }
+
+  public static getInstance(): DiscordOAuthProvider {
+    if (!DiscordOAuthProvider.instance) {
+      DiscordOAuthProvider.instance = new DiscordOAuthProvider();
+    }
+    return DiscordOAuthProvider.instance;
+  }
+
+  /**
+   * Generate Discord OAuth authorization URL
+   */
+  async generateOAuthUrl(state?: string): Promise<string> {
+    const oAuthConfigService = OAuthConfigService.getInstance();
+    const config = await oAuthConfigService.getConfigByProvider('discord');
+
+    if (!config) {
+      throw new Error('Discord OAuth not configured');
+    }
+
+    const selfBaseUrl = getApiBaseUrl();
+
+    if (config?.useSharedKey) {
+      if (!state) {
+        logger.warn('Shared Discord OAuth called without state parameter');
+        throw new Error('State parameter is required for shared Discord OAuth');
+      }
+      // Use shared keys if configured
+      const cloudBaseUrl = process.env.CLOUD_API_HOST || 'https://api.insforge.dev';
+      const redirectUri = `${selfBaseUrl}/api/auth/oauth/shared/callback/${state}`;
+      const response = await axios.get(
+        `${cloudBaseUrl}/auth/v1/shared/discord?redirect_uri=${encodeURIComponent(redirectUri)}`,
+        {
+          headers: {
+            'Content-Type': 'application/json',
+          },
+        }
+      );
+      return response.data.auth_url || response.data.url || '';
+    }
+
+    logger.debug('Discord OAuth Config (fresh from DB):', {
+      clientId: config.clientId ? 'SET' : 'NOT SET',
+    });
+
+    const authUrl = new URL('https://discord.com/api/oauth2/authorize');
+    authUrl.searchParams.set('client_id', config.clientId ?? '');
+    authUrl.searchParams.set('redirect_uri', `${selfBaseUrl}/api/auth/oauth/discord/callback`);
+    authUrl.searchParams.set('response_type', 'code');
+    authUrl.searchParams.set('scope', config.scopes ? config.scopes.join(' ') : 'identify email');
+    if (state) {
+      authUrl.searchParams.set('state', state);
+    }
+
+    return authUrl.toString();
+  }
+
+  /**
+   * Exchange Discord code for access token
+   */
+  async exchangeCodeToToken(code: string): Promise<string> {
+    const oAuthConfigService = OAuthConfigService.getInstance();
+    const config = await oAuthConfigService.getConfigByProvider('discord');
+
+    if (!config) {
+      throw new Error('Discord OAuth not configured');
+    }
+
+    try {
+      logger.info('Exchanging Discord code for token', {
+        hasCode: !!code,
+        clientId: config.clientId?.substring(0, 10) + '...',
+      });
+
+      const clientSecret = await oAuthConfigService.getClientSecretByProvider('discord');
+      const selfBaseUrl = getApiBaseUrl();
+      const response = await axios.post(
+        'https://discord.com/api/oauth2/token',
+        new URLSearchParams({
+          client_id: config.clientId ?? '',
+          client_secret: clientSecret ?? '',
+          code,
+          redirect_uri: `${selfBaseUrl}/api/auth/oauth/discord/callback`,
+          grant_type: 'authorization_code',
+        }).toString(),
+        {
+          headers: {
+            'Content-Type': 'application/x-www-form-urlencoded',
+          },
+        }
+      );
+
+      if (!response.data.access_token) {
+        throw new Error('Failed to get access token from Discord');
+      }
+
+      return response.data.access_token;
+    } catch (error) {
+      if (axios.isAxiosError(error) && error.response) {
+        logger.error('Discord token exchange failed', {
+          status: error.response.status,
+          error: error.response.data,
+        });
+        throw new Error(`Discord OAuth error: ${JSON.stringify(error.response.data)}`);
+      }
+      throw error;
+    }
+  }
+
+  /**
+   * Get Discord user info
+   */
+  async getUserInfo(accessToken: string): Promise<DiscordUserInfo> {
+    try {
+      const response = await axios.get('https://discord.com/api/users/@me', {
+        headers: {
+          Authorization: `Bearer ${accessToken}`,
+        },
+      });
+
+      return {
+        id: response.data.id,
+        username: response.data.global_name || response.data.username,
+        email: response.data.email,
+        avatar: response.data.avatar
+          ? `https://cdn.discordapp.com/avatars/${response.data.id}/${response.data.avatar}.png`
+          : '',
+      };
+    } catch (error) {
+      logger.error('Discord user info retrieval failed:', error);
+      throw new Error(`Failed to get Discord user info: ${error}`);
+    }
+  }
+
+  /**
+   * Handle Discord OAuth callback
+   */
+  async handleCallback(payload: { code?: string; token?: string }): Promise<OAuthUserData> {
+    if (!payload.code) {
+      throw new Error('No authorization code provided');
+    }
+
+    const accessToken = await this.exchangeCodeToToken(payload.code);
+    const discordUserInfo = await this.getUserInfo(accessToken);
+
+    // Transform Discord user info to generic format
+    const userName = discordUserInfo.username;
+    const email = discordUserInfo.email || `${discordUserInfo.id}@users.noreply.discord.local`;
+    return {
+      provider: 'discord',
+      providerId: discordUserInfo.id,
+      email,
+      userName,
+      avatarUrl: discordUserInfo.avatar || '',
+      identityData: discordUserInfo,
+    };
+  }
+
+  /**
+   * Handle shared callback payload transformation
+   */
+  handleSharedCallback(payloadData: Record<string, unknown>): OAuthUserData {
+    const providerId = String(payloadData.providerId ?? '');
+    const username = String(payloadData.username ?? '');
+    const emailField = String(payloadData.email ?? '');
+    const avatar = String(payloadData.avatar ?? '');
+
+    const email = emailField || `${providerId}@users.noreply.discord.local`;
+
+    return {
+      provider: 'discord',
+      providerId,
+      email,
+      userName: username,
+      avatarUrl: avatar,
+      identityData: payloadData,
+    };
+  }
+}

package/backend/src/providers/oauth/facebook.provider.ts

@@ -0,0 +1,194 @@
+import axios from 'axios';
+import logger from '@/utils/logger.js';
+import { getApiBaseUrl } from '@/utils/environment.js';
+import { OAuthConfigService } from '@/services/auth/oauth-config.service.js';
+import { OAuthProvider } from './base.provider.js';
+import type { FacebookUserInfo, OAuthUserData } from '@/types/auth.js';
+
+/**
+ * Facebook OAuth Service
+ * Handles all Facebook OAuth operations including URL generation, token exchange, and user info retrieval
+ */
+export class FacebookOAuthProvider implements OAuthProvider {
+  private static instance: FacebookOAuthProvider;
+
+  private constructor() {
+    // Initialize OAuth helpers if needed
+  }
+
+  public static getInstance(): FacebookOAuthProvider {
+    if (!FacebookOAuthProvider.instance) {
+      FacebookOAuthProvider.instance = new FacebookOAuthProvider();
+    }
+    return FacebookOAuthProvider.instance;
+  }
+
+  /**
+   * Generate Facebook OAuth authorization URL
+   */
+  async generateOAuthUrl(state?: string): Promise<string> {
+    const oAuthConfigService = OAuthConfigService.getInstance();
+    const config = await oAuthConfigService.getConfigByProvider('facebook');
+
+    if (!config) {
+      throw new Error('Facebook OAuth not configured');
+    }
+
+    const selfBaseUrl = getApiBaseUrl();
+
+    if (config?.useSharedKey) {
+      if (!state) {
+        logger.warn('Shared Facebook OAuth called without state parameter');
+        throw new Error('State parameter is required for shared Facebook OAuth');
+      }
+      const cloudBaseUrl = process.env.CLOUD_API_HOST || 'https://api.insforge.dev';
+      const redirectUri = `${selfBaseUrl}/api/auth/oauth/shared/callback/${state}`;
+      const response = await axios.get(
+        `${cloudBaseUrl}/auth/v1/shared/facebook?redirect_uri=${encodeURIComponent(redirectUri)}`,
+        {
+          headers: {
+            'Content-Type': 'application/json',
+          },
+        }
+      );
+      return response.data.auth_url || response.data.url || '';
+    }
+
+    logger.debug('Facebook OAuth Config (fresh from DB):', {
+      clientId: config.clientId ? 'SET' : 'NOT SET',
+    });
+
+    const authUrl = new URL('https://www.facebook.com/v21.0/dialog/oauth');
+    authUrl.searchParams.set('client_id', config.clientId ?? '');
+    authUrl.searchParams.set('redirect_uri', `${selfBaseUrl}/api/auth/oauth/facebook/callback`);
+    authUrl.searchParams.set('response_type', 'code');
+    authUrl.searchParams.set(
+      'scope',
+      config.scopes ? config.scopes.join(',') : 'email,public_profile'
+    );
+    if (state) {
+      authUrl.searchParams.set('state', state);
+    }
+
+    return authUrl.toString();
+  }
+
+  /**
+   * Exchange Facebook code for access token
+   */
+  async exchangeCodeToToken(code: string): Promise<string> {
+    const oAuthConfigService = OAuthConfigService.getInstance();
+    const config = await oAuthConfigService.getConfigByProvider('facebook');
+
+    if (!config) {
+      throw new Error('Facebook OAuth not configured');
+    }
+
+    try {
+      logger.info('Exchanging Facebook code for token', {
+        hasCode: !!code,
+        clientId: config.clientId?.substring(0, 10) + '...',
+      });
+
+      const clientSecret = await oAuthConfigService.getClientSecretByProvider('facebook');
+      const selfBaseUrl = getApiBaseUrl();
+      const response = await axios.get('https://graph.facebook.com/v21.0/oauth/access_token', {
+        params: {
+          client_id: config.clientId,
+          client_secret: clientSecret,
+          code,
+          redirect_uri: `${selfBaseUrl}/api/auth/oauth/facebook/callback`,
+        },
+      });
+
+      if (!response.data.access_token) {
+        throw new Error('Failed to get access token from Facebook');
+      }
+
+      return response.data.access_token;
+    } catch (error) {
+      if (axios.isAxiosError(error) && error.response) {
+        logger.error('Facebook token exchange failed', {
+          status: error.response.status,
+          error: error.response.data,
+        });
+        throw new Error(`Facebook OAuth error: ${JSON.stringify(error.response.data)}`);
+      }
+      throw error;
+    }
+  }
+
+  /**
+   * Get Facebook user info
+   */
+  async getUserInfo(accessToken: string): Promise<FacebookUserInfo> {
+    try {
+      const response = await axios.get('https://graph.facebook.com/v21.0/me', {
+        params: {
+          fields: 'id,email,name,first_name,last_name,picture',
+          access_token: accessToken,
+        },
+      });
+
+      return response.data;
+    } catch (error) {
+      logger.error('Facebook user info retrieval failed:', error);
+      throw new Error(`Failed to get Facebook user info: ${error}`);
+    }
+  }
+
+  /**
+   * Handle Facebook OAuth callback
+   */
+  async handleCallback(payload: { code?: string; token?: string }): Promise<OAuthUserData> {
+    if (!payload.code) {
+      throw new Error('No authorization code provided');
+    }
+
+    const accessToken = await this.exchangeCodeToToken(payload.code);
+    const facebookUserInfo = await this.getUserInfo(accessToken);
+
+    // Transform Facebook user info to generic format
+    const email = facebookUserInfo.email || '';
+    const userName =
+      facebookUserInfo.name ||
+      facebookUserInfo.first_name ||
+      `User${facebookUserInfo.id.substring(0, 6)}`;
+    const avatarUrl = facebookUserInfo.picture?.data?.url || '';
+    return {
+      provider: 'facebook',
+      providerId: facebookUserInfo.id,
+      email,
+      userName,
+      avatarUrl,
+      identityData: facebookUserInfo,
+    };
+  }
+
+  /**
+   * Handle shared callback payload transformation
+   */
+  handleSharedCallback(payloadData: Record<string, unknown>): OAuthUserData {
+    const providerId = String(payloadData.providerId ?? '');
+    const email = String(payloadData.email ?? '');
+    const name = String(payloadData.name ?? '');
+    const firstName = String(payloadData.first_name ?? '');
+    const avatar = String(payloadData.avatar ?? '');
+
+    // Handle nested picture.data.url structure
+    const picture = payloadData.picture as { data?: { url?: string } } | undefined;
+    const pictureUrl = picture?.data?.url ?? '';
+
+    const userName = name || firstName || `User${providerId.substring(0, 6)}`;
+    const avatarUrl = pictureUrl || avatar;
+
+    return {
+      provider: 'facebook',
+      providerId,
+      email,
+      userName,
+      avatarUrl,
+      identityData: payloadData,
+    };
+  }
+}