From 126e5ff57a6a38a1ca41e60d5059c694d6c4c8c5 Mon Sep 17 00:00:00 2001
From: peaklabs-dev <122374094+peaklabs-dev@users.noreply.github.com>
Date: Mon, 6 Jan 2025 20:56:19 +0100
Subject: [PATCH] add debug log

---
 app/Jobs/GithubAppPermissionJob.php | 48 ++++++++++++++++++++++++++++-
 bootstrap/helpers/github.php        | 41 +++++++++++++++++++++++-
 2 files changed, 87 insertions(+), 2 deletions(-)

diff --git a/app/Jobs/GithubAppPermissionJob.php b/app/Jobs/GithubAppPermissionJob.php
index 1ded6f455..89c3daa12 100644
--- a/app/Jobs/GithubAppPermissionJob.php
+++ b/app/Jobs/GithubAppPermissionJob.php
@@ -10,6 +10,7 @@ use Illuminate\Foundation\Bus\Dispatchable;
 use Illuminate\Queue\InteractsWithQueue;
 use Illuminate\Queue\SerializesModels;
 use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Log;
 
 class GithubAppPermissionJob implements ShouldBeEncrypted, ShouldQueue
 {
@@ -26,21 +27,66 @@ class GithubAppPermissionJob implements ShouldBeEncrypted, ShouldQueue
 
     public function handle()
     {
+        Log::debug('Starting GithubAppPermissionJob', [
+            'app_id' => $this->github_app->app_id,
+            'installation_id' => $this->github_app->installation_id,
+            'api_url' => $this->github_app->api_url,
+        ]);
+
         try {
+            Log::debug('Generating GitHub JWT token');
             $github_access_token = generateGithubJwt($this->github_app);
+
+            Log::debug('Fetching app permissions from GitHub API');
             $response = Http::withHeaders([
                 'Authorization' => "Bearer $github_access_token",
-                'Accept' => 'application/vnd.github.machine-man-preview+json',
+                'Accept' => 'application/vnd.github+json',
             ])->get("{$this->github_app->api_url}/app");
+
+            if (! $response->successful()) {
+                Log::error('GitHub API request failed', [
+                    'status_code' => $response->status(),
+                    'error' => $response->body(),
+                    'app_id' => $this->github_app->app_id,
+                ]);
+                throw new \RuntimeException('Failed to fetch GitHub app permissions: '.$response->body());
+            }
+
             $response = $response->json();
             $permissions = data_get($response, 'permissions');
+
+            Log::debug('Retrieved GitHub permissions', [
+                'app_id' => $this->github_app->app_id,
+                'permissions' => $permissions,
+            ]);
+
             $this->github_app->contents = data_get($permissions, 'contents');
             $this->github_app->metadata = data_get($permissions, 'metadata');
             $this->github_app->pull_requests = data_get($permissions, 'pull_requests');
             $this->github_app->administration = data_get($permissions, 'administration');
+
+            Log::debug('Saving updated permissions to database', [
+                'app_id' => $this->github_app->app_id,
+                'contents' => $this->github_app->contents,
+                'metadata' => $this->github_app->metadata,
+                'pull_requests' => $this->github_app->pull_requests,
+                'administration' => $this->github_app->administration,
+            ]);
+
             $this->github_app->save();
             $this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret');
+
+            Log::debug('Successfully completed GithubAppPermissionJob', [
+                'app_id' => $this->github_app->app_id,
+            ]);
+
         } catch (\Throwable $e) {
+            Log::error('GithubAppPermissionJob failed', [
+                'app_id' => $this->github_app->app_id,
+                'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
+            ]);
+
             send_internal_notification('GithubAppPermissionJob failed with: '.$e->getMessage());
             throw $e;
         }
diff --git a/bootstrap/helpers/github.php b/bootstrap/helpers/github.php
index b687c0d68..c544ddcfc 100644
--- a/bootstrap/helpers/github.php
+++ b/bootstrap/helpers/github.php
@@ -5,6 +5,7 @@ use App\Models\GitlabApp;
 use Carbon\Carbon;
 use Carbon\CarbonImmutable;
 use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Str;
 use Lcobucci\JWT\Encoding\ChainedFormatter;
 use Lcobucci\JWT\Encoding\JoseEncoder;
@@ -14,12 +15,29 @@ use Lcobucci\JWT\Token\Builder;
 
 function generateGithubToken(GithubApp $source, string $type)
 {
+    Log::debug('Generating GitHub token', [
+        'app_id' => $source->app_id,
+        'type' => $type,
+        'api_url' => $source->api_url,
+    ]);
+
     $response = Http::get("{$source->api_url}/zen");
     $serverTime = CarbonImmutable::now()->setTimezone('UTC');
     $githubTime = Carbon::parse($response->header('date'));
     $timeDiff = abs($serverTime->diffInSeconds($githubTime));
 
+    Log::debug('Time synchronization check', [
+        'server_time' => $serverTime->format('Y-m-d H:i:s'),
+        'github_time' => $githubTime->format('Y-m-d H:i:s'),
+        'difference_seconds' => $timeDiff,
+    ]);
+
     if ($timeDiff > 50) {
+        Log::error('System time out of sync with GitHub', [
+            'time_difference' => $timeDiff,
+            'server_time' => $serverTime->format('Y-m-d H:i:s'),
+            'github_time' => $githubTime->format('Y-m-d H:i:s'),
+        ]);
         throw new \Exception(
             'System time is out of sync with GitHub API time:<br>'.
             '- System time: '.$serverTime->format('Y-m-d H:i:s').' UTC<br>'.
@@ -41,18 +59,39 @@ function generateGithubToken(GithubApp $source, string $type)
         ->getToken($algorithm, $signingKey)
         ->toString();
 
+    Log::debug('JWT token generated', [
+        'token_type' => $type,
+        'issued_at' => $now->modify('-1 minute')->format('Y-m-d H:i:s'),
+        'expires_at' => $now->modify('+8 minutes')->format('Y-m-d H:i:s'),
+    ]);
+
     return match ($type) {
         'jwt' => $jwt,
         'installation' => (function () use ($source, $jwt) {
+            Log::debug('Requesting installation token', [
+                'app_id' => $source->app_id,
+                'installation_id' => $source->installation_id,
+            ]);
+
             $response = Http::withHeaders([
                 'Authorization' => "Bearer $jwt",
                 'Accept' => 'application/vnd.github.machine-man-preview+json',
             ])->post("{$source->api_url}/app/installations/{$source->installation_id}/access_tokens");
 
             if (! $response->successful()) {
-                throw new RuntimeException("Failed to get installation token for {$source->name} with error: ".data_get($response->json(), 'message', 'no error message found'));
+                $error = data_get($response->json(), 'message', 'no error message found');
+                Log::error('Failed to get installation token', [
+                    'status_code' => $response->status(),
+                    'error_message' => $error,
+                    'app_id' => $source->app_id,
+                ]);
+                throw new RuntimeException("Failed to get installation token for {$source->name} with error: ".$error);
             }
 
+            Log::debug('Successfully obtained installation token', [
+                'app_id' => $source->app_id,
+            ]);
+
             return $response->json()['token'];
         })(),
         default => throw new \InvalidArgumentException("Unsupported token type: {$type}")