From b9403b1720756d65a431767c2ac02c3efd49b4d3 Mon Sep 17 00:00:00 2001
From: CREDO23 <bakerathierry@gmail.com>
Date: Fri, 22 May 2026 18:40:06 +0200
Subject: [PATCH] feat(desktop): emit PostHog events for OAuth redirect
 intercept and miss
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Adds two diagnostic events to surface OAuth-redirect failures we can't
reproduce on Linux:

- desktop_oauth_redirect_intercepted fires from inside onBeforeRequest
  with the original host, path, and target port — confirms the rewrite
  actually ran.
- desktop_oauth_redirect_missed fires from a read-only onCompleted
  listener when a /dashboard/*/connectors/callback URL lands off-localhost,
  meaning the rewrite filter didn't catch it. This is the smoking-gun
  event for "connector OAuth dies on mac/win" reports.

Read-only; no behavior change.
---
 surfsense_desktop/src/modules/window.ts | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/surfsense_desktop/src/modules/window.ts b/surfsense_desktop/src/modules/window.ts
index 8d60e05f5..003241ef3 100644
--- a/surfsense_desktop/src/modules/window.ts
+++ b/surfsense_desktop/src/modules/window.ts
@@ -83,8 +83,14 @@ export function createMainWindow(initialPath = '/dashboard'): BrowserWindow {
     session.defaultSession.webRequest.onBeforeRequest(rewriteFilter, (details, callback) => {
       try {
         const u = new URL(details.url);
+        const originalHost = u.host;
         u.protocol = 'http:';
         u.host = `localhost:${getServerPort()}`;
+        trackEvent('desktop_oauth_redirect_intercepted', {
+          host: originalHost,
+          path: u.pathname,
+          rewritten_to_port: getServerPort(),
+        });
         callback({ redirectURL: u.toString() });
       } catch {
         callback({});
@@ -92,6 +98,25 @@ export function createMainWindow(initialPath = '/dashboard'): BrowserWindow {
     });
   }
 
+  // Diagnostic: connector callback landing somewhere other than localhost
+  // means the rewrite missed and the user is stranded off-app.
+  session.defaultSession.webRequest.onCompleted(
+    { urls: ['*://*/dashboard/*/connectors/callback*'] },
+    (details) => {
+      try {
+        const u = new URL(details.url);
+        if (u.hostname === 'localhost' || u.hostname === '127.0.0.1') return;
+        trackEvent('desktop_oauth_redirect_missed', {
+          host: u.host,
+          path: u.pathname,
+          status_code: details.statusCode,
+        });
+      } catch {
+        // ignore malformed URLs
+      }
+    }
+  );
+
   mainWindow.webContents.on('did-fail-load', (_event, errorCode, errorDescription, validatedURL) => {
     console.error(`Failed to load ${validatedURL}: ${errorDescription} (${errorCode})`);
     if (errorCode === -3) return;