From 38e877c318aec2428b04738ec4d99e8a75baedfd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20K=C3=B6ssler?= <info@timokoessler.de>
Date: Mon, 27 Jan 2025 15:08:07 +0100
Subject: [PATCH] Show connection failures on startup (#510)

* Add always visible logs on core connection errors

* Also print dns / internet connection errors

* Add Aikido to log

* Update library/agent/Agent.ts

Co-authored-by: Hans Ott <hansott@hotmail.be>

* Extract checkForReportingAPIError

* Simplify

* Remove some logs again

* Minimize changes even more

---------

Co-authored-by: Hans Ott <hansott@hotmail.be>
---
 library/agent/Agent.test.ts            |  1 -
 library/agent/Agent.ts                 | 28 +++++++++++++++++++-------
 library/agent/api/fetchBlockedLists.ts |  5 +++++
 3 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/library/agent/Agent.test.ts b/library/agent/Agent.test.ts
index 9e1c81f8e..358b9fc6b 100644
--- a/library/agent/Agent.test.ts
+++ b/library/agent/Agent.test.ts
@@ -666,7 +666,6 @@ t.test("it logs when failed to report event", async () => {
   t.same(logger.getMessages(), [
     "Starting agent...",
     "Found token, reporting enabled!",
-    "Failed to start agent",
     "Heartbeat...",
     "Failed to do heartbeat",
     "Failed to report attack",
diff --git a/library/agent/Agent.ts b/library/agent/Agent.ts
index 7041fba3a..99ec82aae 100644
--- a/library/agent/Agent.ts
+++ b/library/agent/Agent.ts
@@ -1,4 +1,4 @@
-/* eslint-disable max-lines-per-function */
+/* eslint-disable max-lines-per-function, no-console */
 import { hostname, platform, release } from "os";
 import { convertRequestBodyToString } from "../helpers/convertRequestBodyToString";
 import { getAgentVersion } from "../helpers/getAgentVersion";
@@ -113,12 +113,27 @@ export class Agent {
         this.timeoutInMS
       );
 
+      this.checkForReportingAPIError(result);
       this.updateServiceConfig(result);
 
       await this.updateBlockedLists();
     }
   }
 
+  checkForReportingAPIError(result: ReportingAPIResponse) {
+    if (!result.success) {
+      if (result.error === "invalid_token") {
+        console.error(
+          "Aikido: We were unable to connect to the Aikido platform. Please verify that your token is correct."
+        );
+      } else {
+        console.error(
+          `Aikido: Failed to connect to the Aikido platform: ${result.error}`
+        );
+      }
+    }
+  }
+
   onErrorThrownByInterceptor({
     error,
     module,
@@ -193,7 +208,7 @@ export class Agent {
     this.attackLogger.log(attack);
 
     if (this.token) {
-      this.api.report(this.token, attack, this.timeoutInMS).catch(() => {
+      this.api.report(this.token, attack, this.timeoutInMS).catch((err) => {
         this.logger.log("Failed to report attack");
       });
     }
@@ -203,7 +218,7 @@ export class Agent {
    * Sends a heartbeat via the API to the server (only when not in serverless mode)
    */
   private heartbeat(timeoutInMS = this.timeoutInMS) {
-    this.sendHeartbeat(timeoutInMS).catch(() => {
+    this.sendHeartbeat(timeoutInMS).catch((err) => {
       this.logger.log("Failed to do heartbeat");
     });
   }
@@ -354,7 +369,7 @@ export class Agent {
       this.serviceConfig.updateBlockedIPAddresses(blockedIPAddresses);
       this.serviceConfig.updateBlockedUserAgents(blockedUserAgents);
     } catch (error: any) {
-      this.logger.log(`Failed to update blocked lists: ${error.message}`);
+      console.error(`Aikido: Failed to update blocked lists: ${error.message}`);
     }
   }
 
@@ -432,7 +447,6 @@ export class Agent {
       this.logger.log("No token provided, disabling reporting.");
 
       if (!this.block && !isAikidoCI()) {
-        // eslint-disable-next-line no-console
         console.log(
           "AIKIDO: Running in monitoring only mode without reporting to Aikido Cloud. Set AIKIDO_BLOCK=true to enable blocking."
         );
@@ -448,8 +462,8 @@ export class Agent {
         this.startHeartbeats();
         this.startPollingForConfigChanges();
       })
-      .catch(() => {
-        this.logger.log("Failed to start agent");
+      .catch((err) => {
+        console.error(`Aikido: Failed to start agent: ${err.message}`);
       });
   }
 
diff --git a/library/agent/api/fetchBlockedLists.ts b/library/agent/api/fetchBlockedLists.ts
index 73fcfd390..3e2db2719 100644
--- a/library/agent/api/fetchBlockedLists.ts
+++ b/library/agent/api/fetchBlockedLists.ts
@@ -25,6 +25,11 @@ export async function fetchBlockedLists(token: Token): Promise<{
   });
 
   if (statusCode !== 200) {
+    if (statusCode === 401) {
+      throw new Error(
+        `Unable to access the Aikido platform, please check your token.`
+      );
+    }
     throw new Error(`Failed to fetch blocked lists: ${statusCode}`);
   }