feat: implement consent-aware Sentry error monitoring

Author: hemanandr

ThingConnect.Pulse.Server/Program.cs

@@ -40,6 +40,9 @@ public static async Task Main(string[] args)
             // Use Serilog as the logging provider
             builder.Host.UseSerilog();
 
+            // NOTE: Sentry initialization removed - will be initialized conditionally
+            // based on user consent in the ConsentAwareSentryService
+
             // Configure Windows Service hosting
             builder.Host.UseWindowsService();
 
@@ -132,6 +135,9 @@ public static async Task Main(string[] args)
             // Add path service
             builder.Services.AddSingleton<IPathService, PathService>();
 
+            // Add consent-aware Sentry service
+            builder.Services.AddSingleton<IConsentAwareSentryService, ConsentAwareSentryService>();
+
 
             // Add configuration services
             builder.Services.AddScoped<ConfigurationParser>(serviceProvider =>
@@ -208,6 +214,14 @@ public static async Task Main(string[] args)
                 Log.Information("Sample configuration initialization completed");
             }
 
+            // Initialize Sentry based on user consent
+            using (IServiceScope scope = app.Services.CreateScope())
+            {
+                IConsentAwareSentryService sentryService = scope.ServiceProvider.GetRequiredService<IConsentAwareSentryService>();
+                await sentryService.InitializeIfConsentedAsync();
+                Log.Information("Consent-aware Sentry initialization completed");
+            }
+
             app.UseDefaultFiles();
             app.UseStaticFiles();
 

ThingConnect.Pulse.Server/Services/ConsentAwareSentryService.cs

@@ -0,0 +1,82 @@
+using Sentry;
+
+namespace ThingConnect.Pulse.Server.Services;
+
+public interface IConsentAwareSentryService
+{
+    Task InitializeIfConsentedAsync();
+    void CaptureException(Exception exception);
+    void CaptureMessage(string message, SentryLevel level = SentryLevel.Info);
+}
+
+public class ConsentAwareSentryService : IConsentAwareSentryService
+{
+    private readonly IServiceProvider _serviceProvider;
+    private readonly ILogger<ConsentAwareSentryService> _logger;
+    private bool _sentryInitialized = false;
+    private bool _consentChecked = false;
+
+    public ConsentAwareSentryService(IServiceProvider serviceProvider, ILogger<ConsentAwareSentryService> logger)
+    {
+        _serviceProvider = serviceProvider;
+        _logger = logger;
+    }
+
+    public async Task InitializeIfConsentedAsync()
+    {
+        if (_consentChecked) return;
+
+        try
+        {
+            using var scope = _serviceProvider.CreateScope();
+            var settingsService = scope.ServiceProvider.GetRequiredService<ISettingsService>();
+            
+            // Check if user has consented to error diagnostics
+            string? errorDiagnosticsConsent = await settingsService.GetAsync("telemetry_error_diagnostics");
+            bool hasErrorDiagnosticsConsent = bool.TryParse(errorDiagnosticsConsent, out bool errorValue) && errorValue;
+
+            _consentChecked = true;
+
+            if (hasErrorDiagnosticsConsent && !_sentryInitialized)
+            {
+                SentrySdk.Init(options =>
+                {
+                    options.Dsn = "https://[email protected]/4510000957882368";
+                    // Privacy-first configuration: no PII data collection
+                    options.SendDefaultPii = false;
+                    // Disable debug mode for production privacy
+                    options.Debug = false;
+                    // Note: Additional PII filtering would be done here if needed
+                    // but SendDefaultPii = false already handles most privacy concerns
+                });
+
+                _sentryInitialized = true;
+                _logger.LogInformation("Sentry initialized with user consent for error diagnostics");
+            }
+            else
+            {
+                _logger.LogInformation("Sentry not initialized - no user consent for error diagnostics");
+            }
+        }
+        catch (Exception ex)
+        {
+            _logger.LogWarning(ex, "Failed to check telemetry consent for Sentry initialization");
+        }
+    }
+
+    public void CaptureException(Exception exception)
+    {
+        if (_sentryInitialized)
+        {
+            SentrySdk.CaptureException(exception);
+        }
+    }
+
+    public void CaptureMessage(string message, SentryLevel level = SentryLevel.Info)
+    {
+        if (_sentryInitialized)
+        {
+            SentrySdk.CaptureMessage(message, level);
+        }
+    }
+}

ThingConnect.Pulse.Server/ThingConnect.Pulse.Server.csproj

@@ -23,6 +23,8 @@
     <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="8.0.0" />
     <PackageReference Include="Microsoft.Extensions.Hosting.WindowsServices" Version="9.0.8" />
     <PackageReference Include="NJsonSchema" Version="11.4.0" />
+    <PackageReference Include="Sentry" Version="5.15.0" />
+    <PackageReference Include="Sentry.AspNetCore" Version="5.15.0" />
     <PackageReference Include="Serilog.AspNetCore" Version="9.0.0" />
     <PackageReference Include="Serilog.Sinks.File" Version="7.0.0" />
     <PackageReference Include="Serilog.Enrichers.Environment" Version="3.0.1" />

thingconnect.pulse.client/package.json

@@ -16,6 +16,7 @@
     "@emotion/react": "^11.14.0",
     "@hookform/resolvers": "^5.2.1",
     "@monaco-editor/react": "^4.7.0",
+    "@sentry/react": "^10.11.0",
     "@tanstack/react-query": "^5.84.2",
     "axios": "^1.11.0",
     "date-fns": "^4.1.0",

thingconnect.pulse.client/src/features/auth/context/AuthContext.tsx

@@ -6,6 +6,7 @@ import {
   type LoginRequest,
   type RegisterRequest,
 } from '../services/authService';
+import { useSentryConsentInit } from '../../../hooks/useSentryConsentInit';
 
 interface AuthContextType {
   user: UserInfo | null;
@@ -31,6 +32,9 @@ export function AuthProvider({ children }: AuthProviderProps) {
 
   const isAuthenticated = user !== null;
 
+  // Initialize Sentry based on user consent when authenticated
+  useSentryConsentInit(isAuthenticated);
+
   const checkSession = async () => {
     try {
       setIsLoading(true);

thingconnect.pulse.client/src/hooks/useSentryConsentInit.ts

@@ -0,0 +1,59 @@
+import { useEffect, useState } from 'react';
+import * as Sentry from "@sentry/react";
+
+let sentryInitialized = false;
+
+export function useSentryConsentInit(isAuthenticated: boolean) {
+  const [initializationAttempted, setInitializationAttempted] = useState(false);
+
+  useEffect(() => {
+    const initializeSentryIfConsented = async () => {
+      // Only attempt initialization once and when user is authenticated
+      if (!isAuthenticated || initializationAttempted || sentryInitialized) {
+        return;
+      }
+
+      setInitializationAttempted(true);
+
+      try {
+        // Check if user has consented to error diagnostics
+        const consentResponse = await fetch('/api/auth/telemetry-consent', {
+          credentials: 'include' // Include cookies for authentication
+        });
+        
+        if (consentResponse.ok) {
+          const consent = await consentResponse.json() as { errorDiagnostics: boolean; usageAnalytics: boolean };
+          
+          if (consent.errorDiagnostics) {
+            Sentry.init({
+              dsn: "https://[email protected]/4510005218443264",
+              // Privacy-first configuration: no PII data collection
+              sendDefaultPii: false,
+              beforeSend(event) {
+                // Additional privacy filtering - remove any potential PII
+                if (event.user) {
+                  delete event.user.ip_address;
+                  delete event.user.email;
+                }
+                return event;
+              }
+            });
+            
+            sentryInitialized = true;
+            console.log('Sentry initialized with user consent for error diagnostics');
+          } else {
+            console.log('Sentry not initialized - user has not consented to error diagnostics');
+          }
+        } else {
+          console.log('Sentry not initialized - could not verify consent');
+        }
+      } catch (error) {
+        console.log('Sentry initialization skipped - consent verification failed:', error);
+      }
+    };
+
+    void initializeSentryIfConsented();
+  }, [isAuthenticated, initializationAttempted]);
+
+  return { sentryInitialized };
+}

thingconnect.pulse.client/src/main.tsx

@@ -5,6 +5,9 @@ import { StrictMode } from 'react';
 import { createRoot } from 'react-dom/client';
 import App from './App.tsx';
 
+// NOTE: Sentry initialization moved to useSentryConsentInit hook
+// This ensures Sentry is only initialized after authentication and with explicit consent
+
 createRoot(document.getElementById('root')!).render(
   <StrictMode>
     <QueryProvider>