klothoplatform · Feb 24, 2023 · Feb 23, 2023 · Feb 24, 2023 · gordon-klotho · Feb 24, 2023
diff --git a/cmd/klotho/main.go b/cmd/klotho/main.go
@@ -27,9 +27,9 @@ func (local *LocalAuth) SetUpCliFlags(flags *pflag.FlagSet) {
 	flags.BoolVar((*bool)(local), "local", bool(*local), "If provided, runs Klotho with a local login (that is, not requiring an authenticated login)")
 }
 
-func (local *LocalAuth) Authorize() (*auth.KlothoClaims, error) {
+func (local *LocalAuth) Authorize() (auth.LoginInfo, error) {
 	if !*local {
 		return auth.Authorize()
 	}
-	return nil, nil
+	return auth.LoginInfo{Authorizer: "local"}, nil
 }
diff --git a/pkg/analytics/client.go b/pkg/analytics/client.go
@@ -63,10 +63,14 @@ func NewClient() *Client {
 	return client
 }
 
-func (t *Client) AttachAuthorizations(claims *auth.KlothoClaims) {
+func (t *Client) AttachAuthorizations(loginInfo auth.LoginInfo) {
 	t.universalProperties["localId"] = t.userId
-	t.userId = claims.Email
-	t.universalProperties["validated"] = claims.EmailVerified
+
+	if loginInfo.Email != "" {
+		t.userId = loginInfo.Email
+		t.universalProperties["validated"] = loginInfo.EmailVerified
+	}
+	t.universalProperties["loginMethod"] = loginInfo.Authorizer
 }
 
 func (t *Client) Info(event string) {

diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go
@@ -37,7 +37,7 @@ type LoginResponse struct {
 
 type Auth0Authorizer struct{}
 
-func (s Auth0Authorizer) Authorize() (*KlothoClaims, error) {
+func (s Auth0Authorizer) Authorize() (LoginInfo, error) {
 	return Authorize()
 }
 
@@ -154,7 +154,7 @@ func CallRefreshToken(token string) error {
 	return nil
 }
 
-type KlothoClaims struct {
+type klothoClaims struct {
 	ProEnabled    bool
 	ProTier       int
 	Email         string `json:"email"`
@@ -163,11 +163,25 @@ type KlothoClaims struct {
 	jwt.RegisteredClaims
 }
 
-func Authorize() (*KlothoClaims, error) {
-	return authorize(false)
+type LoginInfo struct {
+	Authorizer    string
+	Email         string
+	EmailVerified bool
 }
 
-func authorize(tokenRefreshed bool) (*KlothoClaims, error) {
+func Authorize() (LoginInfo, error) {
+	claims, err := authorize(false)
+	loginInfo := LoginInfo{
+		Authorizer: "auth0",
+	}
+	if claims != nil {
+		loginInfo.Email = claims.Email
+		loginInfo.EmailVerified = claims.EmailVerified
+	}
+	return loginInfo, err
+}
+
+func authorize(tokenRefreshed bool) (*klothoClaims, error) {
 	creds, claims, err := getClaims()
 	if err != nil {
 		return nil, err
@@ -203,18 +217,18 @@ func authorize(tokenRefreshed bool) (*KlothoClaims, error) {
 	return claims, nil
 }
 
-func getClaims() (*Credentials, *KlothoClaims, error) {
+func getClaims() (*Credentials, *klothoClaims, error) {
 	creds, err := GetIDToken()
 	if err != nil {
 		return nil, nil, err
 	}
-	token, err := jwt.ParseWithClaims(creds.IdToken, &KlothoClaims{}, func(token *jwt.Token) (interface{}, error) {
+	token, err := jwt.ParseWithClaims(creds.IdToken, &klothoClaims{}, func(token *jwt.Token) (interface{}, error) {
 		return getPem()
 	})
 	if err != nil {
 		return nil, nil, err
 	}
-	if claims, ok := token.Claims.(*KlothoClaims); ok {
+	if claims, ok := token.Claims.(*klothoClaims); ok {
 		return creds, claims, nil
 	} else {
 		return nil, nil, err

diff --git a/pkg/cli/klothomain.go b/pkg/cli/klothomain.go
@@ -37,11 +37,11 @@ type KlothoMain struct {
 }
 type Authorizer interface {
 
-	// Authorize tries to authorize the user. The KlothoClaims it returns may be nil, even if the authentication
-	// succeeds. Conversely, if the KlothoClaims is non-nil, it is valid even if the error is also non-nil; you can use
+	// Authorize tries to authorize the user. The klothoClaims it returns may be nil, even if the authentication
-	// Authorize tries to authorize the user. The klothoClaims it returns may be nil, even if the authentication
+	// Authorize tries to authorize the user. The `LoginInfo` it returns may be nil, even if the authentication
-	// Authorize tries to authorize the user. The klothoClaims it returns may be nil, even if the authentication
+	// Authorize tries to authorize the user. The `LoginInfo` it returns may be nil, even if the authentication
+	// succeeds. Conversely, if the klothoClaims is non-nil, it is valid even if the error is also non-nil; you can use
 	// those claims provisionally (and specifically, in analytics) even if the error is non-nil, indicating failed
 	// authentication.
-	Authorize() (*auth.KlothoClaims, error)
+	Authorize() (auth.LoginInfo, error)
 }
 
 type FlagsProvider interface {
@@ -314,9 +314,7 @@ func (km KlothoMain) run(cmd *cobra.Command, args []string) (err error) {
 
 	// Needs to go after the --version and --update checks
 	claims, err := km.Authorizer.Authorize()
-	if claims != nil {
-		analyticsClient.AttachAuthorizations(claims)
-	}
+	analyticsClient.AttachAuthorizations(claims)
 	if err != nil {
 		if errors.Is(err, auth.ErrNoCredentialsFile) {
 			return errors.New(`Failed to get credentials for user. Please run "klotho --login"`)