feat(registry): add declarative protocol routing and request-scoped storage hook context across registries

2026-04-16 10:42:33 +00:00
parent 09335d41f3
commit 9643ef98b9
28 changed files with 2327 additions and 1919 deletions
@@ -40,18 +40,7 @@ export class PypiRegistry extends BaseRegistry {
    this.registryUrl = registryUrl;
    this.upstreamProvider = upstreamProvider || null;

-    // Initialize logger
-    this.logger = new Smartlog({
-      logContext: {
-        company: 'push.rocks',
-        companyunit: 'smartregistry',
-        containerName: 'pypi-registry',
-        environment: (process.env.NODE_ENV as any) || 'development',
-        runtime: 'node',
-        zone: 'pypi'
-      }
-    });
-    this.logger.enableConsole();
+    this.logger = this.createProtocolLogger('pypi-registry', 'pypi');
  }

  /**
@@ -106,66 +95,62 @@ export class PypiRegistry extends BaseRegistry {
    // Extract token (Basic Auth or Bearer)
    const token = await this.extractToken(context);

-    // Build actor from context and validated token
-    const actor: IRequestActor = {
-      ...context.actor,
-      userId: token?.userId,
-      ip: context.headers['x-forwarded-for'] || context.headers['X-Forwarded-For'],
-      userAgent: context.headers['user-agent'] || context.headers['User-Agent'],
-    };
+    const actor: IRequestActor = this.buildRequestActor(context, token);

-    // Also handle /simple path prefix
-    if (path.startsWith('/simple')) {
-      path = path.replace('/simple', '');
-      return this.handleSimpleRequest(path, context, actor);
-    }
+    return this.storage.withContext({ protocol: 'pypi', actor }, async () => {
+      // Also handle /simple path prefix
+      if (path.startsWith('/simple')) {
+        path = path.replace('/simple', '');
+        return this.handleSimpleRequest(path, context, actor);
+      }

-    this.logger.log('debug', `handleRequest: ${context.method} ${path}`, {
-      method: context.method,
-      path,
-      hasAuth: !!token
+      this.logger.log('debug', `handleRequest: ${context.method} ${path}`, {
+        method: context.method,
+        path,
+        hasAuth: !!token
+      });
+
+      // Root upload endpoint (POST /)
+      if ((path === '/' || path === '') && context.method === 'POST') {
+        return this.handleUpload(context, token);
+      }
+
+      // Package metadata JSON API: GET /{package}/json
+      const jsonMatch = path.match(/^\/([^\/]+)\/json$/);
+      if (jsonMatch && context.method === 'GET') {
+        return this.handlePackageJson(jsonMatch[1]);
+      }
+
+      // Version-specific JSON API: GET /{package}/{version}/json
+      const versionJsonMatch = path.match(/^\/([^\/]+)\/([^\/]+)\/json$/);
+      if (versionJsonMatch && context.method === 'GET') {
+        return this.handleVersionJson(versionJsonMatch[1], versionJsonMatch[2]);
+      }
+
+      // Package file download: GET /packages/{package}/{filename}
+      const downloadMatch = path.match(/^\/packages\/([^\/]+)\/(.+)$/);
+      if (downloadMatch && context.method === 'GET') {
+        return this.handleDownload(downloadMatch[1], downloadMatch[2], actor);
+      }
+
+      // Delete package: DELETE /packages/{package}
+      if (path.match(/^\/packages\/([^\/]+)$/) && context.method === 'DELETE') {
+        const packageName = path.match(/^\/packages\/([^\/]+)$/)?.[1];
+        return this.handleDeletePackage(packageName!, token);
+      }
+
+      // Delete version: DELETE /packages/{package}/{version}
+      const deleteVersionMatch = path.match(/^\/packages\/([^\/]+)\/([^\/]+)$/);
+      if (deleteVersionMatch && context.method === 'DELETE') {
+        return this.handleDeleteVersion(deleteVersionMatch[1], deleteVersionMatch[2], token);
+      }
+
+      return {
+        status: 404,
+        headers: { 'Content-Type': 'application/json' },
+        body: { error: 'Not Found' },
+      };
    });
-
-    // Root upload endpoint (POST /)
-    if ((path === '/' || path === '') && context.method === 'POST') {
-      return this.handleUpload(context, token);
-    }
-
-    // Package metadata JSON API: GET /{package}/json
-    const jsonMatch = path.match(/^\/([^\/]+)\/json$/);
-    if (jsonMatch && context.method === 'GET') {
-      return this.handlePackageJson(jsonMatch[1]);
-    }
-
-    // Version-specific JSON API: GET /{package}/{version}/json
-    const versionJsonMatch = path.match(/^\/([^\/]+)\/([^\/]+)\/json$/);
-    if (versionJsonMatch && context.method === 'GET') {
-      return this.handleVersionJson(versionJsonMatch[1], versionJsonMatch[2]);
-    }
-
-    // Package file download: GET /packages/{package}/{filename}
-    const downloadMatch = path.match(/^\/packages\/([^\/]+)\/(.+)$/);
-    if (downloadMatch && context.method === 'GET') {
-      return this.handleDownload(downloadMatch[1], downloadMatch[2], actor);
-    }
-
-    // Delete package: DELETE /packages/{package}
-    if (path.match(/^\/packages\/([^\/]+)$/) && context.method === 'DELETE') {
-      const packageName = path.match(/^\/packages\/([^\/]+)$/)?.[1];
-      return this.handleDeletePackage(packageName!, token);
-    }
-
-    // Delete version: DELETE /packages/{package}/{version}
-    const deleteVersionMatch = path.match(/^\/packages\/([^\/]+)\/([^\/]+)$/);
-    if (deleteVersionMatch && context.method === 'DELETE') {
-      return this.handleDeleteVersion(deleteVersionMatch[1], deleteVersionMatch[2], token);
-    }
-
-    return {
-      status: 404,
-      headers: { 'Content-Type': 'application/json' },
-      body: { error: 'Not Found' },
-    };
  }

  /**
@@ -358,14 +343,13 @@ export class PypiRegistry extends BaseRegistry {
   * Extract authentication token from request
   */
  private async extractToken(context: IRequestContext): Promise<IAuthToken | null> {
-    const authHeader = context.headers['authorization'] || context.headers['Authorization'];
+    const authHeader = this.getAuthorizationHeader(context);
    if (!authHeader) return null;

    // Handle Basic Auth (username:password or __token__:token)
-    if (authHeader.startsWith('Basic ')) {
-      const base64 = authHeader.substring(6);
-      const decoded = Buffer.from(base64, 'base64').toString('utf-8');
-      const [username, password] = decoded.split(':');
+    const basicCredentials = this.parseBasicAuthHeader(authHeader);
+    if (basicCredentials) {
+      const { username, password } = basicCredentials;

      // PyPI token authentication: username = __token__
      if (username === '__token__') {
@@ -378,8 +362,8 @@ export class PypiRegistry extends BaseRegistry {
    }

    // Handle Bearer token
-    if (authHeader.startsWith('Bearer ')) {
-      const token = authHeader.substring(7);
+    const token = this.extractBearerToken(authHeader);
+    if (token) {
      return this.authManager.validateToken(token, 'pypi');
    }