@nest-omni/core 4.1.3-3 → 4.1.3-31

package/http-client/utils/context-extractor.util.d.ts

@@ -29,6 +29,8 @@ export declare class ContextExtractor {
     static getClientIp(): string | undefined;
     /**
      * 获取用户代理
+     * 注意：当前 ContextProvider 不存储 userAgent 信息
+     * 如需使用此功能，需要扩展 ContextProvider 或从请求头中获取
      */
     static getUserAgent(): string | undefined;
     /**

package/http-client/utils/context-extractor.util.js

@@ -13,8 +13,17 @@ class ContextExtractor {
     static getHttpContext() {
         try {
             const requestId = providers_1.ContextProvider.getRequestId();
-            const authUser = providers_1.ContextProvider.getAuthUser();
+            // 使用安全的方式获取 authUser，避免抛出异常
+            let authUser = undefined;
+            try {
+                authUser = providers_1.ContextProvider.getAuthUser();
+            }
+            catch (_a) {
+                // 在测试/CLI环境中可能没有用户上下文
+                authUser = undefined;
+            }
             const router = providers_1.ContextProvider.getRouter();
+            const source = providers_1.ContextProvider.getSource();
             return {
                 requestId,
                 userId: authUser === null || authUser === void 0 ? void 0 : authUser.uid,
@@ -23,11 +32,12 @@ class ContextExtractor {
                 metadata: {
                     authUser,
                     router,
+                    source, // 添加 source 字段
                 },
                 tags: [],
             };
         }
-        catch (_a) {
+        catch (_b) {
             // If no context is available, return empty context
             return {
                 tags: [],
@@ -71,11 +81,15 @@ class ContextExtractor {
     }
     /**
      * 获取用户代理
+     * 注意：当前 ContextProvider 不存储 userAgent 信息
+     * 如需使用此功能，需要扩展 ContextProvider 或从请求头中获取
      */
     static getUserAgent() {
         try {
             const router = providers_1.ContextProvider.getRouter();
-            return undefined;
+            // TODO: userAgent 需要从请求头中获取，当前 router 对象不包含此字段
+            // 可以考虑扩展 ContextProvider 来存储完整的请求信息
+            return router === null || router === void 0 ? void 0 : router.userAgent;
         }
         catch (_a) {
             return undefined;

package/http-client/utils/curl-generator.util.js

@@ -137,13 +137,10 @@ class CurlGenerator {
                 config.url = urlMatch[1];
             }
             // 提取头信息
-            const headerMatches = curlCommand.match(/-H\s+'([^:]+):\s*([^']+)'/g) || [];
+            const headerMatches = Array.from(curlCommand.matchAll(/-H\s+'([^:]+):\s*([^']+)'/g));
             config.headers = {};
             headerMatches.forEach((header) => {
-                const headerMatch = header.match(/-H\s+'([^:]+):\s*([^']+)'/);
-                if (headerMatch) {
-                    config.headers[headerMatch[1]] = headerMatch[2];
-                }
+                config.headers[header[1]] = header[2];
             });
             // 提取数据
             const dataMatch = curlCommand.match(/-d\s+'([^']+)'/);

package/http-client/utils/index.d.ts

@@ -2,3 +2,5 @@ export * from './curl-generator.util';
 export * from './retry-recorder.util';
 export * from './context-extractor.util';
 export * from './call-stack-extractor.util';
+export * from './proxy-environment.util';
+export * from './sanitize.util';

package/http-client/utils/index.js

@@ -18,3 +18,5 @@ __exportStar(require("./curl-generator.util"), exports);
 __exportStar(require("./retry-recorder.util"), exports);
 __exportStar(require("./context-extractor.util"), exports);
 __exportStar(require("./call-stack-extractor.util"), exports);
+__exportStar(require("./proxy-environment.util"), exports);
+__exportStar(require("./sanitize.util"), exports);

package/http-client/utils/proxy-environment.util.d.ts

@@ -0,0 +1,42 @@
+import { ProxyConfig } from '../interfaces/http-client-config.interface';
+/**
+ * 代理环境变量解析工具
+ * 支持标准的代理环境变量：HTTP_PROXY, HTTPS_PROXY, NO_PROXY
+ */
+export declare class ProxyEnvironmentParser {
+    private static readonly logger;
+    /**
+     * 从环境变量解析代理配置
+     * @param protocol 请求协议 (http 或 https)
+     * @param targetUrl 目标 URL（用于检查 NO_PROXY）
+     * @returns 解析后的代理配置，如果不应使用代理则返回 false
+     */
+    static parseFromEnvironment(protocol?: 'http' | 'https', targetUrl?: string): false | Required<Omit<ProxyConfig, 'enabled' | 'fromEnvironment'>>;
+    /**
+     * 获取所有代理相关的环境变量
+     */
+    static getProxyEnvironmentVariables(): {
+        HTTP_PROXY?: string;
+        HTTPS_PROXY?: string;
+        NO_PROXY?: string;
+    };
+    /**
+     * 检查是否设置了代理环境变量
+     */
+    static hasProxyEnvironment(): boolean;
+    /**
+     * 解析代理 URL
+     * 支持格式: http://proxy:port, http://user:pass@proxy:port
+     */
+    private static parseProxyUrl;
+    /**
+     * 检查是否应该绕过代理
+     * 基于 NO_PROXY 环境变量
+     */
+    private static shouldBypassProxy;
+    /**
+     * 简单的 IP 地址匹配
+     * 支持精确匹配和 CIDR 表示法
+     */
+    private static isIpMatch;
+}

package/http-client/utils/proxy-environment.util.js

@@ -0,0 +1,154 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProxyEnvironmentParser = void 0;
+const common_1 = require("@nestjs/common");
+/**
+ * 代理环境变量解析工具
+ * 支持标准的代理环境变量：HTTP_PROXY, HTTPS_PROXY, NO_PROXY
+ */
+class ProxyEnvironmentParser {
+    /**
+     * 从环境变量解析代理配置
+     * @param protocol 请求协议 (http 或 https)
+     * @param targetUrl 目标 URL（用于检查 NO_PROXY）
+     * @returns 解析后的代理配置，如果不应使用代理则返回 false
+     */
+    static parseFromEnvironment(protocol = 'http', targetUrl) {
+        // 获取代理环境变量 (大写和小写都支持)
+        const proxyEnv = protocol === 'https'
+            ? process.env.HTTPS_PROXY ||
+                process.env.https_proxy ||
+                process.env.HTTP_PROXY ||
+                process.env.http_proxy
+            : process.env.HTTP_PROXY || process.env.http_proxy;
+        // 检查是否应该跳过代理
+        if (targetUrl && this.shouldBypassProxy(targetUrl)) {
+            this.logger.debug(`Bypassing proxy for ${targetUrl} due to NO_PROXY`);
+            return false;
+        }
+        if (!proxyEnv) {
+            this.logger.debug('No proxy environment variable found');
+            return false;
+        }
+        try {
+            const proxyConfig = this.parseProxyUrl(proxyEnv);
+            this.logger.debug(`Parsed proxy configuration from environment: ${JSON.stringify(proxyConfig)}`);
+            return proxyConfig;
+        }
+        catch (error) {
+            this.logger.warn(`Failed to parse proxy URL from environment: ${error.message}`);
+            return false;
+        }
+    }
+    /**
+     * 获取所有代理相关的环境变量
+     */
+    static getProxyEnvironmentVariables() {
+        return {
+            HTTP_PROXY: process.env.HTTP_PROXY || process.env.http_proxy,
+            HTTPS_PROXY: process.env.HTTPS_PROXY || process.env.https_proxy,
+            NO_PROXY: process.env.NO_PROXY || process.env.no_proxy,
+        };
+    }
+    /**
+     * 检查是否设置了代理环境变量
+     */
+    static hasProxyEnvironment() {
+        const vars = this.getProxyEnvironmentVariables();
+        return !!(vars.HTTP_PROXY || vars.HTTPS_PROXY);
+    }
+    /**
+     * 解析代理 URL
+     * 支持格式: http://proxy:port, http://user:pass@proxy:port
+     */
+    static parseProxyUrl(proxyUrl) {
+        try {
+            const url = new URL(proxyUrl);
+            const config = {
+                protocol: url.protocol.replace(':', '') || 'http',
+                host: url.hostname,
+                port: url.port
+                    ? parseInt(url.port, 10)
+                    : url.protocol === 'https:'
+                        ? 443
+                        : 80,
+                auth: undefined,
+            };
+            // 解析认证信息
+            if (url.username || url.password) {
+                config.auth = {
+                    username: decodeURIComponent(url.username),
+                    password: decodeURIComponent(url.password),
+                };
+            }
+            return config;
+        }
+        catch (error) {
+            throw new Error(`Invalid proxy URL format: ${proxyUrl}`);
+        }
+    }
+    /**
+     * 检查是否应该绕过代理
+     * 基于 NO_PROXY 环境变量
+     */
+    static shouldBypassProxy(targetUrl) {
+        const noProxy = process.env.NO_PROXY || process.env.no_proxy;
+        if (!noProxy) {
+            return false;
+        }
+        try {
+            const url = new URL(targetUrl);
+            const hostname = url.hostname;
+            // NO_PROXY 可以是逗号分隔的列表
+            const bypassList = noProxy
+                .split(',')
+                .map((item) => item.trim().toLowerCase());
+            for (const bypass of bypassList) {
+                if (!bypass)
+                    continue;
+                // 精确匹配
+                if (hostname.toLowerCase() === bypass) {
+                    return true;
+                }
+                // 通配符匹配 (例如 .example.com)
+                if (bypass.startsWith('.') && hostname.toLowerCase().endsWith(bypass)) {
+                    return true;
+                }
+                // 后缀匹配 (例如 example.com 匹配 api.example.com)
+                if (hostname.toLowerCase().endsWith('.' + bypass)) {
+                    return true;
+                }
+                // 特殊值 * 表示所有域名都绕过
+                if (bypass === '*') {
+                    return true;
+                }
+                // IP 地址范围匹配 (简单实现)
+                if (this.isIpMatch(hostname, bypass)) {
+                    return true;
+                }
+            }
+        }
+        catch (error) {
+            this.logger.warn(`Failed to parse target URL for NO_PROXY check: ${error.message}`);
+        }
+        return false;
+    }
+    /**
+     * 简单的 IP 地址匹配
+     * 支持精确匹配和 CIDR 表示法
+     */
+    static isIpMatch(hostname, pattern) {
+        // 精确 IP 匹配
+        if (hostname === pattern) {
+            return true;
+        }
+        // CIDR 匹配 (简化版本，不做完整的 CIDR 计算)
+        if (pattern.includes('/')) {
+            const [baseIp] = pattern.split('/');
+            return hostname.startsWith(baseIp.substring(0, baseIp.lastIndexOf('.')));
+        }
+        return false;
+    }
+}
+exports.ProxyEnvironmentParser = ProxyEnvironmentParser;
+ProxyEnvironmentParser.logger = new common_1.Logger(ProxyEnvironmentParser.name);

package/http-client/utils/retry-recorder.util.d.ts

@@ -21,10 +21,6 @@ export declare class RetryRecorder {
      * 获取重试原因
      */
     private static getRetryReason;
-    /**
-     * 过滤敏感头信息
-     */
-    private static sanitizeHeaders;
     /**
      * 添加重试记录
      */

package/http-client/utils/retry-recorder.util.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.RetryRecorder = void 0;
+const sanitize_util_1 = require("./sanitize.util");
 /**
  * 请求重试记录器
  */
@@ -22,7 +23,7 @@ class RetryRecorder {
             requestConfig: {
                 method: ((_a = config.method) === null || _a === void 0 ? void 0 : _a.toUpperCase()) || 'UNKNOWN',
                 url: config.url || '',
-                headers: this.sanitizeHeaders(config.headers || {}),
+                headers: sanitize_util_1.SanitizeUtil.sanitizeHeaders(config.headers || {}),
             },
         };
     }
@@ -83,32 +84,6 @@ class RetryRecorder {
         }
         return `HTTP error: ${status}`;
     }
-    /**
-     * 过滤敏感头信息
-     */
-    static sanitizeHeaders(headers) {
-        const sanitized = {};
-        const sensitiveKeys = [
-            'authorization',
-            'apikey',
-            'password',
-            'secret',
-            'token',
-            'x-api-key',
-            'x-auth-token',
-            'cookie',
-            'set-cookie',
-        ];
-        Object.entries(headers).forEach(([key, value]) => {
-            if (sensitiveKeys.some((sensitive) => key.toLowerCase().includes(sensitive))) {
-                sanitized[key] = '[FILTERED]';
-            }
-            else {
-                sanitized[key] = value;
-            }
-        });
-        return sanitized;
-    }
     /**
      * 添加重试记录
      */

package/http-client/utils/sanitize.util.d.ts

@@ -0,0 +1,58 @@
+/**
+ * HTTP 请求数据脱敏工具
+ * 统一处理 headers、body、query string 的敏感信息过滤
+ */
+export declare class SanitizeUtil {
+    /**
+     * 默认敏感字段列表
+     */
+    private static readonly DEFAULT_SENSITIVE_FIELDS;
+    /**
+     * 脱敏 headers
+     * @param headers - 原始 headers 对象
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 headers
+     */
+    static sanitizeHeaders(headers: any, sensitiveFields?: string[]): Record<string, string>;
+    /**
+     * 脱敏 body
+     * @param body - 原始 body 数据
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 body
+     */
+    static sanitizeBody(body: any, sensitiveFields?: string[]): any;
+    /**
+     * 脱敏 URL 中的 query string
+     * @param url - 原始 URL
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 URL
+     */
+    static sanitizeQueryString(url: string, sensitiveFields?: string[]): string;
+    /**
+     * 脱敏 params 对象
+     * @param params - 原始 params 对象
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 params
+     */
+    static sanitizeParams(params: Record<string, any>, sensitiveFields?: string[]): Record<string, any>;
+    /**
+     * 将 body 转换为字符串并脱敏
+     * @param data - 原始数据
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的字符串
+     */
+    static sanitizeBodyAsString(data: any, sensitiveFields?: string[]): string | undefined;
+    /**
+     * 判断字段是否为敏感字段
+     * @param key - 字段名
+     * @param sensitiveFields - 敏感字段列表
+     * @returns 是否为敏感字段
+     */
+    private static isSensitiveField;
+    /**
+     * 递归脱敏对象中的敏感字段
+     * @param obj - 目标对象
+     * @param sensitiveFields - 敏感字段列表
+     */
+    private static sanitizeObject;
+}

package/http-client/utils/sanitize.util.js

@@ -0,0 +1,188 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SanitizeUtil = void 0;
+/**
+ * HTTP 请求数据脱敏工具
+ * 统一处理 headers、body、query string 的敏感信息过滤
+ */
+class SanitizeUtil {
+    /**
+     * 脱敏 headers
+     * @param headers - 原始 headers 对象
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 headers
+     */
+    static sanitizeHeaders(headers, sensitiveFields = []) {
+        if (!headers)
+            return {};
+        const sanitized = {};
+        const fieldsToSanitize = [
+            ...this.DEFAULT_SENSITIVE_FIELDS,
+            ...sensitiveFields,
+        ];
+        Object.keys(headers).forEach((key) => {
+            if (this.isSensitiveField(key, fieldsToSanitize)) {
+                sanitized[key] = '[FILTERED]';
+            }
+            else {
+                sanitized[key] = String(headers[key]);
+            }
+        });
+        return sanitized;
+    }
+    /**
+     * 脱敏 body
+     * @param body - 原始 body 数据
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 body
+     */
+    static sanitizeBody(body, sensitiveFields = []) {
+        if (!body)
+            return undefined;
+        if (typeof body === 'string') {
+            try {
+                body = JSON.parse(body);
+            }
+            catch (_a) {
+                // 非 JSON 字符串，不做处理
+                return body.length > 1000 ? body.substring(0, 1000) + '...' : body;
+            }
+        }
+        if (typeof body === 'object') {
+            const sanitized = Object.assign({}, body);
+            const fieldsToSanitize = [
+                ...this.DEFAULT_SENSITIVE_FIELDS,
+                ...sensitiveFields,
+            ];
+            this.sanitizeObject(sanitized, fieldsToSanitize);
+            return sanitized;
+        }
+        return body;
+    }
+    /**
+     * 脱敏 URL 中的 query string
+     * @param url - 原始 URL
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 URL
+     */
+    static sanitizeQueryString(url, sensitiveFields = []) {
+        if (!url)
+            return url;
+        const queryIndex = url.indexOf('?');
+        if (queryIndex === -1) {
+            return url; // 没有 query string
+        }
+        const baseUrl = url.substring(0, queryIndex);
+        const queryString = url.substring(queryIndex + 1);
+        const params = new URLSearchParams(queryString);
+        const fieldsToSanitize = [
+            ...this.DEFAULT_SENSITIVE_FIELDS,
+            ...sensitiveFields,
+        ];
+        params.forEach((value, key) => {
+            if (this.isSensitiveField(key, fieldsToSanitize)) {
+                params.set(key, '[FILTERED]');
+            }
+        });
+        const sanitizedQuery = params.toString();
+        return sanitizedQuery ? `${baseUrl}?${sanitizedQuery}` : baseUrl;
+    }
+    /**
+     * 脱敏 params 对象
+     * @param params - 原始 params 对象
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的 params
+     */
+    static sanitizeParams(params, sensitiveFields = []) {
+        if (!params)
+            return {};
+        const sanitized = {};
+        const fieldsToSanitize = [
+            ...this.DEFAULT_SENSITIVE_FIELDS,
+            ...sensitiveFields,
+        ];
+        Object.keys(params).forEach((key) => {
+            if (this.isSensitiveField(key, fieldsToSanitize)) {
+                sanitized[key] = '[FILTERED]';
+            }
+            else {
+                sanitized[key] = params[key];
+            }
+        });
+        return sanitized;
+    }
+    /**
+     * 将 body 转换为字符串并脱敏
+     * @param data - 原始数据
+     * @param sensitiveFields - 自定义敏感字段列表
+     * @returns 脱敏后的字符串
+     */
+    static sanitizeBodyAsString(data, sensitiveFields = []) {
+        const sanitized = this.sanitizeBody(data, sensitiveFields);
+        if (!sanitized)
+            return undefined;
+        if (typeof sanitized === 'string') {
+            return sanitized.length > 5000
+                ? sanitized.substring(0, 5000) + '...'
+                : sanitized;
+        }
+        const jsonString = JSON.stringify(sanitized);
+        return jsonString.length > 5000
+            ? jsonString.substring(0, 5000) + '...'
+            : jsonString;
+    }
+    /**
+     * 判断字段是否为敏感字段
+     * @param key - 字段名
+     * @param sensitiveFields - 敏感字段列表
+     * @returns 是否为敏感字段
+     */
+    static isSensitiveField(key, sensitiveFields) {
+        const lowerKey = key.toLowerCase();
+        return sensitiveFields.some((field) => lowerKey.includes(field.toLowerCase()));
+    }
+    /**
+     * 递归脱敏对象中的敏感字段
+     * @param obj - 目标对象
+     * @param sensitiveFields - 敏感字段列表
+     */
+    static sanitizeObject(obj, sensitiveFields) {
+        if (typeof obj !== 'object' || obj === null)
+            return;
+        for (const key in obj) {
+            if (this.isSensitiveField(key, sensitiveFields)) {
+                obj[key] = '[FILTERED]';
+            }
+            else if (typeof obj[key] === 'object') {
+                this.sanitizeObject(obj[key], sensitiveFields);
+            }
+        }
+    }
+}
+exports.SanitizeUtil = SanitizeUtil;
+/**
+ * 默认敏感字段列表
+ */
+SanitizeUtil.DEFAULT_SENSITIVE_FIELDS = [
+    // Headers 相关
+    'authorization',
+    'apikey',
+    'x-api-key',
+    'x-auth-token',
+    'cookie',
+    'set-cookie',
+    // Body/Query 通用字段
+    'password',
+    'secret',
+    'token',
+    'key',
+    'credential',
+    'private',
+    'confidential',
+    'ssn',
+    'creditCard',
+    'accessToken',
+    'refreshToken',
+    'apiKey',
+    'apiSecret',
+];