@push.rocks/smartregistry 2.5.0 → 2.8.0

package/ts/npm/classes.npmregistry.ts

@@ -2,8 +2,8 @@ import { Smartlog } from '@push.rocks/smartlog';
 import { BaseRegistry } from '../core/classes.baseregistry.js';
 import { RegistryStorage } from '../core/classes.registrystorage.js';
 import { AuthManager } from '../core/classes.authmanager.js';
-import type { IRequestContext, IResponse, IAuthToken } from '../core/interfaces.core.js';
-import type { IProtocolUpstreamConfig } from '../upstream/interfaces.upstream.js';
+import type { IRequestContext, IResponse, IAuthToken, IRequestActor } from '../core/interfaces.core.js';
+import type { IUpstreamProvider } from '../upstream/interfaces.upstream.js';
 import { NpmUpstream } from './classes.npmupstream.js';
 import type {
   IPackument,
@@ -27,20 +27,21 @@ export class NpmRegistry extends BaseRegistry {
   private basePath: string = '/npm';
   private registryUrl: string;
   private logger: Smartlog;
-  private upstream: NpmUpstream | null = null;
+  private upstreamProvider: IUpstreamProvider | null = null;
 
   constructor(
     storage: RegistryStorage,
     authManager: AuthManager,
     basePath: string = '/npm',
     registryUrl: string = 'http://localhost:5000/npm',
-    upstreamConfig?: IProtocolUpstreamConfig
+    upstreamProvider?: IUpstreamProvider
   ) {
     super();
     this.storage = storage;
     this.authManager = authManager;
     this.basePath = basePath;
     this.registryUrl = registryUrl;
+    this.upstreamProvider = upstreamProvider || null;
 
     // Initialize logger
     this.logger = new Smartlog({
@@ -55,13 +56,49 @@ export class NpmRegistry extends BaseRegistry {
     });
     this.logger.enableConsole();
 
-    // Initialize upstream if configured
-    if (upstreamConfig?.enabled) {
-      this.upstream = new NpmUpstream(upstreamConfig, registryUrl, this.logger);
-      this.logger.log('info', 'NPM upstream initialized', {
-        upstreams: upstreamConfig.upstreams.map(u => u.name),
-      });
+    if (upstreamProvider) {
+      this.logger.log('info', 'NPM upstream provider configured');
+    }
+  }
+
+  /**
+   * Extract scope from npm package name.
+   * @example "@company/utils" -> "company"
+   * @example "lodash" -> null
+   */
+  private extractScope(packageName: string): string | null {
+    if (packageName.startsWith('@')) {
+      const slashIndex = packageName.indexOf('/');
+      if (slashIndex > 1) {
+        return packageName.substring(1, slashIndex);
+      }
     }
+    return null;
+  }
+
+  /**
+   * Get upstream for a specific request.
+   * Calls the provider to resolve upstream config dynamically.
+   */
+  private async getUpstreamForRequest(
+    resource: string,
+    resourceType: string,
+    method: string,
+    actor?: IRequestActor
+  ): Promise<NpmUpstream | null> {
+    if (!this.upstreamProvider) return null;
+
+    const config = await this.upstreamProvider.resolveUpstreamConfig({
+      protocol: 'npm',
+      resource,
+      scope: this.extractScope(resource),
+      actor,
+      method,
+      resourceType,
+    });
+
+    if (!config?.enabled) return null;
+    return new NpmUpstream(config, this.registryUrl, this.logger);
   }
 
   public async init(): Promise<void> {
@@ -80,6 +117,14 @@ export class NpmRegistry extends BaseRegistry {
     const tokenString = authHeader?.replace(/^Bearer\s+/i, '');
     const token = tokenString ? await this.authManager.validateToken(tokenString, 'npm') : null;
 
+    // Build actor context for upstream resolution
+    const actor: IRequestActor = {
+      userId: token?.userId,
+      ip: context.headers['x-forwarded-for'] || context.headers['x-real-ip'],
+      userAgent: context.headers['user-agent'],
+      ...context.actor, // Include any pre-populated actor info
+    };
+
     this.logger.log('debug', `handleRequest: ${context.method} ${path}`, {
       method: context.method,
       path,
@@ -110,47 +155,47 @@ export class NpmRegistry extends BaseRegistry {
     // Dist-tags: /-/package/{package}/dist-tags
     const distTagsMatch = path.match(/^\/-\/package\/(@?[^\/]+(?:\/[^\/]+)?)\/dist-tags(?:\/(.+))?$/);
     if (distTagsMatch) {
-      const [, packageName, tag] = distTagsMatch;
-      return this.handleDistTags(context.method, packageName, tag, context.body, token);
+      const [, rawPkgName, tag] = distTagsMatch;
+      return this.handleDistTags(context.method, decodeURIComponent(rawPkgName), tag, context.body, token);
     }
 
     // Tarball download: /{package}/-/{filename}.tgz
     const tarballMatch = path.match(/^\/(@?[^\/]+(?:\/[^\/]+)?)\/-\/(.+\.tgz)$/);
     if (tarballMatch) {
-      const [, packageName, filename] = tarballMatch;
-      return this.handleTarballDownload(packageName, filename, token);
+      const [, rawPkgName, filename] = tarballMatch;
+      return this.handleTarballDownload(decodeURIComponent(rawPkgName), filename, token, actor);
     }
 
     // Unpublish specific version: DELETE /{package}/-/{version}
     const unpublishVersionMatch = path.match(/^\/(@?[^\/]+(?:\/[^\/]+)?)\/-\/([^\/]+)$/);
     if (unpublishVersionMatch && context.method === 'DELETE') {
-      const [, packageName, version] = unpublishVersionMatch;
-      this.logger.log('debug', 'unpublishVersionMatch', { packageName, version });
-      return this.unpublishVersion(packageName, version, token);
+      const [, rawPkgName, version] = unpublishVersionMatch;
+      this.logger.log('debug', 'unpublishVersionMatch', { packageName: decodeURIComponent(rawPkgName), version });
+      return this.unpublishVersion(decodeURIComponent(rawPkgName), version, token);
     }
 
     // Unpublish entire package: DELETE /{package}/-rev/{rev}
     const unpublishPackageMatch = path.match(/^\/(@?[^\/]+(?:\/[^\/]+)?)\/-rev\/([^\/]+)$/);
     if (unpublishPackageMatch && context.method === 'DELETE') {
-      const [, packageName, rev] = unpublishPackageMatch;
-      this.logger.log('debug', 'unpublishPackageMatch', { packageName, rev });
-      return this.unpublishPackage(packageName, token);
+      const [, rawPkgName, rev] = unpublishPackageMatch;
+      this.logger.log('debug', 'unpublishPackageMatch', { packageName: decodeURIComponent(rawPkgName), rev });
+      return this.unpublishPackage(decodeURIComponent(rawPkgName), token);
     }
 
     // Package version: /{package}/{version}
     const versionMatch = path.match(/^\/(@?[^\/]+(?:\/[^\/]+)?)\/([^\/]+)$/);
     if (versionMatch) {
-      const [, packageName, version] = versionMatch;
-      this.logger.log('debug', 'versionMatch', { packageName, version });
-      return this.handlePackageVersion(packageName, version, token);
+      const [, rawPkgName, version] = versionMatch;
+      this.logger.log('debug', 'versionMatch', { packageName: decodeURIComponent(rawPkgName), version });
+      return this.handlePackageVersion(decodeURIComponent(rawPkgName), version, token, actor);
     }
 
     // Package operations: /{package}
     const packageMatch = path.match(/^\/(@?[^\/]+(?:\/[^\/]+)?)$/);
     if (packageMatch) {
-      const packageName = packageMatch[1];
+      const packageName = decodeURIComponent(packageMatch[1]);
       this.logger.log('debug', 'packageMatch', { packageName });
-      return this.handlePackage(context.method, packageName, context.body, context.query, token);
+      return this.handlePackage(context.method, packageName, context.body, context.query, token, actor);
     }
 
     return {
@@ -198,11 +243,12 @@ export class NpmRegistry extends BaseRegistry {
     packageName: string,
     body: any,
     query: Record<string, string>,
-    token: IAuthToken | null
+    token: IAuthToken | null,
+    actor?: IRequestActor
   ): Promise<IResponse> {
     switch (method) {
       case 'GET':
-        return this.getPackument(packageName, token, query);
+        return this.getPackument(packageName, token, query, actor);
       case 'PUT':
         return this.publishPackage(packageName, body, token);
       case 'DELETE':
@@ -219,7 +265,8 @@ export class NpmRegistry extends BaseRegistry {
   private async getPackument(
     packageName: string,
     token: IAuthToken | null,
-    query: Record<string, string>
+    query: Record<string, string>,
+    actor?: IRequestActor
   ): Promise<IResponse> {
     let packument = await this.storage.getNpmPackument(packageName);
     this.logger.log('debug', `getPackument: ${packageName}`, {
@@ -229,17 +276,20 @@ export class NpmRegistry extends BaseRegistry {
     });
 
     // If not found locally, try upstream
-    if (!packument && this.upstream) {
-      this.logger.log('debug', `getPackument: fetching from upstream`, { packageName });
-      const upstreamPackument = await this.upstream.fetchPackument(packageName);
-      if (upstreamPackument) {
-        this.logger.log('debug', `getPackument: found in upstream`, {
-          packageName,
-          versions: Object.keys(upstreamPackument.versions || {}).length
-        });
-        packument = upstreamPackument;
-        // Optionally cache the packument locally (without tarballs)
-        // We don't store tarballs here - they'll be fetched on demand
+    if (!packument) {
+      const upstream = await this.getUpstreamForRequest(packageName, 'packument', 'GET', actor);
+      if (upstream) {
+        this.logger.log('debug', `getPackument: fetching from upstream`, { packageName });
+        const upstreamPackument = await upstream.fetchPackument(packageName);
+        if (upstreamPackument) {
+          this.logger.log('debug', `getPackument: found in upstream`, {
+            packageName,
+            versions: Object.keys(upstreamPackument.versions || {}).length
+          });
+          packument = upstreamPackument;
+          // Optionally cache the packument locally (without tarballs)
+          // We don't store tarballs here - they'll be fetched on demand
+        }
       }
     }
 
@@ -279,7 +329,8 @@ export class NpmRegistry extends BaseRegistry {
   private async handlePackageVersion(
     packageName: string,
     version: string,
-    token: IAuthToken | null
+    token: IAuthToken | null,
+    actor?: IRequestActor
   ): Promise<IResponse> {
     this.logger.log('debug', 'handlePackageVersion', { packageName, version });
     let packument = await this.storage.getNpmPackument(packageName);
@@ -289,11 +340,14 @@ export class NpmRegistry extends BaseRegistry {
     }
 
     // If not found locally, try upstream
-    if (!packument && this.upstream) {
-      this.logger.log('debug', 'handlePackageVersion: fetching from upstream', { packageName });
-      const upstreamPackument = await this.upstream.fetchPackument(packageName);
-      if (upstreamPackument) {
-        packument = upstreamPackument;
+    if (!packument) {
+      const upstream = await this.getUpstreamForRequest(packageName, 'packument', 'GET', actor);
+      if (upstream) {
+        this.logger.log('debug', 'handlePackageVersion: fetching from upstream', { packageName });
+        const upstreamPackument = await upstream.fetchPackument(packageName);
+        if (upstreamPackument) {
+          packument = upstreamPackument;
+        }
       }
     }
 
@@ -563,7 +617,8 @@ export class NpmRegistry extends BaseRegistry {
   private async handleTarballDownload(
     packageName: string,
     filename: string,
-    token: IAuthToken | null
+    token: IAuthToken | null,
+    actor?: IRequestActor
   ): Promise<IResponse> {
     // Extract version from filename: package-name-1.0.0.tgz
     const versionMatch = filename.match(/-([\d.]+(?:-[a-z0-9.]+)?)\.tgz$/i);
@@ -576,15 +631,29 @@ export class NpmRegistry extends BaseRegistry {
     }
 
     const version = versionMatch[1];
-    let tarball = await this.storage.getNpmTarball(packageName, version);
+
+    // Try local storage first (streaming)
+    const streamResult = await this.storage.getNpmTarballStream(packageName, version);
+    if (streamResult) {
+      return {
+        status: 200,
+        headers: {
+          'Content-Type': 'application/octet-stream',
+          'Content-Length': streamResult.size.toString(),
+        },
+        body: streamResult.stream,
+      };
+    }
 
     // If not found locally, try upstream
-    if (!tarball && this.upstream) {
+    let tarball: Buffer | null = null;
+    const upstream = await this.getUpstreamForRequest(packageName, 'tarball', 'GET', actor);
+    if (upstream) {
       this.logger.log('debug', 'handleTarballDownload: fetching from upstream', {
         packageName,
         version,
       });
-      const upstreamTarball = await this.upstream.fetchTarball(packageName, version);
+      const upstreamTarball = await upstream.fetchTarball(packageName, version);
       if (upstreamTarball) {
         tarball = upstreamTarball;
         // Cache the tarball locally for future requests