NEXUS-23750 - Does not support npm GitHub Package Registry

components/nexus-repository-services/src/main/java/org/sonatype/nexus/repository/proxy/ProxyFacetSupport.java

@@ -23,6 +23,7 @@
 import javax.inject.Named;
 import javax.validation.constraints.NotNull;
 
+import org.apache.commons.lang3.StringUtils;
 import org.sonatype.goodies.common.Time;
 import org.sonatype.nexus.common.io.Cooperation;
 import org.sonatype.nexus.common.io.CooperationFactory;
@@ -404,7 +405,10 @@ protected Content fetch(final Context context, Content stale) throws IOException
 
   protected Content fetch(String url, Context context, @Nullable Content stale) throws IOException {
     HttpClient client = httpClient.getHttpClient();
+    return fetch(client, url, context, stale);
+  }
 
+  protected Content fetch(HttpClient client, String url, Context context, @Nullable Content stale) throws IOException {
     checkState(config.remoteUrl.isAbsolute(),
         "Invalid remote URL '%s' for proxy repository %s, please fix your configuration", config.remoteUrl,
         getRepository().getName());
@@ -439,7 +443,8 @@ protected Content fetch(String url, Context context, @Nullable Content stale) th
 
     final CacheInfo cacheInfo = getCacheController(context).current();
 
-    if (status.getStatusCode() == HttpStatus.SC_OK) {
+    int statusCode = status.getStatusCode();
+    if (statusCode == HttpStatus.SC_OK) {
       HttpEntity entity = response.getEntity();
       log.debug("Entity: {}", entity);
 
@@ -451,6 +456,15 @@ protected Content fetch(String url, Context context, @Nullable Content stale) th
       result.getAttributes().set(CacheInfo.class, cacheInfo);
       return result;
     }
+    else if (statusCode == HttpStatus.SC_MOVED_PERMANENTLY || statusCode == HttpStatus.SC_MOVED_TEMPORARILY) {
+      Header h = response.getLastHeader("Location");
+      if (h != null) {
+        String value = h.getValue();
+        if (StringUtils.isNotEmpty(value)) {
+          return fetch(value, context, stale);
+        }
+      }
+    }
 
     try {
       if (status.getStatusCode() == HttpStatus.SC_NOT_MODIFIED) {

plugins/nexus-repository-npm/src/main/java/org/sonatype/nexus/repository/npm/internal/NpmContentValidator.java

@@ -22,12 +22,14 @@
 import javax.inject.Named;
 import javax.inject.Singleton;
 
+import org.apache.commons.lang3.StringUtils;
 import org.sonatype.goodies.common.ComponentSupport;
 import org.sonatype.nexus.mime.MimeRulesSource;
 import org.sonatype.nexus.repository.mime.ContentValidator;
 import org.sonatype.nexus.repository.mime.DefaultContentValidator;
 
 import static com.google.common.base.Preconditions.checkNotNull;
+import static org.sonatype.nexus.repository.view.ContentTypes.APPLICATION_GZIP;
 
 /**
  * npm specific {@link ContentValidator} that "hints" default content validator for npm metadata and format
@@ -57,9 +59,13 @@ public String determineContentType(final boolean strictContentTypeValidation,
                                      @Nullable final String declaredContentType) throws IOException
   {
     String name = contentName;
-    // if not tgz it is json package root
     if (name != null && !name.endsWith(".tgz")) {
-      name += ".json";
+      if (StringUtils.isNotEmpty(declaredContentType) && declaredContentType.equals(APPLICATION_GZIP)) {
+        name += ".tgz";
+      }
+      else {
+        name += ".json";
+      }
     }
     return defaultContentValidator.determineContentType(
         strictContentTypeValidation, contentSupplier, mimeRulesSource, name, declaredContentType

plugins/nexus-repository-npm/src/main/java/org/sonatype/nexus/repository/npm/internal/orient/OrientNpmProxyFacet.java

@@ -16,6 +16,7 @@
 import java.io.InputStream;
 import java.io.UncheckedIOException;
 import java.util.function.BiFunction;
+import java.net.URI;
 
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
@@ -61,6 +62,7 @@
 import org.apache.http.HttpResponse;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpRequestBase;
+import org.apache.http.impl.client.HttpClientBuilder;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static java.lang.String.format;
@@ -96,15 +98,32 @@ protected Content fetch(final Context context, final Content stale) throws IOExc
     }
   }
 
+  protected Content fetch(String url, Context context, @Nullable Content stale) throws IOException {
+    // We need to handle redirects manually
+    // DefaultRedirectStrategy copies all headers from original request
+    // https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/impl/client/DefaultRedirectStrategy.html
+    HttpClient client = HttpClientBuilder.create().disableRedirectHandling().build();
+    return fetch(client, url, context, stale);
+  }
+
   /**
    * Execute http client request.
    */
   @Override
   protected HttpResponse execute(final Context context, final HttpClient client, final HttpRequestBase request)
       throws IOException
   {
+    boolean omitBearerToken = false;
+    URI uri = request.getURI();
+
+    if (StringUtils.isNotEmpty(uri.getQuery())) {
+      if (uri.getQuery().contains("X-Amz-Credential")) {
+        omitBearerToken = true;
+      }
+    }
+
     String bearerToken = getRepository().facet(HttpClientFacet.class).getBearerToken();
-    if (StringUtils.isNotBlank(bearerToken)) {
+    if (StringUtils.isNotBlank(bearerToken) && !omitBearerToken) {
       request.setHeader("Authorization", "Bearer " + bearerToken);
     }
     return super.execute(context, client, request);