@@ -27,58 +27,95 @@ func RegistrationHandler(w http.ResponseWriter, r *http.Request) {
2727
2828// handleRegistrationPost handles POST requests for creating/updating aggregators
2929func handleRegistrationPost (w http.ResponseWriter , r * http.Request ) {
30+ log := logrus .WithField ("handler" , "handleRegistrationPost" )
31+ log .Info ("Incoming registration request" )
32+
3033 // Parse request body
3134 var req model.RegistrationRequest
3235 if err := json .NewDecoder (r .Body ).Decode (& req ); err != nil {
33- logrus .WithError (err ).Warn ("Invalid JSON body" )
36+ log .WithError (err ).
37+ WithField ("stage" , "decode_body" ).
38+ Warn ("Failed to decode JSON body" )
3439 http .Error (w , "Invalid JSON body" , http .StatusBadRequest )
3540 return
3641 }
42+ log .Debug ("Request body successfully decoded" )
3743
38- // Validate registration_type is present
44+ // Validate registration_type
3945 if req .RegistrationType == "" {
40- logrus .Warn ("Missing registration_type" )
46+ log .WithField ("stage" , "validation" ).
47+ Error ("Missing registration_type" )
4148 http .Error (w , "registration_type is required" , http .StatusBadRequest )
4249 return
4350 }
4451
4552 registrationType := strings .ToLower (req .RegistrationType )
53+ log = log .WithField ("registration_type" , registrationType )
54+
4655 if ! isRegistrationTypeAllowed (registrationType ) {
47- logrus .Warnf ("Registration type not allowed: %s" , registrationType )
56+ log .WithField ("stage" , "validation" ).
57+ Warn ("Unsupported registration_type" )
4858 http .Error (w , "Unsupported registration_type" , http .StatusBadRequest )
4959 return
5060 }
61+ log .Debug ("registration_type validated" )
5162
63+ // Public flows (no auth required)
5264 switch registrationType {
5365 case "device_code" :
66+ log .Info ("Routing to device_code flow" )
5467 handleDeviceCodeFlow (w , req )
68+ return
69+
5570 case "none" :
71+ log .Info ("Routing to none flow" )
5672 handleNoneFlow (w , req )
57- default :
58- issuer , id , mode , err := authenticateRequest (r )
59- if err != nil {
60- logrus .WithError (err ).Warn ("Authentication failed" )
61- http .Error (w , "Unauthorized" , http .StatusUnauthorized )
62- return
63- }
64- if id == "" {
65- logrus .Warn ("Authentication missing for registration request" )
66- http .Error (w , "Unauthorized" , http .StatusUnauthorized )
67- return
68- }
73+ return
74+ }
6975
70- // Route to appropriate handler based on registration_type
71- switch registrationType {
72- case "provision" :
73- handleProvisionFlow (w , req , id )
74- case "authorization_code" :
75- handleAuthorizationCodeFlow (w , req , issuer , id , mode )
76- case "client_credentials" :
77- handleClientCredentialsFlow (w , req , issuer , id )
78- default :
79- logrus .Warnf ("Unsupported registration_type: %s" , registrationType )
80- http .Error (w , "Unsupported registration_type" , http .StatusBadRequest )
81- }
76+ // Authentication required for remaining flows
77+ log .Debug ("Authenticating request" )
78+ issuer , id , mode , err := authenticateRequest (r )
79+ if err != nil {
80+ log .WithError (err ).
81+ WithField ("stage" , "authentication" ).
82+ Warn ("Authentication failed" )
83+ http .Error (w , "Unauthorized" , http .StatusUnauthorized )
84+ return
85+ }
86+
87+ if id == "" {
88+ log .WithField ("stage" , "authentication" ).
89+ Warn ("Missing subject identifier in authentication" )
90+ http .Error (w , "Unauthorized" , http .StatusUnauthorized )
91+ return
92+ }
93+
94+ log = log .WithFields (logrus.Fields {
95+ "issuer" : issuer ,
96+ "client_id" : id ,
97+ "auth_mode" : mode ,
98+ })
99+ log .Debug ("Authentication successful" )
100+
101+ // Route to authenticated flows
102+ switch registrationType {
103+ case "provision" :
104+ log .Info ("Routing to provision flow" )
105+ handleProvisionFlow (w , req , id )
106+
107+ case "authorization_code" :
108+ log .Info ("Routing to authorization_code flow" )
109+ handleAuthorizationCodeFlow (w , req , issuer , id , mode )
110+
111+ case "client_credentials" :
112+ log .Info ("Routing to client_credentials flow" )
113+ handleClientCredentialsFlow (w , req , issuer , id )
114+
115+ default :
116+ log .WithField ("stage" , "routing" ).
117+ Warn ("Reached unexpected registration_type" )
118+ http .Error (w , "Unsupported registration_type" , http .StatusBadRequest )
82119 }
83120}
84121
0 commit comments