Extract client IP and TLS info once at adapter boundary (PR7)#599
Open
prk-Jr wants to merge 23 commits intofeature/edgezero-pr6-backend-http-clientfrom
Open
Extract client IP and TLS info once at adapter boundary (PR7)#599prk-Jr wants to merge 23 commits intofeature/edgezero-pr6-backend-http-clientfrom
prk-Jr wants to merge 23 commits intofeature/edgezero-pr6-backend-http-clientfrom
Conversation
Documents the call site migration plan: five Fastly SDK extraction points in trusted-server-core replaced by RuntimeServices::client_info reads, following Phase 1 injection pattern from the EdgeZero migration design.
- Correct erroneous claim about generate_synthetic_id being called twice via DeviceInfo; it is called once (line 91 for fresh_id), DeviceInfo.ip is a separate req.get_client_ip_addr() call fixed independently - Add before/after snippet for handle_publisher_request call site in main.rs - Add noop_services import instruction for http_util.rs test module - Clarify _services rename (drop underscore, not add new param) in didomi.rs - Clarify nextjs #[allow(deprecated)] annotations are out of scope (different function)
- Change RequestInfo::from_request signature to &ClientInfo (not &RuntimeServices) so prebid can call it with context.client_info - Scope SDK-call acceptance criteria to active non-deprecated code only - List all six AuctionContext construction sites including two production sites in orchestrator.rs and three test helpers in orchestrator/prebid - Add explicit warn-and-continue pattern for publisher.rs geo lookup - Correct testing table: formats.rs and endpoints.rs have no test modules; add orchestrator.rs and prebid.rs test helper update rows
Plan covers 6 tasks in compilation-safe order: AuctionContext struct change first, then from_request signature, then synthetic.rs cascade, then publisher geo, then didomi. Includes two new copy_headers unit tests (Some/None). Spec fixes: clarify injection pattern exceptions for &ClientInfo and Option<IpAddr>; reword acceptance criterion to reflect that provider-layer reads flow through AuctionContext.client_info.
- Finding 1 (High): Add missing publisher.rs test call site at line ~695 for get_or_generate_synthetic_id — was omitted from Task 3 Step 6 - Finding 2 (Medium): Remove crate::geo::GeoInfo import from endpoints.rs rather than replacing it — type is not used by name after the change, keeping any import fails clippy -D warnings - Finding 3 (Low): Replace interactive git add -p in Task 6 with explicit file staging instruction - Open Q1: Add Task 2 step to update stale handle_publisher_request signature in auction/README.md - Open Q2: Add Task 2 step to update from_request doc comment to reflect ClientInfo-based TLS detection instead of Fastly SDK calls
- Step 7: cover all four stale Fastly-SDK-specific locations in http_util.rs (SPOOFABLE_FORWARDED_HEADERS doc, RequestInfo struct doc, from_request doc, detect_request_scheme doc) - Step 8: replace the whole routing snippet in auction/README.md, not just the one handle_publisher_request line — handle_auction and integration_registry.handle_proxy are also stale in that snippet
- Add missing Location 2 (RequestInfo.scheme field doc, line ~67) to Step 7; renumber subsequent locations 3-5 - Replace &runtime_services with runtime_services in Step 5 and README snippet — runtime_services is already &RuntimeServices in route_request
… into handle_publisher_request
…ls in formats and endpoints
Fix multi-line function call style in didomi.rs, line-break wrapping in publisher.rs test, and import ordering in synthetic.rs test module.
Adds noop_services_with_client_ip helper to test_support and a new test that verifies the client_ip path through generate_synthetic_id by asserting the HMAC differs when the IP changes.
prk-Jr
changed the title
…edgezero-pr7-geo-client-info
…edgezero-pr7-geo-client-info # Conflicts: # crates/trusted-server-core/src/auction/endpoints.rs # crates/trusted-server-core/src/auction/formats.rs # crates/trusted-server-core/src/integrations/registry.rs # crates/trusted-server-core/src/publisher.rs # crates/trusted-server-core/src/synthetic.rs
aram356
approved these changes
Apr 6, 2026
Collaborator
aram356
left a comment
aram356
left a comment
There was a problem hiding this comment.
Summary
Clean, well-scoped PR that achieves exactly what it claims: removing all active Fastly SDK calls for client IP and TLS info from trusted-server-core by threading ClientInfo through RuntimeServices. The changes are mechanical but correct — no logic errors, no missing call sites, proper warn-and-continue for geo lookups, and good test coverage for the new paths.
Non-blocking
👍 praise
- Clean extraction pattern — each function that previously called Fastly SDK methods now reads from
services.client_infoorcontext.client_info. No unnecessary abstractions introduced. - Warn-and-continue for geo lookups — all three geo lookup sites use
unwrap_or_else(|e| { log::warn!(...); None }). Correct — geo is best-effort enrichment and should never hard-fail the request. - Good test coverage — new
test_generate_ec_id_uses_client_ip, two TLS detection tests, twocopy_headerstests. Validates that client IP actually influences output throughRuntimeServices. noop_services_with_client_iphelper — clean addition for tests that need IP-dependent paths.
🤔 thinking
- Remaining deprecated
GeoInfo::from_requeststill has Fastly SDK call in core — the#[deprecated]method still exists with a livereq.get_client_ip_addr()inside core. No active code calls it, but worth tracking for removal in a follow-up. AuctionContextcarries bothclient_infoand can access it viaRuntimeServices— the field is redundant with what's available throughRuntimeServices(both get passed together). Works fine since values are identical, but could confuse future contributors about which source to use.
♻️ refactor
- Repeated
ClientInfoconstruction in Prebid tests — ~19 test call sites each inlineClientInfo { client_ip: None, tls_protocol: None, tls_cipher: None }. Consider implementingDefaultforClientInfo(all fields areOption) or extracting anempty_client_info()test helper to reduce noise.
📌 out of scope
RequestSigner::from_config()still uses FastlyConfigStoredirectly in core — separate concern from IP/TLS extraction but worth noting for EdgeZero migration tracking.
CI Status
- fmt: PASS
- clippy: PASS
- rust tests: PASS
- js tests: PASS
ChristianPavilonis
approved these changes
Apr 7, 2026
Collaborator
ChristianPavilonis
left a comment
ChristianPavilonis
left a comment
There was a problem hiding this comment.
Please fix conflicts
…edgezero-pr7-geo-client-info
aram356
approved these changes
Apr 10, 2026
Collaborator
aram356
left a comment
aram356
left a comment
There was a problem hiding this comment.
Summary
Clean, well-executed migration. The extract-once pattern threads ClientInfo from the adapter boundary through RuntimeServices and AuctionContext, eliminating all active Fastly IP/TLS SDK calls from trusted-server-core. Test coverage is solid — both positive and negative paths for new code.
Non-blocking
♻️ refactor
- Repeated
ClientInfoliteral in tests: ~20 prebid/orchestrator test sites construct identicalClientInfo { client_ip: None, ... }inline. A shared constant or helper would reduce boilerplate. (prebid.rs, orchestrator.rs)
🤔 thinking
convert_tsjs_to_auction_requestat 7-param limit: Now at exactly the CLAUDE.md convention limit. Next addition will need a struct. (formats.rs:83)
🌱 seedling
- Deprecated
GeoInfo::from_requestcleanup: The deprecated method in geo.rs still callsreq.get_client_ip_addr()directly. Now that all active call sites go throughservices.geo().lookup(), this could be removed in a follow-up.
👍 praise
- Extract-once pattern: Well-designed
ClientInfoinjection — single adapter-boundary extraction, clean threading through the call chain. - Warn-and-continue geo pattern: Consistent across endpoints.rs and publisher.rs.
generate_ec_id_uses_client_iptest: Smart HMAC prefix comparison proves IP input flows through.- Didomi copy_headers tests: Both
Some(ip)andNonepaths covered.
CI Status
- integration tests: PASS
- browser integration tests: PASS
- prepare integration artifacts: PASS
| &settings, | ||
| &request, | ||
| &crate::platform::ClientInfo { | ||
| client_ip: None, |
Collaborator
There was a problem hiding this comment.
♻️ refactor — The identical ClientInfo { client_ip: None, tls_protocol: None, tls_cipher: None } literal is repeated ~20 times across prebid and orchestrator tests. A shared constant or helper would reduce boilerplate and make future field additions less painful.
| @@ -83,14 +83,17 @@ pub struct BannerUnit { | |||
| pub fn convert_tsjs_to_auction_request( | |||
Collaborator
There was a problem hiding this comment.
🤔 thinking — This function now takes exactly 7 parameters, which is the project convention limit. It passes today, but one more addition will require restructuring.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
req.get_client_ip_addr(),req.get_tls_protocol(), andreq.get_tls_cipher_openssl_name()calls from active code intrusted-server-core; the adapter extracts these once intoClientInfoand threads it throughRuntimeServices, keeping core fully platform-agnosticclient_info: &'a ClientInfotoAuctionContext, changesRequestInfo::from_requestandgenerate_synthetic_idto take&ClientInfo/&RuntimeServicesinstead of calling the Fastly SDK directly, and applies a warn-and-continue pattern for all geo lookupstrusted-server-corecontains zero direct calls to Fastly request introspection APIsChanges
src/auction/types.rsclient_info: &'a ClientInfofield toAuctionContextsrc/auction/endpoints.rsclient_infointoAuctionContext; replace deprecated geo call with warn-and-continuesrc/auction/formats.rsservices: &RuntimeServicesandgeo: Option<GeoInfo>params; useservices.client_info.client_ipsrc/auction/orchestrator.rsclient_infothrough mediator and provider context construction sitessrc/http_util.rsRequestInfo::from_requesttakes&ClientInfo;detect_request_schemetakes TLS params directlysrc/integrations/didomi.rscopy_headerstakesclient_ip: Option<IpAddr>; removes internal SDK callsrc/integrations/prebid.rsclient_infointo allRequestInfo::from_requestcall sites andAuctionContextconstructionsrc/integrations/registry.rsservicestoget_or_generate_synthetic_idsrc/publisher.rsservicesthrough; replace deprecated geo and synthetic ID callssrc/synthetic.rsgenerate_synthetic_idtakes&RuntimeServices; useservices.client_info.client_ipsrc/platform/test_support.rsnoop_services_with_client_iptest helperadapter-fastly/src/main.rsruntime_servicesintohandle_publisher_requestsrc/auction/README.mdmain.rsCloses
Closes #488
Test plan
cargo test --workspacecargo clippy --workspace --all-targets --all-features -- -D warningscargo fmt --all -- --checkcd crates/js/lib && npx vitest runcd crates/js/lib && npm run formatcd docs && npm run formatcargo build --package trusted-server-adapter-fastly --release --target wasm32-wasip1Checklist
unwrap()in production code — useexpect("should ...")logmacros (notprintln!)