Skip to content

Commit

Permalink
g
Browse files Browse the repository at this point in the history
  • Loading branch information
komuw committed Aug 17, 2024
1 parent 0460c9c commit e82feae
Show file tree
Hide file tree
Showing 4 changed files with 42 additions and 24 deletions.
37 changes: 22 additions & 15 deletions config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -253,7 +253,7 @@ func New(
// middleware
secretKey string,
strategy ClientIPstrategy,
logger *slog.Logger,
logFunc func(w http.ResponseWriter, r http.Request, statusCode int, fields []any),
rateLimit float64,
loadShedSamplingPeriod time.Duration,
loadShedMinSampleSize int,
Expand All @@ -267,6 +267,7 @@ func New(
sessionCookieDuration time.Duration,
sessionAntiReplayFunc func(r http.Request) string,
// server
logger *slog.Logger,
maxBodyBytes uint64,
serverLogLevel slog.Level,
readHeaderTimeout time.Duration,
Expand All @@ -286,7 +287,7 @@ func New(
port,
secretKey,
strategy,
logger,
logFunc,
rateLimit,
loadShedSamplingPeriod,
loadShedMinSampleSize,
Expand All @@ -309,6 +310,7 @@ func New(
serverOpts: newServerOpts(
domain,
port,
logger,
maxBodyBytes,
serverLogLevel,
readHeaderTimeout,
Expand Down Expand Up @@ -349,7 +351,7 @@ func WithOpts(
// middleware
secretKey,
strategy,
logger,
nil,
DefaultRateLimit,
DefaultLoadShedSamplingPeriod,
DefaultLoadShedMinSampleSize,
Expand All @@ -363,6 +365,7 @@ func WithOpts(
DefaultSessionCookieDuration,
DefaultSessionAntiReplayFunc,
// server
logger,
DefaultMaxBodyBytes,
DefaultServerLogLevel,
defaultReadHeaderTimeout,
Expand Down Expand Up @@ -397,7 +400,7 @@ func DevOpts(logger *slog.Logger, secretKey string) Opts {
// middleware
secretKey,
clientip.DirectIpStrategy,
logger,
nil,
DefaultRateLimit,
DefaultLoadShedSamplingPeriod,
DefaultLoadShedMinSampleSize,
Expand All @@ -411,6 +414,7 @@ func DevOpts(logger *slog.Logger, secretKey string) Opts {
DefaultSessionCookieDuration,
DefaultSessionAntiReplayFunc,
// server
logger,
DefaultMaxBodyBytes,
DefaultServerLogLevel,
defaultReadHeaderTimeout,
Expand Down Expand Up @@ -452,7 +456,7 @@ func CertOpts(
// middleware
secretKey,
clientip.DirectIpStrategy,
logger,
nil,
DefaultRateLimit,
DefaultLoadShedSamplingPeriod,
DefaultLoadShedMinSampleSize,
Expand All @@ -466,6 +470,7 @@ func CertOpts(
DefaultSessionCookieDuration,
DefaultSessionAntiReplayFunc,
// server
logger,
DefaultMaxBodyBytes,
DefaultServerLogLevel,
defaultReadHeaderTimeout,
Expand Down Expand Up @@ -510,7 +515,7 @@ func AcmeOpts(
// middleware
secretKey,
clientip.DirectIpStrategy,
logger,
nil,
DefaultRateLimit,
DefaultLoadShedSamplingPeriod,
DefaultLoadShedMinSampleSize,
Expand All @@ -524,6 +529,7 @@ func AcmeOpts(
DefaultSessionCookieDuration,
DefaultSessionAntiReplayFunc,
// server
logger,
DefaultMaxBodyBytes,
DefaultServerLogLevel,
defaultReadHeaderTimeout,
Expand Down Expand Up @@ -567,7 +573,7 @@ func LetsEncryptOpts(
// middleware
secretKey,
clientip.DirectIpStrategy,
logger,
nil,
DefaultRateLimit,
DefaultLoadShedSamplingPeriod,
DefaultLoadShedMinSampleSize,
Expand All @@ -581,6 +587,7 @@ func LetsEncryptOpts(
DefaultSessionCookieDuration,
DefaultSessionAntiReplayFunc,
// server
logger,
DefaultMaxBodyBytes,
DefaultServerLogLevel,
defaultReadHeaderTimeout,
Expand Down Expand Up @@ -623,7 +630,7 @@ type middlewareOpts struct {
// - https://go.dev/play/p/wL2gqumZ23b
SecretKey secureKey
Strategy ClientIPstrategy
Logger *slog.Logger
LogFunc func(w http.ResponseWriter, r http.Request, statusCode int, fields []any)

// ratelimit
RateLimit float64
Expand Down Expand Up @@ -655,7 +662,6 @@ func (m middlewareOpts) String() string {
HttpsPort: %d,
SecretKey: %s,
Strategy: %v,
Logger: %v,
RateLimit: %v,
LoadShedSamplingPeriod: %v,
LoadShedMinSampleSize: %v,
Expand All @@ -673,7 +679,6 @@ func (m middlewareOpts) String() string {
m.HttpsPort,
m.SecretKey,
m.Strategy,
m.Logger,
m.RateLimit,
m.LoadShedSamplingPeriod,
m.LoadShedMinSampleSize,
Expand All @@ -699,7 +704,7 @@ func newMiddlewareOpts(
httpsPort uint16,
secretKey string,
strategy ClientIPstrategy,
logger *slog.Logger,
logFunc func(w http.ResponseWriter, r http.Request, statusCode int, fields []any),
rateLimit float64,
loadShedSamplingPeriod time.Duration,
loadShedMinSampleSize int,
Expand Down Expand Up @@ -752,7 +757,7 @@ func newMiddlewareOpts(
HttpsPort: httpsPort,
SecretKey: secureKey(secretKey),
Strategy: strategy,
Logger: logger,
LogFunc: logFunc,

// ratelimiter
RateLimit: rateLimit,
Expand Down Expand Up @@ -821,6 +826,7 @@ func (t tlsOpts) GoString() string {
// serverOpts are the various parameters(optionals) that can be used to configure a HTTP server.
type serverOpts struct {
port uint16 // tcp port is a 16bit unsigned integer.
Logger *slog.Logger
MaxBodyBytes uint64 // max size of request body allowed.
ServerLogLevel slog.Level
ReadHeaderTimeout time.Duration
Expand All @@ -842,6 +848,7 @@ type serverOpts struct {
func newServerOpts(
domain string,
port uint16,
logger *slog.Logger,
maxBodyBytes uint64,
serverLogLevel slog.Level,
readHeaderTimeout time.Duration,
Expand Down Expand Up @@ -887,6 +894,7 @@ func newServerOpts(

return serverOpts{
port: port,
Logger: logger,
MaxBodyBytes: maxBodyBytes,
ServerLogLevel: serverLogLevel,
ReadHeaderTimeout: readHeaderTimeout,
Expand Down Expand Up @@ -917,6 +925,7 @@ func newServerOpts(
func (s serverOpts) String() string {
return fmt.Sprintf(`serverOpts{
port: %v,
Logger: %v,
MaxBodyBytes: %v,
ServerLogLevel: %v,
ReadHeaderTimeout: %v,
Expand All @@ -932,6 +941,7 @@ func (s serverOpts) String() string {
HttpPort: %v,
}`,
s.port,
s.Logger,
s.MaxBodyBytes,
s.ServerLogLevel,
s.ReadHeaderTimeout,
Expand Down Expand Up @@ -1027,9 +1037,6 @@ func (o Opts) Equal(other Opts) bool {
if o.Strategy != other.Strategy {
return false
}
if o.Logger != other.Logger {
return false
}

if int(o.RateLimit) != int(other.RateLimit) {
return false
Expand Down
17 changes: 11 additions & 6 deletions config/config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,11 @@ func validOpts(t *testing.T) Opts {
"super-h@rd-Pas1word",
// In this case, the actual client IP address is fetched from the given http header.
SingleIpStrategy("CF-Connecting-IP"),
// Logger.
l,
// function to log in middlewares.
func(_ http.ResponseWriter, r http.Request, statusCode int, fields []any) {
reqL := log.WithID(r.Context(), l)
reqL.Info("request-and-response", fields...)
},
// If a particular IP address sends more than 13 requests per second, throttle requests from that IP.
13.0,
// Sample response latencies over a 5 minute window to determine if to loadshed.
Expand All @@ -60,6 +63,8 @@ func validOpts(t *testing.T) Opts {
// Use a given header to try and mitigate against replay-attacks.
func(r http.Request) string { return r.Header.Get("Anti-Replay") },
//
// Logger.
l,
// The maximum size in bytes for incoming request bodies.
2*1024*1024,
// Log level of the logger that will be passed into [http.Server.ErrorLog]
Expand Down Expand Up @@ -132,7 +137,7 @@ func TestNewMiddlewareOpts(t *testing.T) {
opt.HttpsPort,
string(opt.SecretKey),
opt.Strategy,
opt.Logger,
nil,
opt.RateLimit,
opt.LoadShedSamplingPeriod,
opt.LoadShedMinSampleSize,
Expand Down Expand Up @@ -192,7 +197,7 @@ func TestNewMiddlewareOptsDomain(t *testing.T) {
443,
tst.SecretKey(),
clientip.DirectIpStrategy,
slog.Default(),
nil,
DefaultRateLimit,
DefaultLoadShedSamplingPeriod,
DefaultLoadShedMinSampleSize,
Expand All @@ -213,7 +218,7 @@ func TestNewMiddlewareOptsDomain(t *testing.T) {
443,
tst.SecretKey(),
clientip.DirectIpStrategy,
slog.Default(),
nil,
DefaultRateLimit,
DefaultLoadShedSamplingPeriod,
DefaultLoadShedMinSampleSize,
Expand Down Expand Up @@ -248,7 +253,7 @@ func TestOpts(t *testing.T) {
HttpsPort: 65081,
SecretKey: secureKey(tst.SecretKey()),
Strategy: clientip.DirectIpStrategy,
Logger: l,
LogFunc: nil,
RateLimit: DefaultRateLimit,
LoadShedSamplingPeriod: DefaultLoadShedSamplingPeriod,
LoadShedMinSampleSize: DefaultLoadShedMinSampleSize,
Expand Down
9 changes: 7 additions & 2 deletions config/example_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,11 @@ func ExampleNew() {
"super-h@rd-Pas1word",
// In this case, the actual client IP address is fetched from the given http header.
config.SingleIpStrategy("CF-Connecting-IP"),
// Logger.
l,
// function to log in middlewares.
func(_ http.ResponseWriter, r http.Request, statusCode int, fields []any) {
reqL := log.WithID(r.Context(), l)
reqL.Info("request-and-response", fields...)
},
// If a particular IP address sends more than 13 requests per second, throttle requests from that IP.
13.0,
// Sample response latencies over a 5 minute window to determine if to loadshed.
Expand All @@ -57,6 +60,8 @@ func ExampleNew() {
// Use a given header to try and mitigate against replay-attacks.
func(r http.Request) string { return r.Header.Get("Anti-Replay") },
//
// Logger.
l,
// The maximum size in bytes for incoming request bodies.
2*1024*1024,
// Log level of the logger that will be passed into [http.Server.ErrorLog]
Expand Down
3 changes: 2 additions & 1 deletion middleware/middleware_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -488,7 +488,7 @@ func BenchmarkAllMiddlewares(b *testing.B) {
httpsPort,
tst.SecretKey(),
config.DirectIpStrategy,
l,
nil,
rateLimit,
config.DefaultLoadShedSamplingPeriod,
config.DefaultLoadShedMinSampleSize,
Expand All @@ -501,6 +501,7 @@ func BenchmarkAllMiddlewares(b *testing.B) {
config.DefaultCsrfCookieDuration,
config.DefaultSessionCookieDuration,
config.DefaultSessionAntiReplayFunc,
l,
20*1024*1024,
slog.LevelDebug,
1*time.Second,
Expand Down

0 comments on commit e82feae

Please sign in to comment.