sentinel-rocket 0.1.0

Sentinel middleware for Rocket
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279

#![doc(html_logo_url = "https://avatars.githubusercontent.com/u/43955412")]
//! This crate provides the [sentinel](https://docs.rs/sentinel-core) middleware for [actix-web](https://docs.rs/actix-web).
//! See [examples](https://github.com/sentinel-group/sentinel-rust/tree/main/middleware) for help.
//!

use rocket::{
    fairing::{self, Fairing, Info, Kind},
    http::{self, uri::Origin, Method, Status},
    request::{self, FromRequest},
    route, Build, Data, Request, Rocket, Route,
};
use sentinel_core::EntryBuilder;
use std::sync::Mutex;

pub type BoxError = Box<dyn std::error::Error + Send + Sync>;

/// It is used to extractor a resource name from requests for Sentinel. If you the service request is [`http::Request`](https://docs.rs/http/latest/http/request/struct.Request.html),
/// and you are using nightly toolchain, you don't need to provide a sentinel resource name extractor. The middleware will automatically extract the request uri.
pub type Extractor = fn(&Request<'_>) -> String;

/// The fallback function when service is rejected by sentinel.
pub type Fallback<R> = fn(&Request<'_>, sentinel_core::Error) -> R;

fn default_extractor(req: &Request<'_>) -> String {
    req.uri().path().to_string()
}

fn default_fallback_for_guard(
    _request: &Request<'_>,
    err: sentinel_core::Error,
) -> request::Outcome<SentinelGuard, BoxError> {
    request::Outcome::Failure((Status::TooManyRequests, err.into()))
}

pub type SentinelConfigForGuard = SentinelConfig<request::Outcome<SentinelGuard, BoxError>>;
pub type SentinelConfigForFairing = SentinelConfig<()>;

/// When using [`SentinelGuard`](SentinelGuard), we can only use [managed state][managed_state]
/// to configure the [`SentinelGuard`](SentinelGuard). That is
/// ```rust
/// rocket::build().manage(SentinelConfig { ... });
/// ```
/// For [SentinelFairing](SentinelFairing), the configuration in [managed state][managed_state] is
/// with lower priority than the `SentinelConfig` in it.
///
/// [managed_state]: https://rocket.rs/v0.5-rc/guide/state/#managed-state
pub struct SentinelConfig<R> {
    pub extractor: Option<Extractor>,
    pub fallback: Option<Fallback<R>>,
}

impl<R> SentinelConfig<R> {
    pub fn with_extractor(mut self, extractor: Extractor) -> Self {
        self.extractor = Some(extractor);
        self
    }

    pub fn with_fallback(mut self, fallback: Fallback<R>) -> Self {
        self.fallback = Some(fallback);
        self
    }
}

// rustc cannot derive `Clone` trait for function pointers correctly,
// implement it by hands
impl<R> Clone for SentinelConfig<R> {
    fn clone(&self) -> Self {
        Self {
            extractor: self.extractor.clone(),
            fallback: self.fallback.clone(),
        }
    }
}

// rustc cannot derive `Default` trait for function pointers correctly,
// implement it by hands
impl<R> Default for SentinelConfig<R> {
    fn default() -> Self {
        Self {
            extractor: None,
            fallback: None,
        }
    }
}

/// The Rocket request guard, which is the recommended way in [Rocket documentation](https://rocket.rs/v0.5-rc/guide/requests/#request-guards).
/// To use this guard, simply add it to the arguments of handler. By default, it extracts [the path in the Request::uri()](https://docs.rs/rocket/0.5.0-rc.2/rocket/struct.Request.html#method.uri) as the sentinel resource name.
/// The blocked requests returns the [status 429](https://docs.rs/rocket/0.5.0-rc.2/rocket/http/struct.Status.html#associatedconstant.TooManyRequests),
/// ```rust
/// #[get("/use_sentinel")]
/// fn use_sentinel(_sentinel: SentinelGuard) { /* .. */ }
/// ```
/// We can use [`SentinelConfig`](SentinelConfig) to configure the guard.
#[derive(Debug)]
pub struct SentinelGuard;

#[rocket::async_trait]
impl<'r> FromRequest<'r> for SentinelGuard {
    type Error = BoxError;

    async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
        let empty_config = SentinelConfig::default();
        let config = req
            .rocket()
            // The type `R` in `SentinelConfig<R>` here is the same as `default_fallback_for_guard`
            .state::<SentinelConfig<request::Outcome<SentinelGuard, BoxError>>>()
            .unwrap_or(&empty_config);
        let extractor = config.extractor.unwrap_or(default_extractor);
        let fallback = config.fallback.unwrap_or(default_fallback_for_guard);

        let resource = extractor(req);
        let entry_builder = EntryBuilder::new(resource)
            .with_traffic_type(sentinel_core::base::TrafficType::Inbound);

        match entry_builder.build() {
            Ok(entry) => {
                entry.exit();
                request::Outcome::Success(SentinelGuard {})
            }
            Err(err) => fallback(req, err),
        }
    }
}

/// The [managed state][managed_state] to be processed in the handler mounted in [SentinelFairing](SentinelFairing).
///
/// [managed_state]: https://rocket.rs/v0.5-rc/guide/state/#managed-state
#[derive(Debug)]
pub struct SentinelFairingState {
    pub msg: Mutex<String>,
    /// the forwarded uri has to be managed by the rocket,
    /// because currently in `Fairing::on_request(&self, req: &mut Request<'_>, _: &mut Data<'_>)`,
    /// the lifetime of `&'life1 self` and `Request<'life2>` are not constrained.
    /// see the source code of [Fairing](https://docs.rs/rocket/0.5.0-rc.2/rocket/fairing/trait.Fairing.html) for details.
    pub uri: String,
}

impl SentinelFairingState {
    pub fn new(uri: String) -> Self {
        Self {
            msg: Mutex::new(String::new()),
            uri,
        }
    }
}

type FairingHandler = for<'r> fn(&'r Request<'_>, Data<'r>) -> route::Outcome<'r>;

#[derive(Clone, Default)]
pub struct SentinelFairingHandler(Option<FairingHandler>);

impl SentinelFairingHandler {
    pub fn new(h: FairingHandler) -> Self {
        Self(Some(h))
    }
}

#[rocket::async_trait]
impl route::Handler for SentinelFairingHandler {
    async fn handle<'r>(&self, req: &'r Request<'_>, data: Data<'r>) -> route::Outcome<'r> {
        fn default_handler<'r>(req: &'r Request<'_>, _data: Data<'r>) -> route::Outcome<'r> {
            match req.rocket().state::<SentinelFairingState>() {
                Some(_) => route::Outcome::Failure(Status::TooManyRequests),
                None => route::Outcome::Failure(Status::InternalServerError),
            }
        }

        let h = self.0.unwrap_or(default_handler);
        h(req, data)
    }
}

impl Into<Vec<Route>> for SentinelFairingHandler {
    fn into(self) -> Vec<Route> {
        vec![Route::new(Method::Get, "/", self)]
    }
}

/// The Rocket Fairing. The [SentinelConfig](SentinelConfig) in
/// SentinelFairing is with higher priority than the one in global [managed state][managed_state].
///
/// [managed_state]: https://rocket.rs/v0.5-rc/guide/state/#managed-state
#[derive(Default)]
pub struct SentinelFairing {
    /// the forwarded page when blocked by sentinel,
    /// which will be handled by the `handler`
    uri: String,
    /// a lightweight handler, which handles all the requests blocked by Sentinel.
    handler: SentinelFairingHandler,
    /// config for `SentinelFairing` itself, which is with higher priority than the `SentinelConfig` in global [managed state][managed_state].
    ///
    /// [managed_state]: https://rocket.rs/v0.5-rc/guide/state/#managed-state
    config: SentinelConfig<()>,
}

impl SentinelFairing {
    pub fn new(uri: &'static str) -> Result<Self, http::uri::Error> {
        Ok(SentinelFairing::default().with_uri(uri)?)
    }

    pub fn with_extractor(mut self, extractor: Extractor) -> Self {
        self.config = self.config.with_extractor(extractor);
        self
    }

    pub fn with_fallback(mut self, fallback: Fallback<()>) -> Self {
        self.config = self.config.with_fallback(fallback);
        self
    }

    pub fn with_handler(mut self, h: FairingHandler) -> Self {
        self.handler = SentinelFairingHandler::new(h);
        self
    }

    pub fn with_uri(mut self, uri: &'static str) -> Result<Self, http::uri::Error> {
        let origin = Origin::parse(uri)?;
        self.uri = origin.path().to_string();
        Ok(self)
    }
}

#[rocket::async_trait]
impl Fairing for SentinelFairing {
    fn info(&self) -> Info {
        Info {
            name: "Sentinel Fairing",
            kind: Kind::Ignite | Kind::Request,
        }
    }

    async fn on_ignite(&self, rocket: Rocket<Build>) -> fairing::Result {
        let handler = self.handler.clone();
        Ok(rocket
            .manage(SentinelFairingState::new(self.uri.clone()))
            .mount(self.uri.clone(), handler))
    }

    async fn on_request(&self, req: &mut Request<'_>, _: &mut Data<'_>) {
        let empty_config = SentinelConfig::default();
        let config = req
            .rocket()
            .state::<SentinelConfig<()>>()
            .unwrap_or(&empty_config);
        let extractor = self
            .config
            .extractor
            .unwrap_or(config.extractor.unwrap_or(default_extractor));
        let fallback = self.config.fallback.or(config.fallback);

        let resource = extractor(&req);
        let entry_builder = EntryBuilder::new(resource)
            .with_traffic_type(sentinel_core::base::TrafficType::Inbound);

        match entry_builder.build() {
            Ok(entry) => {
                entry.exit();
            }
            Err(err) => {
                match fallback {
                    Some(fallback) => fallback(req, err),
                    None => {
                        if let Some(state) = req.rocket().state::<SentinelFairingState>() {
                            if let Ok(mut msg) = state.msg.lock() {
                                *msg = format!(
                                    "Request to {:?} blocked by sentinel: {:?}",
                                    req.uri().path(),
                                    err
                                );
                            }
                            // this `unwrap` call will never fail
                            req.set_uri(Origin::parse(&state.uri).unwrap());
                        }
                    }
                }
            }
        };
    }
}