warpdrive_proxy/middleware/

concurrency.rs

//! Concurrency limiter middleware
//!
//! Limits the number of concurrent requests to prevent resource exhaustion.
//! Uses tokio Semaphore for efficient async concurrency control.
//!
//! # Trusted Sources
//!
//! Requests from trusted IP ranges (set by trusted_ranges middleware) bypass
//! concurrency limits entirely. This allows proxies/CDNs to send high volumes
//! without being throttled.

use async_trait::async_trait;
use pingora::prelude::*;
use std::sync::Arc;
use tokio::sync::Semaphore;
use tracing::{debug, warn};

use super::{Middleware, MiddlewareContext};

/// Concurrency limiter middleware
///
/// Enforces a maximum number of concurrent requests. When the limit is reached,
/// additional requests are queued (awaiting a permit) or rejected with 503.
pub struct ConcurrencyMiddleware {
    /// Semaphore for concurrency control
    semaphore: Arc<Semaphore>,
    /// Whether concurrency limiting is enabled
    enabled: bool,
    /// Maximum concurrent requests (0 = unlimited)
    max_concurrent: usize,
}

impl ConcurrencyMiddleware {
    /// Create a new concurrency limiter middleware
    ///
    /// # Arguments
    ///
    /// * `enabled` - Whether to enable concurrency limiting
    /// * `max_concurrent` - Maximum concurrent requests (0 = unlimited/disabled)
    pub fn new(enabled: bool, max_concurrent: usize) -> Self {
        let semaphore = if max_concurrent > 0 {
            Arc::new(Semaphore::new(max_concurrent))
        } else {
            // Use a very large limit for "unlimited" (1 million concurrent requests)
            // Note: Tokio's semaphore has a MAX_PERMITS limit
            Arc::new(Semaphore::new(1_000_000))
        };

        debug!(
            "Concurrency limiter initialized: enabled={}, max={}",
            enabled, max_concurrent
        );

        Self {
            semaphore,
            enabled,
            max_concurrent,
        }
    }
}

#[async_trait]
impl Middleware for ConcurrencyMiddleware {
    /// Check concurrency limits before processing request
    async fn request_filter(
        &self,
        session: &mut Session,
        ctx: &mut MiddlewareContext,
    ) -> Result<()> {
        if !self.enabled || self.max_concurrent == 0 {
            return Ok(());
        }

        // Skip concurrency limiting for trusted sources (proxies/CDNs)
        if ctx.trusted_source {
            debug!("Skipping concurrency limit for trusted source");
            return Ok(());
        }

        // Try to acquire an owned permit (can be stored in context)
        match self.semaphore.clone().try_acquire_owned() {
            Ok(permit) => {
                debug!("Concurrency permit acquired");

                // Store permit in context - it will be held for the request duration
                // and automatically released when the context is dropped
                ctx.concurrency_permit = Some(permit);
                Ok(())
            }
            Err(_) => {
                warn!(
                    "Concurrency limit reached (max: {}), rejecting request",
                    self.max_concurrent
                );

                // Return 503 Service Unavailable
                session.respond_error(503).await?;

                Err(Error::explain(
                    ErrorType::HTTPStatus(503),
                    format!("Concurrency limit reached: {}", self.max_concurrent),
                ))
            }
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_concurrency_middleware_creation() {
        let mw = ConcurrencyMiddleware::new(true, 100);
        assert!(mw.enabled);
        assert_eq!(mw.max_concurrent, 100);
    }

    #[test]
    fn test_concurrency_middleware_disabled() {
        let mw = ConcurrencyMiddleware::new(false, 100);
        assert!(!mw.enabled);
    }

    #[test]
    fn test_concurrency_middleware_unlimited() {
        let mw = ConcurrencyMiddleware::new(true, 0);
        assert!(mw.enabled);
        assert_eq!(mw.max_concurrent, 0);
    }

    #[tokio::test]
    async fn test_concurrency_permit_acquire() {
        let mw = ConcurrencyMiddleware::new(true, 2);

        // Should acquire first permit
        let _permit1 = mw.semaphore.clone().try_acquire_owned();
        assert!(_permit1.is_ok());

        // Should acquire second permit
        let _permit2 = mw.semaphore.clone().try_acquire_owned();
        assert!(_permit2.is_ok());

        // Should fail to acquire third (limit reached)
        let permit3 = mw.semaphore.clone().try_acquire_owned();
        assert!(permit3.is_err());
    }
}