itsi-server 0.1.1 → 0.2.3

data/lib/itsi/server/grpc/reflection/v1/reflection_services_pb.rb

@@ -0,0 +1,122 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: reflection.proto for package 'grpc.reflection.v1'
+# Original file comments:
+# Copyright 2016 The gRPC Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Service exported by server reflection.  A more complete description of how
+# server reflection works can be found at
+# https://github.com/grpc/grpc/blob/master/doc/server-reflection.md
+#
+# The canonical version of this proto can be found at
+# https://github.com/grpc/grpc-proto/blob/master/grpc/reflection/v1/reflection.proto
+#
+
+require "grpc"
+require_relative "reflection_pb"
+
+module Grpc
+  module Reflection
+    module V1
+      module ServerReflection
+        class Service
+          include ::GRPC::GenericService
+
+          self.marshal_class_method = :encode
+          self.unmarshal_class_method = :decode
+          self.service_name = "grpc.reflection.v1.ServerReflection"
+
+          # The reflection service is structured as a bidirectional stream, ensuring
+          # all related requests go to a single server.
+          rpc :ServerReflectionInfo, stream(::Grpc::Reflection::V1::ServerReflectionRequest),
+              stream(::Grpc::Reflection::V1::ServerReflectionResponse)
+
+          def initialize(handlers)
+            @handlers = handlers
+            super()
+          end
+
+          def server_reflection_info(req, _unused_call)
+            req.each do |request|
+              res = Grpc::Reflection::V1::ServerReflectionResponse.new
+
+              if !request.list_services.empty?
+                res.list_services_response = Grpc::Reflection::V1::ListServiceResponse.new(service: list_services_response)
+              elsif !request.file_containing_symbol.empty?
+                res.file_descriptor_response = Grpc::Reflection::V1::FileDescriptorResponse.new(
+                  file_descriptor_proto: [
+                    Google::Protobuf::FileDescriptorProto.encode(Google::Protobuf::DescriptorPool.generated_pool.lookup(request.file_containing_symbol).file_descriptor.to_proto)
+                  ]
+                )
+              elsif !request.file_by_filename.empty?
+                # Handle file_by_filename requests
+                file_descriptor = find_file_descriptor_by_filename(request.file_by_filename)
+                if file_descriptor
+                  res.file_descriptor_response = Grpc::Reflection::V1::FileDescriptorResponse.new(
+                    file_descriptor_proto: [Google::Protobuf::FileDescriptorProto.encode(file_descriptor)]
+                  )
+                else
+                  res.error_response = Grpc::Reflection::V1::ErrorResponse.new(
+                    error_code: 5, # NOT_FOUND
+                    error_message: "File not found: #{request.file_by_filename}"
+                  )
+                end
+              end
+              yield res
+              # We can loop here if running in Fiber mode, but for best compatibility with blocking IO modes
+              # we'll close the connection and force the client to reconnect force
+              # subsequent reflection requests
+              break
+            end
+          end
+
+          def find_file_descriptor_by_filename(filename)
+            # First try direct lookup in the pool
+
+            descriptor = Google::Protobuf::DescriptorPool.generated_pool.lookup(filename)&.file_descriptor
+            return descriptor.to_proto if descriptor
+
+            proto_name = convert_file_path_to_proto_name(filename)
+            descriptor = Google::Protobuf::DescriptorPool.generated_pool.lookup(proto_name)&.file_descriptor
+            return descriptor.to_proto if descriptor
+
+            nil
+          end
+
+          def convert_file_path_to_proto_name(file_path)
+            # Remove .proto extension
+            file_path = file_path.sub(/\.proto$/, "")
+
+            # Split path into parts
+            parts = file_path.split("/")
+
+            # Convert last part to PascalCase (e.g., money -> Money)
+            parts[-1] = parts[-1].split("_").map(&:capitalize).join
+
+            # Join with dots
+            parts.join(".")
+          end
+
+          def list_services_response
+            @list_services_response ||= @handlers.map(&:class).map(&:service_name).map do |name|
+              Grpc::Reflection::V1::ServiceResponse.new(name: name)
+            end
+          end
+        end
+
+        Stub = Service.rpc_stub_class
+      end
+    end
+  end
+end

data/lib/itsi/server/rack/handler/itsi.rb

@@ -0,0 +1,26 @@
+return unless defined?(::Rackup::Handler) || defined?(Rack::Handler)
+
+module Rack
+  module Handler
+    module Itsi
+      def self.run(app, options = {})
+        host = options.fetch(:host, "127.0.0.1")
+        port = options.fetch(:Port, 3001)
+        ::Itsi::Server.start(
+          {
+            app: app,
+            binds: ["http://#{host}:#{port}"]
+          }
+        )
+      end
+    end
+  end
+end
+
+if defined?(Rackup)
+  ::Rackup::Handler.register("itsi", Rack::Handler::Itsi)
+  ::Rackup::Handler.register("Itsi", Rack::Handler::Itsi)
+elsif defined?(Rack)
+  ::Rack::Handler.register("itsi", Rack::Handler::Itsi)
+  ::Rack::Handler.register("Itsi", Rack::Handler::Itsi)
+end

data/lib/itsi/server/rack_interface.rb

@@ -0,0 +1,93 @@
+module Itsi
+  class Server
+    module RackInterface
+      # Builds a handler proc that is compatible with Rack applications.
+      def self.for(app)
+        require "rack"
+        if app.is_a?(String)
+          dir = File.expand_path(File.dirname(app))
+          Dir.chdir(dir) do
+            loaded_app = ::Rack::Builder.parse_file(app)
+            app = loaded_app.is_a?(Array) ? loaded_app.first : loaded_app
+          end
+        end
+        lambda do |request|
+          Server.respond(request, app.call(request.to_rack_env))
+        end
+      end
+
+      # Interface to Rack applications.
+      # Here we build the env, and invoke the Rack app's call method.
+      # We then turn the Rack response into something Itsi server understands.
+      def call(app, request)
+        respond request, app.call(request.to_rack_env)
+      end
+
+      # Itsi responses are asynchronous and can be streamed.
+      # Response chunks are sent using response.send_frame
+      # and the response is finished using response.close_write.
+      # If only a single chunk is written, you can use the #send_and_close method.
+      def respond(request, (status, headers, body))
+        response = request.response
+
+        # Don't try and respond if we've been hijacked.
+        # The hijacker is now responsible for this.
+        return if request.hijacked
+
+        # 1. Set Status
+        response.status = status
+
+        # 2. Set Headers
+        body_streamer = streaming_body?(body) ? body : headers.delete("rack.hijack")
+        headers.each do |key, value|
+          unless value.is_a?(Array)
+            response[key] = value
+            next
+          end
+
+          value.each do |v|
+            response[key] = v
+          end
+        end
+
+        # 3. Set Body
+        # As soon as we start setting the response
+        # the server will begin to stream it to the client.
+
+        # If we're partially hijacked or returned a streaming body,
+        # stream this response.
+
+        if body_streamer
+          body_streamer.call(response)
+
+        # If we're enumerable with more than one chunk
+        # also stream, otherwise write in a single chunk
+        elsif body.respond_to?(:each) || body.respond_to?(:to_ary)
+          unless body.respond_to?(:each)
+            body = body.to_ary
+            raise "Body #to_ary didn't return an array" unless body.is_a?(Array)
+          end
+          # We offset this iteration intentionally,
+          # to optimize for the case where there's only one chunk.
+          buffer = nil
+          body.each do |part|
+            response << buffer.to_s if buffer
+            buffer = part
+          end
+
+          response.send_and_close(buffer.to_s)
+        else
+          response.send_and_close(body.to_s)
+        end
+      ensure
+        response.close_write
+        body.close if body.respond_to?(:close)
+      end
+
+      # A streaming body is one that responds to #call and not #each.
+      def streaming_body?(body)
+        body.respond_to?(:call) && !body.respond_to?(:each)
+      end
+    end
+  end
+end

data/lib/itsi/server/route_tester.rb

@@ -0,0 +1,159 @@
+module Itsi
+  class Server
+    # Utility module for printing Itsi route information
+    module RouteTester
+      require "set"
+      require "strscan"
+      require "debug"
+      def format_mw(mw)
+        mw_name, mw_args = mw
+        case mw_name
+        when "app"
+          "\e[33mapp\e[0m(#{mw_args["app_proc"].inspect.split(" ")[1][0...-1]})"
+        when "log_requests"
+          if mw_args["before"] && mw_args["after"]
+            "\e[33mlog_requests\e[0m(before: #{mw_args["before"]["format"][0..6]}..., after: #{mw_args["after"]["format"][0..6]}...)"
+          elsif mw_args["before"]
+            "\e[33mlog_requests\e[0m(before: #{mw_args["before"]["format"][0..6]}...)"
+          elsif mw_args["after"]
+            "\e[33mlog_requests\e[0m(before: nil, after: #{mw_args["after"]["format"][0..6]}...)"
+          end
+        when "compress"
+          "\e[33mcompress\e[0m(#{mw_args["algorithms"].join(" ")}, #{mw_args["mime_types"]})"
+        when "cors"
+          "\e[33mcors\e[0m(#{mw_args["allow_origins"].join(" ")}, #{mw_args["allow_methods"].join(" ")})"
+        when "etag"
+          "\e[33metag\e[0m(#{mw_args["type"]}/#{mw_args["algorithm"]}, #{mw_args["handle_if_none_match"] ? "if_none_match" : ""})"
+        when "cache_control"
+          "\e[33mcache_control\e[0m(max_age: #{mw_args["max_age"]}, #{mw_args.select do |_, v|
+            v == true
+          end.keys.join(", ")})"
+        when "redirect"
+          "\e[33mredirect\e[0m(to: #{mw_args["to"]}, type: #{mw_args["type"]})"
+        when "static_assets"
+          "\e[33mstatic_assets\e[0m(path: #{mw_args["root_dir"]})"
+        when "auth_api_key"
+          "\e[33mauth_api_key\e[0m(keys: #{mw_args["valid_keys"].keys}#{mw_args["credentials_file"] ? ", credentials_file: #{mw_args["credentials_file"]}" : ""})"
+        when "auth_basic"
+          "\e[33mbasic_auth\e[0m(keys: #{mw_args["realm"]}#{mw_args["credentials_file"] ? ", credentials_file: #{mw_args["credentials_file"]}" : ""})"
+        when "auth_jwt"
+          "\e[33mjwt_auth\e[0m(#{mw_args["verifiers"].keys.join(",")})"
+        when "rate_limit"
+          key = mw_args["key"].is_a?(Hash) ? mw_args["key"]["parameter"] : mw_args["key"]
+          "\e[33mrate_limit\e[0m(rps: #{mw_args["requests"]}/#{mw_args["seconds"]}, key: #{key})"
+        when "allow_list"
+          "\e[33mallow_list\e[0m(patterns: #{mw_args["allowed_patterns"].join(", ")})"
+        when "deny_list"
+          "\e[33mdeny_list\e[0m(patterns: #{mw_args["denied_patterns"].join(", ")})"
+        when "csp"
+          "\e[33mcsp\e[0m(#{mw_args["policy"].map { |k, v| "#{k}: #{v.join(",")}" }.join(", ")})"
+        when "intrusion_protection"
+          [mw_args].flatten.map do |mw_args|
+            "\e[33mintrusion_protection\e[0m(banned_url_patterns: #{mw_args["banned_url_patterns"]&.length}, banned_header_patterns: #{mw_args["banned_header_patterns"]&.keys&.join(", ")}, #{mw_args["banned_time_seconds"]}s)"
+          end.join("\n")
+        when "request_headers"
+          [mw_args].flatten.map do |mw_args|
+            "\e[33mrequest_headers\e[0m(added: #{mw_args["additions"].keys}, removed: #{mw_args["removals"]})"
+          end.join("\n")
+        when "response_headers"
+          [mw_args].flatten.map do |mw_args|
+            "\e[33mresponse_headers\e[0m(added: #{mw_args["additions"].keys}, removed: #{mw_args["removals"]})"
+          end.join("\n")
+        when "static_response"
+          "\e[response_headers\e[0m(#{mw_args["code"]} body: #{mw_args["body"][0..10]})"
+        else
+          "\e[33m#{mw.first}\e[0m"
+        end
+      end
+
+      def print_route(route_str, stack)
+        filters = %w[methods ports protocols extensions].map do |key|
+          val = stack[key]
+          val ? "#{key}: #{Array(val).join(",")}" : nil
+        end.compact
+        filter_str = filters.any? ? filters.join(", ") : "(none)"
+
+        middlewares = stack["middleware"].to_a
+
+        puts "─" * 76
+        puts "\e[32mRoute:\e[0m      \e[33m#{route_str}\e[0m"
+        puts "\e[32mConditions:\e[0m \e[34m#{filter_str}\e[0m"
+        puts "\e[32mMiddleware:\e[0m • #{format_mw(middlewares.first)}"
+        middlewares[1..].each do |mw|
+          puts "            • #{format_mw(mw)}"
+        end
+      end
+
+      def explode_route_pattern(pattern)
+        pattern = pattern.gsub(/^\^|\$$/, "")
+        pattern = pattern.gsub("\\", "")
+        tokens = parse_expression(StringScanner.new(pattern))
+        expand_tokens(tokens)
+      end
+
+      # Parses the expression into a nested tree of tokens
+      def parse_expression(scanner)
+        tokens = []
+        buffer = ""
+
+        until scanner.eos?
+          if scanner.scan(/\(\?:/)
+            tokens << buffer unless buffer.empty?
+            buffer = ""
+            tokens << parse_alternation(scanner)
+          elsif scanner.peek(1) == ")"
+            scanner.getch # consume ')'
+            break
+          else
+            buffer << scanner.getch
+          end
+        end
+
+        tokens << buffer unless buffer.empty?
+        tokens
+      end
+
+      # Parses inside a non-capturing group (?:A|B|C)
+      def parse_alternation(scanner)
+        options = []
+        current = []
+
+        until scanner.eos?
+          if scanner.scan(/\(\?:/)
+            current << parse_alternation(scanner)
+          elsif scanner.peek(1) == ")"
+            scanner.getch # consume ')'
+            break
+          elsif scanner.peek(1) == "|"
+            scanner.getch # consume '|'
+            options << current
+            current = []
+          else
+            current << scanner.getch
+          end
+        end
+
+        options << current
+        { alt: options }
+      end
+
+      def expand_tokens(tokens)
+        parts = tokens.map do |token|
+          if token.is_a?(String)
+            [token]
+          elsif token.is_a?(Hash) && token[:alt]
+            # Recurse into each branch of the alternation
+            token[:alt].map { |branch| expand_tokens(branch) }.flatten
+          else
+            raise "Unexpected token: #{token.inspect}"
+          end
+        end
+
+        # Cartesian product of all parts
+        parts.inject([""]) do |acc, part|
+          acc.product(part).map { |a, b| a + b }
+        end
+      end
+    end
+  end
+end

data/lib/itsi/server/scheduler_interface.rb

@@ -0,0 +1,21 @@
+module Itsi
+  class Server
+    module SchedulerInterface
+      # Simple wrapper to instantiate a scheduler, start it,
+      # and immediate have it invoke a scheduler proc
+      def start_scheduler_loop(scheduler_class, scheduler_task)
+        scheduler = scheduler_class.new
+        Fiber.set_scheduler(scheduler)
+        [scheduler, Fiber.schedule(&scheduler_task)]
+      end
+
+      # When running in scheduler mode,
+      # each request is wrapped in a Fiber.
+      def schedule(app, request)
+        Fiber.schedule do
+          app.call(request)
+        end
+      end
+    end
+  end
+end

data/lib/itsi/server/scheduler_mode.rb

@@ -0,0 +1,10 @@
+# Running with a Fiber scheduler enabled but with an ActiveSupport isolation_level set to Thread
+# can be dangerous. A thread isolation level means that all fibers sharing a thread can content
+# for the same resources, which can lead to race conditions.
+# This hook should *only* be disabled if you know there are no such shared resources.
+if defined?(ActiveSupport::IsolatedExecutionState) && !ENV["ITSI_DISABLE_AS_AUTO_FIBER_ISOLATION_LEVEL"]
+  Itsi.log_info \
+    "ActiveSupport Isolated Execution state detected. Automatically switching to :fiber mode. "\
+    "Set ITSI_DISABLE_AS_AUTO_FIBER_ISOLATION_LEVEL to disable this behavior"
+  ActiveSupport::IsolatedExecutionState.isolation_level = :fiber
+end

data/lib/itsi/server/signal_trap.rb

@@ -0,0 +1,33 @@
+module Itsi
+  # This trap is necessary for debuggers and similar which intercept certain signals
+  # then attempt to restore these to the previous signal when finished.
+  # If the previous signal handler was registered in native code, this restoration doesn't
+  # work as expected and the native signal handler is lost.
+  # We intercept restored signals here and reinstate the Itsi server signal handlers
+  # (if the server is still running).
+  module SignalTrap
+    DEFAULT_SIGNALS = ["DEFAULT", "", nil].freeze
+    INTERCEPTED_SIGNALS = ["INT"].freeze
+
+    def trap(signal, *args, &block)
+      unless INTERCEPTED_SIGNALS.include?(signal.to_s) && block.nil? && server_running?
+        return super(signal, *args, &block)
+      end
+
+      Itsi::Server.reset_signal_handlers
+      nil
+    end
+
+    def server_running?
+      Itsi::Server.respond_to?(:running?) && Itsi::Server.running?
+    end
+  end
+end
+
+[Kernel, Signal].each do |receiver|
+  receiver.singleton_class.prepend(Itsi::SignalTrap)
+end
+
+[Object].each do |receiver|
+  receiver.include(Itsi::SignalTrap)
+end

data/lib/itsi/server/typed_handlers/param_parser.rb

@@ -0,0 +1,196 @@
+module Itsi
+  class Server
+    module TypedHandlers
+      module ParamParser
+        require 'date'
+
+        class ValidationError < StandardError
+          attr_reader :errors
+          def initialize(errors)
+            @errors = errors
+            super("Validation failed: #{errors.join('; ')}")
+          end
+        end
+
+        # Conversion map for primitive/base type conversions.
+        CONVERSION_MAP = {
+          String    => ->(v){ v.to_s },
+          Symbol    => ->(v){ v.to_sym },
+          Integer   => ->(v){ Integer(v) },
+          Float     => ->(v){ Float(v) },
+          :Number   => ->(v){ Float(v) },
+          TrueClass => ->(v){
+            case v
+            when true, 'true', '1', 1 then true
+            when false, 'false', '0', 0 then false
+            else raise ValidationError.new("Cannot cast #{v.inspect} to Boolean")
+            end
+          },
+          FalseClass => ->(v){
+            case v
+            when true, 'true', '1', 1 then true
+            when false, 'false', '0', 0 then false
+            else raise ValidationError.new("Cannot cast #{v.inspect} to Boolean")
+            end
+          },
+          :Boolean  => ->(v){
+            case v
+            when true, 'true', '1', 1 then true
+            when false, 'false', '0', 0 then false
+            else raise ValidationError.new("Cannot cast #{v.inspect} to Boolean")
+            end
+          },
+          Date      => ->(v){ Date.parse(v.to_s) },
+          Time      => ->(v){ Time.parse(v.to_s) },
+          DateTime  => ->(v){ DateTime.parse(v.to_s) }
+        }.compare_by_identity
+
+        # Preprocess the schema into fixed keys (as symbols) and regex keys.
+        # Memoizes the result based on the schema.
+        def processed_schema(schema)
+          @@schema_cache ||= {}
+          @@schema_cache[schema] ||= begin
+            fixed = {}
+            regex = []
+            required_params = schema[:_required] || []
+            schema.each do |k, schema_def|
+              expected_type, required = schema_def, required_params.include?(k)
+              if k.is_a?(Regexp)
+                regex << [k, [expected_type, required]]
+              else
+                fixed[k.to_sym] = [expected_type, required]
+              end
+            end
+            [fixed, regex]
+          end
+        end
+
+        # Helper that converts an array of path segments into a string.
+        # For example, [:user, "addresses", 0, :street] becomes "user.addresses[0].street".
+        def format_path(path)
+          result = "".dup
+          path.each do |seg|
+            if seg.is_a?(Integer)
+              result << "[#{seg}]"
+            else
+              result << (result.empty? ? seg.to_s : ".#{seg}")
+            end
+          end
+          result
+        end
+
+        # In-place casts the value at container[key] according to expected_type.
+        # On success, updates container[key] and returns nil.
+        # On failure, returns an error message string that uses the formatted path.
+        def cast_value!(container, key, expected_type, path)
+          if expected_type.is_a?(Array)
+            # Only allow homogeneous array types.
+            return "Only homogeneous array types are supported at #{format_path(path)}" if expected_type.size != 1
+
+            # Expect container[key] to be an Array; process each element in place.
+            unless container[key].is_a?(Array)
+              return "Expected an Array at #{format_path(path)}, got #{container[key].class}"
+            end
+            container[key].each_with_index do |_, idx|
+              err = cast_value!(container[key], idx, expected_type.first, path + [idx])
+              return err if err
+            end
+            return nil
+
+          elsif expected_type.is_a?(Hash)
+            # Nested schema: expect container[key] to be a Hash; process it in place.
+            unless container[key].is_a?(Hash)
+              return "Expected a Hash at #{format_path(path)}, got #{container[key].class}"
+            end
+            begin
+              apply_schema!(container[key], expected_type, path)
+              return nil
+            rescue ValidationError => ve
+              return ve.errors.join('; ')
+            end
+
+          else
+            converter = CONVERSION_MAP[expected_type]
+            if converter
+              begin
+                container[key] = converter.call(container[key])
+                return nil
+              rescue => e
+                return "Invalid value for #{expected_type} at #{format_path(path)}: #{container[key].inspect} (#{e.message})"
+              end
+            end
+
+            # Fallbacks.
+            if expected_type == Array
+              unless container[key].is_a?(Array)
+                return "Expected Array at #{format_path(path)}, got #{container[key].class}"
+              end
+              return nil
+            elsif expected_type == Hash
+              unless container[key].is_a?(Hash)
+                return "Expected Hash at #{format_path(path)}, got #{container[key].class}"
+              end
+              return nil
+            elsif expected_type == File && container[key].is_a?(Hash) && container[key][:tempfile].is_a?(Tempfile)
+              return nil
+            else
+              return "Unsupported type: #{expected_type.inspect} at #{format_path(path)}"
+            end
+          end
+        end
+
+        # Applies the schema in place to the given params hash.
+        # Fixed keys are converted to symbols, and regex-matched keys remain as strings.
+        # The current location in the params is tracked as an array of path segments.
+        def apply_schema!(params, schema, path = [])
+          errors = []
+          processed = processed_schema(schema)
+          fixed_schema = processed[0]
+          regex_schema = processed[1]
+
+          # Process fixed keys.
+          fixed_schema.each do |fixed_key, (expected_type, required)|
+            new_path = path + [fixed_key]
+            if params.key?(fixed_key)
+              # Symbol key present.
+            elsif params.key?(fixed_key.to_s)
+              params[fixed_key] = params.delete(fixed_key.to_s)
+            else
+              if required
+                errors << "Missing required key: #{format_path(new_path)}"
+              else
+                params[fixed_key] = nil
+              end
+              next
+            end
+
+            err = cast_value!(params, fixed_key, expected_type, new_path)
+            errors << err if err
+          end
+
+          # Process regex keys (only string keys not already handled as fixed keys).
+          params.keys.each do |key|
+            if key == :_required
+              params.delete(key)
+              next
+            end
+            next if fixed_schema.has_key?(key.to_sym) || fixed_schema.has_key?(key)
+            unless regex_schema.find do |regex, (expected_type, _required)|
+              if regex.match(key)
+                new_path = path + [key]
+                err = cast_value!(params, key, expected_type, new_path)
+                errors << err if err
+                true  # only use the first matching regex
+              end
+            end
+              params.delete(key)
+            end
+          end
+
+          raise ValidationError.new(errors) unless errors.empty?
+          params
+        end
+      end
+    end
+  end
+end