macaw_framework 0.2.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b2191d627ee06b38338eeef5d88e16791ad96c9ac94fd3b4f8a917cb7a4fd1d6
-  data.tar.gz: 8572db3e03300d28013c29f2bc5238d2f2a4907b087cfc1fe60ff6a8b2369026
+  metadata.gz: 3b35cc5b2fba0adc8ded0f76db41699323cc3957d54382d19e554d0e3dc77f51
+  data.tar.gz: bcd983f6afe8b8864b5d2c012c120ead8290b521ed66f49477f8defb7eed2ede
 SHA512:
-  metadata.gz: 58cc6a8c9fe40d4f2fead09cf8188ac440dce1444b387a737283285ba1d823b9604ada962305d7c9279bfe0195215b891ecf417715dc755f1b027f75ffa07c13
-  data.tar.gz: 6e8b48c28f83a5eb33f5166c37dc1bbacc2831a3fd31f494e75a5ded27410d006475f12b684da06051b4a6ffe27a3067b1c8dfd5ab0acdaf12ecaba8b444ca60
+  metadata.gz: 9a7f7ef95d76e906b706a036d8cb299ba1b5e3be607ba8cdc13da216b11665b019635bca062ac83fc3067a18ab36148df12d3af2bdbc0fbe42fa3a8e0cb2c018
+  data.tar.gz: 56a97dff9ddac5f4142b82d441de3264d4044ace0f8f9496a2e0f49a8e384c6cf57ed705bcf68dd051c536b0dc4e4b9a643161f6563a7bcfe095f2b6f691e5ff

data/CHANGELOG.md

@@ -34,3 +34,10 @@
 - Adding middleware for integration with Prometheus to collect metrics
 - Adding a simple caching mechanism that can be enabled separately for each endpoint
 - Performance and functional optimizations
+
+## [1.0.0] - 2023-04-28
+
+- Adding support to HTTPS/SSL using security certificates
+- Implemented a middleware for rate limiting to prevent DoS attacks
+- Improvement of caching strategy to ignore optional headers
+- First production-ready version

data/Gemfile

@@ -11,6 +11,10 @@ gem "minitest", "~> 5.0"
 
 gem "rubocop", "~> 1.21"
 
-gem "simplecov", "~> 0.22.0"
-
 gem "prometheus-client", "~> 4.1"
+
+group :test do
+  gem "simplecov", "~> 0.21.2"
+  gem "simplecov-json"
+  gem "simplecov_json_formatter", "~> 0.1.2"
+end

data/README.md

@@ -1,7 +1,5 @@
 # MacawFramework
 
-<img src="macaw_logo.png" alt= “” style="width: 30%;height: 30%;margin-left: 35%">
-
 This is a framework for developing web applications. Please have in mind that this is still a work in progress and
 it is strongly advised to not use it for production purposes for now. Actually it supports only HTTP. and HTTPS/SSL
 support will be implemented soon. Anyone who wishes to contribute is welcome.
@@ -31,13 +29,39 @@ in the same directory of the script that will start the application with the fol
     "threads": 10,
     "cache": {
       "cache_invalidation": 3600
+    },
+    "prometheus": {
+      "endpoint": "/metrics"
+    },
+    "rate_limiting": {
+      "window": 10,
+      "max_requests": 3,
+      "ignore_headers": [
+        "header-to-be-ignored-from-caching-strategy",
+        "another-header-to-be-ignored-from-caching-strategy"
+      ]
+    },
+    "ssl": {
+      "ssl": {
+        "cert_file_name": "path/to/cert/file/file.crt",
+        "key_file_name": "path/to/cert/key/file.key"
+      }
     }
   }
 }
 ```
 
 Cache invalidation time should be specified in seconds. In order to enable caching, The application.json file
-should exist in the app main directory and it need the `cache_invalidation` config set.
+should exist in the app main directory and it need the `cache_invalidation` config set. It is possible to
+provide a list of strings in the property `ignore_headers`. All the client headers with the same name of any
+of the strings provided will be ignored from caching strategy. This is useful to exclude headers like 
+correlation IDs from the caching strategy.
+
+Rate Limit window should also be specified in seconds. Rate limit will be activated only if the `rate_limiting` config
+exists inside `application.json`.
+
+If the SSL configuration is provided in the `application.json` file with valid certificate and key files, the TCP server
+will be wrapped with HTTPS security using the provided certificate.
 
 Example of usage:
 
@@ -51,7 +75,7 @@ m.get('/hello_world', cache: true) do |context|
   context[:body] # Returns the request body as string
   context[:params] # Returns query parameters and path variables as a hash
   context[:headers] # Returns headers as a hash
-  return JSON.pretty_generate({ hello_message: 'Hello World!' }), 200
+  return JSON.pretty_generate({ hello_message: 'Hello World!' }), 200, {"Content-Type" => "application/json"}
 end
 
 m.post('/hello_world/:path_variable') do |context|
@@ -70,9 +94,9 @@ The example above starts a server and creates a GET endpoint at localhost/hello_
 If prometheus is enabled, a get endpoint will be defined at path `/metrics` to collect prometheus metrics. This path
 is configurable via the `application.json` file.
 
-The verb methods must always return a string or nil (used as the response) and a number corresponding to the HTTP status 
-code to be returned to the client. If an endpoint doesn't return a value or returns nil for both the string and the 
-code, a default 200 OK status will be sent as the response.
+The verb methods must always return a string or nil (used as the response), a number corresponding to the HTTP status 
+code to be returned to the client and the response headers as a Hash or nil. If an endpoint doesn't return a value or 
+returns nil for body, status code and headers, a default 200 OK status will be sent as the response.
 
 ## Contributing
 

data/lib/macaw_framework/aspects/cache_aspect.rb

@@ -3,12 +3,24 @@
 ##
 # Aspect that provide cache for the endpoints.
 module CacheAspect
-  def call_endpoint(cache, endpoints_to_cache, *args)
-    return super(*args) unless endpoints_to_cache.include?(args[0]) && !cache.nil?
-    return cache.cache[args[2..].to_s.to_sym][0] unless cache.cache[args[2..].to_s.to_sym].nil?
+  def call_endpoint(cache, *args)
+    return super(*args) unless !cache[:cache].nil? && cache[:endpoints_to_cache].include?(args[0])
 
-    response = super(*args)
-    cache.cache[args[2..].to_s.to_sym] = [response, Time.now]
-    response
+    cache_filtered_name = cache_name_filter(args[1], cache[:ignored_headers])
+
+    cache[:cache].mutex.synchronize do
+      return cache[:cache].cache[cache_filtered_name][0] unless cache[:cache].cache[cache_filtered_name].nil?
+
+      response = super(*args)
+      cache[:cache].cache[cache_filtered_name] = [response, Time.now]
+      response
+    end
+  end
+
+  private
+
+  def cache_name_filter(client_data, ignored_headers)
+    filtered_headers = client_data[:headers].filter { |key, _value| !ignored_headers.include?(key) }
+    [{ body: client_data[:body], params: client_data[:params], headers: filtered_headers }].to_s.to_sym
   end
 end

data/lib/macaw_framework/aspects/logging_aspect.rb

@@ -8,8 +8,8 @@ require "logger"
 # in the framework.
 module LoggingAspect
   def call_endpoint(logger, *args)
-    endpoint_name = args[2].split(".")[1..].join("/")
-    logger.info("Request received for #{endpoint_name} with arguments: #{args[3..]}")
+    endpoint_name = args[1].split(".")[1..].join("/")
+    logger.info("Request received for #{endpoint_name} with arguments: #{args[2..]}")
 
     begin
       response = super(*args)

data/lib/macaw_framework/aspects/prometheus_aspect.rb

@@ -13,7 +13,7 @@ module PrometheusAspect
     ensure
       duration = (Time.now - start_time) * 1_000
 
-      endpoint_name = args[3].split(".").join("/")
+      endpoint_name = args[2].split(".").join("/")
 
       prometheus_middleware.request_duration_milliseconds.with_labels(endpoint: endpoint_name).observe(duration)
       prometheus_middleware.request_count.with_labels(endpoint: endpoint_name).increment

data/lib/macaw_framework/core/server.rb

@@ -1,9 +1,12 @@
 # frozen_string_literal: true
 
+require_relative "../middlewares/rate_limiter_middleware"
+require_relative "../data_filters/response_data_filter"
+require_relative "../errors/too_many_requests_error"
 require_relative "../aspects/prometheus_aspect"
 require_relative "../aspects/logging_aspect"
-require_relative "../utils/http_status_code"
 require_relative "../aspects/cache_aspect"
+require "openssl"
 
 ##
 # Class responsible for providing a default
@@ -12,7 +15,6 @@ class Server
   prepend CacheAspect
   prepend LoggingAspect
   prepend PrometheusAspect
-  include HttpStatusCode
   # rubocop:disable Metrics/ParameterLists
 
   ##
@@ -25,18 +27,20 @@ class Server
   # @param {CachingMiddleware} cache
   # @param {Prometheus::Client:Registry} prometheus
   # @return {Server}
-  def initialize(macaw, logger, port, bind, num_threads, endpoints_to_cache = nil, cache = nil, prometheus = nil,
-                 prometheus_middleware = nil)
-    @port = port
-    @bind = bind
+  def initialize(macaw, endpoints_to_cache = nil, cache = nil, prometheus = nil, prometheus_mw = nil)
+    @port = macaw.port
+    @bind = macaw.bind
     @macaw = macaw
-    @macaw_log = logger
-    @num_threads = num_threads
+    @macaw_log = macaw.macaw_log
+    @num_threads = macaw.threads
     @work_queue = Queue.new
-    @endpoints_to_cache = endpoints_to_cache || []
-    @cache = cache
+    ignored_headers = set_rate_limiting
+    set_ssl
+    @rate_limit ||= nil
+    ignored_headers ||= nil
+    @cache = { cache: cache, endpoints_to_cache: endpoints_to_cache || [], ignored_headers: ignored_headers }
     @prometheus = prometheus
-    @prometheus_middleware = prometheus_middleware
+    @prometheus_middleware = prometheus_mw
     @workers = []
   end
 
@@ -46,6 +50,7 @@ class Server
   # Start running the webserver.
   def run
     @server = TCPServer.new(@bind, @port)
+    @server = OpenSSL::SSL::SSLServer.new(@server, @context) if @context
     @num_threads.times do
       @workers << Thread.new do
         loop do
@@ -59,6 +64,8 @@ class Server
 
     loop do
       @work_queue << @server.accept
+    rescue OpenSSL::SSL::SSLError => e
+      @macaw_log.error("SSL error: #{e.message}")
     rescue IOError, Errno::EBADF
       break
     end
@@ -77,13 +84,19 @@ class Server
   def handle_client(client)
     path, method_name, headers, body, parameters = RequestDataFiltering.parse_request_data(client, @macaw.routes)
     raise EndpointNotMappedError unless @macaw.respond_to?(method_name)
+    raise TooManyRequestsError unless @rate_limit.nil? || @rate_limit.allow?(client.peeraddr[3])
+
+    client_data = get_client_data(body, headers, parameters)
 
     @macaw_log.info("Running #{path.gsub("\n", "").gsub("\r", "")}")
-    message, status = call_endpoint(@prometheus_middleware, @macaw_log, @cache, @endpoints_to_cache,
-                                    method_name, headers, body, parameters)
+    message, status, response_headers = call_endpoint(@prometheus_middleware, @macaw_log, @cache,
+                                                      method_name, client_data)
     status ||= 200
     message ||= nil
-    client.puts "HTTP/1.1 #{status} #{HTTP_STATUS_CODE_MAP[status]} \r\n\r\n#{message}"
+    response_headers ||= nil
+    client.puts ResponseDataFilter.mount_response(status, response_headers, message)
+  rescue TooManyRequestsError
+    client.print "HTTP/1.1 429 Too Many Requests\r\n\r\n"
   rescue EndpointNotMappedError
     client.print "HTTP/1.1 404 Not Found\r\n\r\n"
   rescue StandardError => e
@@ -93,7 +106,39 @@ class Server
     client.close
   end
 
-  def call_endpoint(name, headers, body, parameters)
-    @macaw.send(name.to_sym, { headers: headers, body: body, params: parameters })
+  def set_rate_limiting
+    if @macaw.config&.dig("macaw", "rate_limiting")
+      ignored_headers = @macaw.config["macaw"]["rate_limiting"]["ignore_headers"] || []
+      @rate_limit = RateLimiterMiddleware.new(
+        @macaw.config["macaw"]["rate_limiting"]["window"].to_i || 1,
+        @macaw.config["macaw"]["rate_limiting"]["max_requests"].to_i || 60
+      )
+    end
+    ignored_headers
+  end
+
+  def set_ssl
+    if @macaw.config&.dig("macaw", "ssl")
+      @context = OpenSSL::SSL::SSLContext.new
+      @context.cert = OpenSSL::X509::Certificate.new(File.read(@macaw.config["macaw"]["ssl"]["cert_file_name"]))
+      @context.key = OpenSSL::PKey::RSA.new(File.read(@macaw.config["macaw"]["ssl"]["key_file_name"]))
+    end
+    @context ||= nil
+  rescue IOError => e
+    @macaw_log.error("It was not possible to read files #{@macaw.config["macaw"]["ssl"]["cert_file_name"]} and
+#{@macaw.config["macaw"]["ssl"]["key_file_name"]}. Please assure the files exists and their names are correct.")
+    @macaw_log.error(e.backtrace)
+    raise e
+  end
+
+  def call_endpoint(name, client_data)
+    @macaw.send(
+      name.to_sym,
+      { headers: client_data[:headers], body: client_data[:body], params: client_data[:parameters] }
+    )
+  end
+
+  def get_client_data(body, headers, parameters)
+    { body: body, headers: headers, parameters: parameters }
   end
 end

data/lib/macaw_framework/data_filters/response_data_filter.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require_relative "../utils/http_status_code"
+
+##
+# Module responsible to filter and mount HTTP responses
+module ResponseDataFilter
+  include HttpStatusCode
+
+  def self.mount_response(status, headers, body)
+    "#{mount_first_response_line(status, headers)}#{mount_response_headers(headers)}#{body}"
+  end
+
+  def self.mount_first_response_line(status, headers)
+    separator = " \r\n\r\n"
+    separator = " \r\n" unless headers.nil?
+
+    "HTTP/1.1 #{status} #{HTTP_STATUS_CODE_MAP[status]}#{separator}"
+  end
+
+  def self.mount_response_headers(headers)
+    return nil if headers.nil?
+
+    response = ""
+    headers.each do |key, value|
+      response += "#{key}: #{value}\r\n"
+    end
+    response += "\r\n\r\n"
+    response
+  end
+end

data/lib/macaw_framework/errors/too_many_requests_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class TooManyRequestsError < StandardError
+end

data/lib/macaw_framework/middlewares/caching_middleware.rb

@@ -4,15 +4,18 @@
 # Middleware responsible for storing and
 # invalidating cache.
 class CachingMiddleware
-  attr_accessor :cache
+  attr_accessor :cache, :mutex
 
   def initialize(inv_time_seconds = 3_600)
     @cache = {}
+    @mutex = Mutex.new
     Thread.new do
       loop do
         sleep(1)
-        @cache.each_pair do |key, value|
-          @cache.delete(key) if Time.now - value[1] >= inv_time_seconds
+        @mutex.synchronize do
+          @cache.each_pair do |key, value|
+            @cache.delete(key) if Time.now - value[1] >= inv_time_seconds
+          end
         end
       end
     end

data/lib/macaw_framework/middlewares/prometheus_middleware.rb

@@ -42,7 +42,7 @@ class PrometheusMiddleware
   def prometheus_endpoint(prometheus_registry, configurations, macaw)
     endpoint = configurations["macaw"]["prometheus"]["endpoint"] || "/metrics"
     macaw.get(endpoint) do |_context|
-      [Prometheus::Client::Formats::Text.marshal(prometheus_registry), 200]
+      [Prometheus::Client::Formats::Text.marshal(prometheus_registry), 200, { "Content-Type" => "plaintext" }]
     end
   end
 end

data/lib/macaw_framework/middlewares/rate_limiter_middleware.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+##
+# Middleware responsible for implementing
+# rate limiting
+class RateLimiterMiddleware
+  attr_reader :window_size, :max_requests
+
+  def initialize(window_size, max_requests)
+    @window_size = window_size
+    @max_requests = max_requests
+    @client_timestamps = Hash.new { |key, value| key[value] = [] }
+    @mutex = Mutex.new
+  end
+
+  def allow?(client_id)
+    @mutex.synchronize do
+      now = Time.now.to_i
+      timestamps = @client_timestamps[client_id]
+
+      timestamps.reject! { |timestamp| timestamp <= now - window_size }
+
+      if timestamps.length < max_requests
+        timestamps << now
+        true
+      else
+        false
+      end
+    end
+  end
+end

data/lib/macaw_framework/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module MacawFramework
-  VERSION = "0.2.0"
+  VERSION = "1.0.0"
 end

data/lib/macaw_framework.rb

@@ -2,7 +2,7 @@
 
 require_relative "macaw_framework/errors/endpoint_not_mapped_error"
 require_relative "macaw_framework/middlewares/prometheus_middleware"
-require_relative "macaw_framework/middlewares/request_data_filtering"
+require_relative "macaw_framework/data_filters/request_data_filtering"
 require_relative "macaw_framework/middlewares/caching_middleware"
 require_relative "macaw_framework/core/server"
 require_relative "macaw_framework/version"
@@ -18,7 +18,7 @@ module MacawFramework
   class Macaw
     ##
     # Array containing the routes defined in the application
-    attr_reader :routes
+    attr_reader :routes, :port, :bind, :threads, :macaw_log, :config
 
     ##
     # @param {Logger} custom_log
@@ -26,27 +26,27 @@ module MacawFramework
       begin
         @routes = []
         @macaw_log ||= custom_log.nil? ? Logger.new($stdout) : custom_log
-        config = JSON.parse(File.read("application.json"))
-        @port = config["macaw"]["port"] || 8080
-        @bind = config["macaw"]["bind"] || "localhost"
-        @threads = config["macaw"]["threads"] || 5
-        unless config["macaw"]["cache"].nil?
-          @cache = CachingMiddleware.new(config["macaw"]["cache"]["cache_invalidation"].to_i || 3_600)
+        @config = JSON.parse(File.read("application.json"))
+        @port = @config["macaw"]["port"] || 8080
+        @bind = @config["macaw"]["bind"] || "localhost"
+        @threads = @config["macaw"]["threads"] || 5
+        unless @config["macaw"]["cache"].nil?
+          @cache = CachingMiddleware.new(@config["macaw"]["cache"]["cache_invalidation"].to_i || 3_600)
         end
-        @prometheus = Prometheus::Client::Registry.new if config["macaw"]["prometheus"]
-        @prometheus_middleware = PrometheusMiddleware.new if config["macaw"]["prometheus"]
-        @prometheus_middleware.configure_prometheus(@prometheus, config, self) if config["macaw"]["prometheus"]
+        @prometheus = Prometheus::Client::Registry.new if @config["macaw"]["prometheus"]
+        @prometheus_middleware = PrometheusMiddleware.new if @config["macaw"]["prometheus"]
+        @prometheus_middleware.configure_prometheus(@prometheus, @config, self) if @config["macaw"]["prometheus"]
       rescue StandardError => e
         @macaw_log.error(e.message)
       end
       @port ||= 8080
       @bind ||= "localhost"
+      @config ||= nil
       @threads ||= 5
       @endpoints_to_cache = []
       @prometheus ||= nil
       @prometheus_middleware ||= nil
-      @server = server.new(self, @macaw_log, @port, @bind, @threads, @endpoints_to_cache, @cache, @prometheus,
-                           @prometheus_middleware)
+      @server = server.new(self, @endpoints_to_cache, @cache, @prometheus, @prometheus_middleware)
     end
 
     ##

data/sig/macaw_framework/macaw.rbs

@@ -1,18 +1,25 @@
 module MacawFramework
   class Macaw
-    @bind: string
+    @bind: String
     @cache: untyped
+    @config: Hash[String, untyped]
     @endpoints_to_cache: Array[String]
     @macaw_log: Logger
-    @port: int
 
     @prometheus: untyped
+    @prometheus_middleware: untyped
     @server: Server
 
     @threads: Integer
 
+    attr_reader bind: String
+    attr_reader config: Hash[String, untyped]
+    attr_reader macaw_log: Logger
+    attr_reader port: Integer
     attr_reader routes: Array[String]
 
+    attr_reader threads: Integer
+
     def delete: -> nil
 
     def get: -> nil

data/sig/server.rbs

@@ -1,6 +1,7 @@
 class Server
   @bind: String
-  @cache: CachingMiddleware
+  @cache: Hash[Symbol, Array]
+  @context: OpenSSL::SSL::SSLContext
   @endpoints_to_cache: Array[String]
   @macaw: MacawFramework::Macaw
   @macaw_log: Logger
@@ -9,7 +10,7 @@ class Server
 
   @prometheus: untyped
   @prometheus_middleware: untyped
-  @server: TCPServer
+  @server: TCPServer|OpenSSL::SSL::SSLServer
 
   @threads: Integer
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: macaw_framework
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Aria Diniz
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-04-22 00:00:00.000000000 Z
+date: 2023-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: prometheus-client
@@ -43,10 +43,13 @@ files:
 - lib/macaw_framework/aspects/logging_aspect.rb
 - lib/macaw_framework/aspects/prometheus_aspect.rb
 - lib/macaw_framework/core/server.rb
+- lib/macaw_framework/data_filters/request_data_filtering.rb
+- lib/macaw_framework/data_filters/response_data_filter.rb
 - lib/macaw_framework/errors/endpoint_not_mapped_error.rb
+- lib/macaw_framework/errors/too_many_requests_error.rb
 - lib/macaw_framework/middlewares/caching_middleware.rb
 - lib/macaw_framework/middlewares/prometheus_middleware.rb
-- lib/macaw_framework/middlewares/request_data_filtering.rb
+- lib/macaw_framework/middlewares/rate_limiter_middleware.rb
 - lib/macaw_framework/utils/http_status_code.rb
 - lib/macaw_framework/version.rb
 - macaw_logo.png
@@ -79,7 +82,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
+rubygems_version: 3.4.12
 signing_key: 
 specification_version: 4
 summary: A web framework still in development.