/proc/self/cwd/source/extensions/filters/network/thrift_proxy/router/router_ratelimit_impl.h
Line | Count | Source (jump to first uncovered line) |
1 | | #pragma once |
2 | | |
3 | | #include <cstdint> |
4 | | #include <memory> |
5 | | #include <string> |
6 | | #include <vector> |
7 | | |
8 | | #include "envoy/config/route/v3/route_components.pb.h" |
9 | | |
10 | | #include "source/common/http/header_utility.h" |
11 | | #include "source/extensions/filters/network/thrift_proxy/metadata.h" |
12 | | #include "source/extensions/filters/network/thrift_proxy/router/router.h" |
13 | | #include "source/extensions/filters/network/thrift_proxy/router/router_ratelimit.h" |
14 | | |
15 | | namespace Envoy { |
16 | | namespace Extensions { |
17 | | namespace NetworkFilters { |
18 | | namespace ThriftProxy { |
19 | | namespace Router { |
20 | | |
21 | | /** |
22 | | * Action for source cluster rate limiting. |
23 | | */ |
24 | | class SourceClusterAction : public RateLimitAction { |
25 | | public: |
26 | | // Router::RateLimitAction |
27 | | bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, |
28 | | const std::string& local_service_cluster, const MessageMetadata& metadata, |
29 | | const Network::Address::Instance& remote_address) const override; |
30 | | }; |
31 | | |
32 | | /** |
33 | | * Action for destination cluster rate limiting. |
34 | | */ |
35 | | class DestinationClusterAction : public RateLimitAction { |
36 | | public: |
37 | | // Router::RateLimitAction |
38 | | bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, |
39 | | const std::string& local_service_cluster, const MessageMetadata& metadata, |
40 | | const Network::Address::Instance& remote_address) const override; |
41 | | }; |
42 | | |
43 | | /** |
44 | | * Action for request headers rate limiting. |
45 | | */ |
46 | | class RequestHeadersAction : public RateLimitAction { |
47 | | public: |
48 | | RequestHeadersAction(const envoy::config::route::v3::RateLimit::Action::RequestHeaders& action) |
49 | | : header_name_(action.header_name()), descriptor_key_(action.descriptor_key()), |
50 | 0 | use_method_name_(header_name_ == Headers::get().MethodName) {} |
51 | | |
52 | | // Router::RateLimitAction |
53 | | bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, |
54 | | const std::string& local_service_cluster, const MessageMetadata& metadata, |
55 | | const Network::Address::Instance& remote_address) const override; |
56 | | |
57 | | private: |
58 | | const Http::LowerCaseString header_name_; |
59 | | const std::string descriptor_key_; |
60 | | const bool use_method_name_; |
61 | | }; |
62 | | |
63 | | /** |
64 | | * Action for remote address rate limiting. |
65 | | */ |
66 | | class RemoteAddressAction : public RateLimitAction { |
67 | | public: |
68 | | // Router::RateLimitAction |
69 | | bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, |
70 | | const std::string& local_service_cluster, const MessageMetadata& metadata, |
71 | | const Network::Address::Instance& remote_address) const override; |
72 | | }; |
73 | | |
74 | | /** |
75 | | * Action for generic key rate limiting. |
76 | | */ |
77 | | class GenericKeyAction : public RateLimitAction { |
78 | | public: |
79 | | GenericKeyAction(const envoy::config::route::v3::RateLimit::Action::GenericKey& action) |
80 | 0 | : descriptor_value_(action.descriptor_value()) {} |
81 | | |
82 | | // Router::RateLimitAction |
83 | | bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, |
84 | | const std::string& local_service_cluster, const MessageMetadata& metadata, |
85 | | const Network::Address::Instance& remote_address) const override; |
86 | | |
87 | | private: |
88 | | const std::string descriptor_value_; |
89 | | }; |
90 | | |
91 | | /** |
92 | | * Action for header value match rate limiting. |
93 | | */ |
94 | | class HeaderValueMatchAction : public RateLimitAction { |
95 | | public: |
96 | | HeaderValueMatchAction( |
97 | | const envoy::config::route::v3::RateLimit::Action::HeaderValueMatch& action); |
98 | | |
99 | | // Router::RateLimitAction |
100 | | bool populateDescriptor(const Router::RouteEntry& route, RateLimit::Descriptor& descriptor, |
101 | | const std::string& local_service_cluster, const MessageMetadata& metadata, |
102 | | const Network::Address::Instance& remote_address) const override; |
103 | | |
104 | | private: |
105 | | const std::string descriptor_value_; |
106 | | const bool expect_match_; |
107 | | const std::vector<Http::HeaderUtility::HeaderDataPtr> action_headers_; |
108 | | }; |
109 | | |
110 | | /* |
111 | | * Implementation of RateLimitPolicyEntry that holds the action for the configuration. |
112 | | */ |
113 | | class RateLimitPolicyEntryImpl : public RateLimitPolicyEntry { |
114 | | public: |
115 | | RateLimitPolicyEntryImpl(const envoy::config::route::v3::RateLimit& config); |
116 | | |
117 | | // Router::RateLimitPolicyEntry |
118 | 0 | uint32_t stage() const override { return stage_; } |
119 | 0 | const std::string& disableKey() const override { return disable_key_; } |
120 | | void populateDescriptors(const Router::RouteEntry& route, |
121 | | std::vector<Envoy::RateLimit::Descriptor>& descriptors, |
122 | | const std::string& local_service_cluster, |
123 | | const MessageMetadata& metadata, |
124 | | const Network::Address::Instance& remote_address) const override; |
125 | | |
126 | | private: |
127 | | const std::string disable_key_; |
128 | | uint32_t stage_; |
129 | | std::vector<RateLimitActionPtr> actions_; |
130 | | }; |
131 | | |
132 | | /** |
133 | | * Implementation of RateLimitPolicy that reads from the JSON route config. |
134 | | */ |
135 | | class RateLimitPolicyImpl : public RateLimitPolicy { |
136 | | public: |
137 | | RateLimitPolicyImpl( |
138 | | const Protobuf::RepeatedPtrField<envoy::config::route::v3::RateLimit>& rate_limits); |
139 | | |
140 | | // Router::RateLimitPolicy |
141 | | const std::vector<std::reference_wrapper<const RateLimitPolicyEntry>>& |
142 | | getApplicableRateLimit(uint32_t stage = 0) const override; |
143 | 0 | bool empty() const override { return rate_limit_entries_.empty(); } |
144 | | |
145 | | static constexpr uint32_t MAX_STAGE_NUMBER = 10; |
146 | | |
147 | | private: |
148 | | std::vector<std::unique_ptr<RateLimitPolicyEntry>> rate_limit_entries_; |
149 | | std::vector<std::vector<std::reference_wrapper<const RateLimitPolicyEntry>>> |
150 | | rate_limit_entries_reference_; |
151 | | }; |
152 | | |
153 | | } // namespace Router |
154 | | } // namespace ThriftProxy |
155 | | } // namespace NetworkFilters |
156 | | } // namespace Extensions |
157 | | } // namespace Envoy |