Adding response headers in the RLS server so that it implements https…

…://datatracker.ietf.org/doc/id/draft-polli-ratelimit-headers-03.html
Kuadrant · Mar 23, 2023 · 3b883a0 · 3b883a0
1 parent c824f99
commit 3b883a0
Show file tree

Hide file tree

Showing 15 changed files with 650 additions and 234 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -3,3 +3,6 @@ Dockerfile
 *.swp
 .dockerignore
 .git
+
+# OSX files
+.DS_Store
diff --git a/.gitignore b/.gitignore
@@ -5,3 +5,6 @@
 
 # These are backup files generated by rustfmt
 **/*.rs.bk
+
+# OSX files
+.DS_Store
diff --git a/doc/server/configuration.md b/doc/server/configuration.md
@@ -6,21 +6,43 @@ The preferred way of starting and configuring the Limitador server is using the
 
 ```
 USAGE:
-    limitador-server [OPTIONS] <LIMITS_FILE> [STORAGE]
+    limitador-server [OPTIONS] [LIMITS_FILE] [STORAGE]
 
 ARGS:
-    <LIMITS_FILE>    The limit file to use
+    <LIMITS_FILE>    The limit file to use [default:
+                     ../apex/deploy/nexodus/components/limitador/files/limits.yaml]
 
 OPTIONS:
-    -b, --rls-ip <ip>              The IP to listen on for RLS [default: 0.0.0.0]
-    -p, --rls-port <port>          The port to listen on for RLS [default: 8081]
-    -B, --http-ip <http_ip>        The IP to listen on for HTTP [default: 0.0.0.0]
-    -P, --http-port <http_port>    The port to listen on for HTTP [default: 8080]
-    -l, --limit-name-in-labels     Include the Limit Name in prometheus label
-    -v                             Sets the level of verbosity
-        --validate                 Validates the LIMITS_FILE and exits
-    -h, --help                     Print help information
-    -V, --version                  Print version information
+    -b, --rls-ip <ip>
+            The IP to listen on for RLS [default: 0.0.0.0]
+
+    -p, --rls-port <port>
+            The port to listen on for RLS [default: 8081]
+
+    -B, --http-ip <http_ip>
+            The IP to listen on for HTTP [default: 0.0.0.0]
+
+    -P, --http-port <http_port>
+            The port to listen on for HTTP [default: 8080]
+
+    -l, --limit-name-in-labels
+            Include the Limit Name in prometheus label
+
+    -v
+            Sets the level of verbosity
+
+        --validate
+            Validates the LIMITS_FILE and exits
+
+    -H, --rate-limit-headers <rate_limit_headers>
+            Enables rate limit response headers [default: NONE] [possible values: NONE,
+            DRAFT_VERSION_03]
+
+    -h, --help
+            Print help information
+
+    -V, --version
+            Print version information
 
 STORAGES:
     memory          Counters are held in Limitador (ephemeral)
@@ -319,3 +341,13 @@ require Redis.
 - Optional. By default, Limitador stores the limits in memory and does not
   require Infinispan.
 - Format: `URL`, in the format of `http://username:[email protected]:11222`.
+
+
+#### `RATE_LIMIT_HEADERS`
+
+- Enables rate limit response headers. Only supported by the RLS server.
+- Optional. Defaults to `"NONE"`.
+- Must be one of: 
+  - `"NONE"` - Does not add any additional headers to the http response. 
+  - `"DRAFT_VERSION_03"`.  Adds response headers per https://datatracker.ietf.org/doc/id/draft-polli-ratelimit-headers-03.html
+    
diff --git a/limitador-server/src/config.rs b/limitador-server/src/config.rs
@@ -18,6 +18,7 @@
 // HTTP_API_HOST: host // just to become HTTP_API_HOST:HTTP_API_PORT as &str
 // HTTP_API_PORT: port
 
+use crate::envoy_rls::server::RateLimitHeaders;
 use log::LevelFilter;
 
 #[derive(Debug)]
@@ -30,13 +31,15 @@ pub struct Configuration {
     http_port: u16,
     pub limit_name_in_labels: bool,
     pub log_level: Option<LevelFilter>,
+    pub rate_limit_headers: RateLimitHeaders,
 }
 
 impl Configuration {
     pub const DEFAULT_RLS_PORT: &'static str = "8081";
     pub const DEFAULT_HTTP_PORT: &'static str = "8080";
     pub const DEFAULT_IP_BIND: &'static str = "0.0.0.0";
 
+    #[allow(clippy::too_many_arguments)]
     pub fn with(
         storage: StorageConfiguration,
         limits_file: String,
@@ -45,6 +48,7 @@ impl Configuration {
         http_host: String,
         http_port: u16,
         limit_name_in_labels: bool,
+        rate_limit_headers: RateLimitHeaders,
     ) -> Self {
         Self {
             limits_file,
@@ -55,6 +59,7 @@ impl Configuration {
             http_port,
             limit_name_in_labels,
             log_level: None,
+            rate_limit_headers,
         }
     }
 
@@ -79,6 +84,7 @@ impl Default for Configuration {
             http_port: 0,
             limit_name_in_labels: false,
             log_level: None,
+            rate_limit_headers: RateLimitHeaders::None,
         }
     }
 }