diff --git a/Cargo.lock b/Cargo.lock index 0e98929..c6210f9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -61,9 +61,9 @@ checksum = "7d5a26814d8dcb93b0e5a0ff3c6d80a8843bafb21b39e8e18a6f05471870e110" [[package]] name = "ascii-canvas" -version = "3.0.0" +version = "4.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8824ecca2e851cec16968d54a01dd372ef8f95b244fb84b84e70128be347c3c6" +checksum = "ef1e3e699d84ab1b0911a1010c5c106aa34ae89aeac103be5ce0c3859db1e891" dependencies = [ "term", ] @@ -102,6 +102,12 @@ version = "0.21.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" +[[package]] +name = "base64" +version = "0.22.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" + [[package]] name = "bincode" version = "1.3.3" @@ -113,18 +119,18 @@ dependencies = [ [[package]] name = "bit-set" -version = "0.5.3" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1" +checksum = "08807e080ed7f9d5433fa9b275196cfc35414f66a0c79d864dc51a0d825231a3" dependencies = [ "bit-vec", ] [[package]] name = "bit-vec" -version = "0.6.3" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" +checksum = "5e764a1d40d510daf35e07be9eb06e75770908c27d411ee6c92109c9840eaaf7" [[package]] name = "bitflags" @@ -178,28 +184,29 @@ dependencies = [ [[package]] name = "cel-interpreter" -version = "0.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b968d274346f357c4e04b89a3383309688e5476b45f8faa120b8d6b3164b0e0" +version = "0.9.0" +source = "git+https://github.com/clarkmcc/cel-rust?rev=5b02b08#5b02b0817ced05c7cfc1c72bab03bc97bbfa2dea" dependencies = [ + "base64 0.22.1", "cel-parser", "chrono", "nom", "paste", "regex", "serde", + "serde_json", "thiserror", ] [[package]] name = "cel-parser" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6dccd435d730be24bb59d66a10164d1e6624b418dd1b88a96b7bbddcf066c3cf" +version = "0.8.0" +source = "git+https://github.com/clarkmcc/cel-rust?rev=5b02b08#5b02b0817ced05c7cfc1c72bab03bc97bbfa2dea" dependencies = [ "lalrpop", "lalrpop-util", "regex", + "thiserror", ] [[package]] @@ -371,7 +378,7 @@ dependencies = [ "cranelift-codegen", "cranelift-entity", "cranelift-frontend", - "itertools", + "itertools 0.10.5", "log", "smallvec", "wasmparser", @@ -412,12 +419,6 @@ version = "0.8.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80" -[[package]] -name = "crunchy" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" - [[package]] name = "crypto-common" version = "0.1.6" @@ -450,12 +451,6 @@ dependencies = [ "uuid", ] -[[package]] -name = "diff" -version = "0.1.13" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8" - [[package]] name = "digest" version = "0.10.7" @@ -476,16 +471,6 @@ dependencies = [ "dirs-sys-next", ] -[[package]] -name = "dirs-next" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b98cf8ebf19c3d1b223e151f99a4f9f0690dca41414773390fc824184ac833e1" -dependencies = [ - "cfg-if", - "dirs-sys-next", -] - [[package]] name = "dirs-sys-next" version = "0.1.2" @@ -876,6 +861,15 @@ dependencies = [ "either", ] +[[package]] +name = "itertools" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186" +dependencies = [ + "either", +] + [[package]] name = "itoa" version = "1.0.11" @@ -911,35 +905,45 @@ dependencies = [ "libc", ] +[[package]] +name = "keccak" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ecc2af9a1119c51f12a14607e783cb977bde58bc069ff0c3da1095e635d70654" +dependencies = [ + "cpufeatures", +] + [[package]] name = "lalrpop" -version = "0.19.12" +version = "0.22.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a1cbf952127589f2851ab2046af368fd20645491bb4b376f04b7f94d7a9837b" +checksum = "06093b57658c723a21da679530e061a8c25340fa5a6f98e313b542268c7e2a1f" dependencies = [ "ascii-canvas", "bit-set", - "diff", "ena", - "is-terminal", - "itertools", + "itertools 0.13.0", "lalrpop-util", "petgraph", + "pico-args", "regex", - "regex-syntax 0.6.29", + "regex-syntax", + "sha3", "string_cache", "term", - "tiny-keccak", "unicode-xid", + "walkdir", ] [[package]] name = "lalrpop-util" -version = "0.19.12" +version = "0.22.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3c48237b9604c5a4702de6b824e02006c3214327564636aef27c1028a8fa0ed" +checksum = "feee752d43abd0f4807a921958ab4131f692a44d4d599733d4419c5d586176ce" dependencies = [ - "regex", + "regex-automata", + "rustversion", ] [[package]] @@ -1146,6 +1150,12 @@ dependencies = [ "siphasher", ] +[[package]] +name = "pico-args" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5be167a7af36ee22fe3115051bc51f6e6c7054c9348e28deb4f49bd6f705a315" + [[package]] name = "pin-project-lite" version = "0.2.14" @@ -1235,7 +1245,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5d2d8d10f3c6ded6da8b05b5fb3b8a5082514344d56c9f871412d29b4e075b4" dependencies = [ "anyhow", - "itertools", + "itertools 0.10.5", "proc-macro2", "quote", "syn 1.0.109", @@ -1486,7 +1496,7 @@ dependencies = [ "aho-corasick", "memchr", "regex-automata", - "regex-syntax 0.8.5", + "regex-syntax", ] [[package]] @@ -1497,15 +1507,9 @@ checksum = "368758f23274712b504848e9d5a6f010445cc8b87a7cdb4d7cbee666c1288da3" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.8.5", + "regex-syntax", ] -[[package]] -name = "regex-syntax" -version = "0.6.29" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" - [[package]] name = "regex-syntax" version = "0.8.5" @@ -1563,6 +1567,15 @@ version = "1.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f" +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + [[package]] name = "scopeguard" version = "1.2.0" @@ -1637,6 +1650,16 @@ dependencies = [ "digest", ] +[[package]] +name = "sha3" +version = "0.10.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75872d278a8f37ef87fa0ddbda7802605cb18344497949862c0d4dcb291eba60" +dependencies = [ + "digest", + "keccak", +] + [[package]] name = "shlex" version = "1.3.0" @@ -1762,13 +1785,12 @@ dependencies = [ [[package]] name = "term" -version = "0.7.0" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c59df8ac95d96ff9bede18eb7300b0fda5e5d8d90960e76f8e14ae765eedbf1f" +checksum = "4df4175de05129f31b80458c6df371a15e7fc3fd367272e6bf938e5c351c7ea0" dependencies = [ - "dirs-next", - "rustversion", - "winapi", + "home", + "windows-sys 0.52.0", ] [[package]] @@ -1809,15 +1831,6 @@ dependencies = [ "syn 2.0.79", ] -[[package]] -name = "tiny-keccak" -version = "2.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" -dependencies = [ - "crunchy", -] - [[package]] name = "tinyvec" version = "1.8.0" @@ -1931,6 +1944,16 @@ version = "0.9.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" +[[package]] +name = "walkdir" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b" +dependencies = [ + "same-file", + "winapi-util", +] + [[package]] name = "wasi" version = "0.9.0+wasi-snapshot-preview1" @@ -2027,7 +2050,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6107809b2d9f5b2fd3ddbaddb3bb92ff8048b62f4030debf1408119ffd38c6cb" dependencies = [ "anyhow", - "base64", + "base64 0.21.7", "bincode", "directories-next", "file-per-thread-logger", diff --git a/Cargo.toml b/Cargo.toml index f462287..c040fce 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -18,6 +18,7 @@ crate-type = ["cdylib"] [features] default = ["with-serde"] with-serde = ["protobuf/with-serde"] +debug-host-behaviour = [] [dependencies] proxy-wasm = "0.2.1" @@ -32,8 +33,8 @@ regex = "1" radix_trie = "0.2.1" const_format = "0.2.31" chrono = { version = "0.4.38", default-features = false, features = ["alloc", "std"] } -cel-interpreter = "0.8.1" -cel-parser = "0.7.1" +cel-interpreter = { git = "https://github.com/clarkmcc/cel-rust", rev = "5b02b08", features = ["json", "regex", "chrono"] } +cel-parser = { git = "https://github.com/clarkmcc/cel-rust", rev = "5b02b08" } urlencoding = "2.1.3" [dev-dependencies] diff --git a/Makefile b/Makefile index e8c3fe8..4c4d8ef 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,9 @@ MKFILE_PATH := $(abspath $(lastword $(MAKEFILE_LIST))) PROJECT_PATH := $(patsubst %/,%,$(dir $(MKFILE_PATH))) BUILD ?= debug +ifneq ($(FEATURES),) + FEATURE_CMD=--features $(FEATURES) +endif WASM_RELEASE_BIN = $(PROJECT_PATH)/target/wasm32-unknown-unknown/$(BUILD)/wasm_shim.wasm WASM_RELEASE_PATH = $(dir $(WASM_RELEASE_BIN)) @@ -24,9 +27,9 @@ $(PROTOC_BIN): build: $(PROTOC_BIN) @echo "Building the wasm filter" ifeq ($(BUILD), release) - export PATH=$(PROJECT_PATH)/bin:$$PATH; cargo build --target=wasm32-unknown-unknown --release + export PATH=$(PROJECT_PATH)/bin:$$PATH; cargo build --target=wasm32-unknown-unknown --release $(FEATURE_CMD) else - export PATH=$(PROJECT_PATH)/bin:$$PATH; cargo build --target=wasm32-unknown-unknown + export PATH=$(PROJECT_PATH)/bin:$$PATH; cargo build --target=wasm32-unknown-unknown $(FEATURE_CMD) endif # Remove old ones and fetch the latest third-party protobufs diff --git a/README.md b/README.md index 5068a97..57afe0d 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,12 @@ Build the WASM module in release mode make build BUILD=release ``` +Build the WASM module with features + +``` +make build FEATURES=debug-host-behaviour +``` + ## Testing ``` diff --git a/src/configuration.rs b/src/configuration.rs index a9c5dda..9d49cc6 100644 --- a/src/configuration.rs +++ b/src/configuration.rs @@ -9,7 +9,7 @@ use crate::configuration::action_set_index::ActionSetIndex; use crate::data; use crate::data::Predicate; use crate::service::GrpcService; -use cel_interpreter::functions::duration; +use cel_interpreter::functions::time::duration; use cel_interpreter::Value; use serde::de::{Error, Visitor}; use serde::{Deserialize, Deserializer}; diff --git a/src/data/cel.rs b/src/data/cel.rs index fc91770..68fe295 100644 --- a/src/data/cel.rs +++ b/src/data/cel.rs @@ -5,6 +5,8 @@ use cel_interpreter::objects::{Key, Map, ValueType}; use cel_interpreter::{Context, ExecutionError, ResolveResult, Value}; use cel_parser::{parse, Expression as CelExpression, Member, ParseError}; use chrono::{DateTime, FixedOffset}; +#[cfg(feature = "debug-host-behaviour")] +use log::debug; use proxy_wasm::types::{Bytes, Status}; use serde_json::Value as JsonValue; use std::collections::hash_map::Entry; @@ -444,6 +446,22 @@ fn properties<'e>(exp: &'e CelExpression, all: &mut Vec>, path: &mu } } +#[cfg(feature = "debug-host-behaviour")] +pub fn debug_all_well_known_attributes() { + let attributes = new_well_known_attribute_map(); + attributes.iter().for_each(|(key, value_type)| { + match proxy_wasm::hostcalls::get_property(key.tokens()) { + Ok(opt_bytes) => match opt_bytes { + None => debug!("{:#?}({}): None", key, value_type), + Some(bytes) => debug!("{:#?}({}): {:?}", key, value_type, bytes), + }, + Err(err) => { + debug!("{:#?}({}): (err) {:?}", key, value_type, err) + } + } + }) +} + pub mod data { use crate::data::cel::Attribute; use cel_interpreter::objects::{Key, Map}; diff --git a/src/data/mod.rs b/src/data/mod.rs index d61009f..9b7dd28 100644 --- a/src/data/mod.rs +++ b/src/data/mod.rs @@ -5,6 +5,9 @@ mod property; pub use attribute::get_attribute; pub use attribute::store_metadata; +#[cfg(feature = "debug-host-behaviour")] +pub use cel::debug_all_well_known_attributes; + pub use cel::Expression; pub use cel::Predicate; diff --git a/src/filter/http_context.rs b/src/filter/http_context.rs index e365ccd..69a8c0c 100644 --- a/src/filter/http_context.rs +++ b/src/filter/http_context.rs @@ -1,5 +1,7 @@ use crate::configuration::action_set::ActionSet; use crate::configuration::{FailureMode, FilterConfig}; +#[cfg(feature = "debug-host-behaviour")] +use crate::data; use crate::operation_dispatcher::{OperationDispatcher, OperationError}; use crate::service::GrpcService; use log::{debug, warn}; @@ -94,6 +96,9 @@ impl HttpContext for Filter { fn on_http_request_headers(&mut self, _: usize, _: bool) -> Action { debug!("#{} on_http_request_headers", self.context_id); + #[cfg(feature = "debug-host-behaviour")] + data::debug_all_well_known_attributes(); + match self .config .index diff --git a/tests/auth.rs b/tests/auth.rs index 730bc2c..38b6081 100644 --- a/tests/auth.rs +++ b/tests/auth.rs @@ -1,8 +1,10 @@ -use crate::util::wasm_module; +use crate::util::common::wasm_module; +use crate::util::data; use proxy_wasm_test_framework::tester; use proxy_wasm_test_framework::types::{Action, BufferType, LogLevel, MapType, ReturnType}; use serial_test::serial; -pub(crate) mod util; + +pub mod util; const CONFIG: &str = r#"{ "services": { @@ -82,19 +84,19 @@ fn it_auths() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("POST".as_bytes())) + .returning(Some(data::request::method::POST)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -107,61 +109,61 @@ fn it_auths() { Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("GET".as_bytes())) + .returning(Some(data::request::method::GET)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"scheme\"]"), ) .expect_get_property(Some(vec!["request", "scheme"])) - .returning(Some("http".as_bytes())) + .returning(Some(data::request::scheme::HTTP)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"path\"]"), ) .expect_get_property(Some(vec!["request", "path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"protocol\"]"), ) .expect_get_property(Some(vec!["request", "protocol"])) - .returning(Some("HTTP".as_bytes())) + .returning(Some(data::request::protocol::HTTP_1_1)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"time\"]"), ) .expect_get_property(Some(vec!["request", "time"])) - .returning(None) + .returning(Some(data::request::TIME)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"address\"]"), ) .expect_get_property(Some(vec!["destination", "address"])) - .returning(Some("127.0.0.1:8000".as_bytes())) + .returning(Some(data::destination::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"port\"]"), ) .expect_get_property(Some(vec!["destination", "port"])) - .returning(Some(&8000u64.to_le_bytes())) + .returning(Some(data::destination::port::P_8000)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"address\"]"), ) .expect_get_property(Some(vec!["source", "address"])) - .returning(Some("127.0.0.1:45000".as_bytes())) + .returning(Some(data::source::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"port\"]"), ) .expect_get_property(Some(vec!["source", "port"])) - .returning(Some(&45000u64.to_le_bytes())) + .returning(Some(data::source::port::P_45000)) // retrieving tracing headers .expect_get_header_map_value(Some(MapType::HttpRequestHeaders), Some("traceparent")) .returning(None) @@ -175,18 +177,19 @@ fn it_auths() { Some("Check"), Some(&[0, 0, 0, 0]), Some(&[ - 10, 220, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, + 10, 236, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 52, 53, 48, 48, 48, 24, 200, 223, 2, 18, 23, 10, 21, 10, 19, 18, 14, 49, 50, 55, - 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 141, 1, 10, 0, 18, - 136, 1, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, 116, 104, 18, 29, 47, 100, - 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, 101, 115, 116, 47, 104, 101, - 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 26, 14, 10, 7, 58, 109, 101, 116, - 104, 111, 100, 18, 3, 71, 69, 84, 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, - 105, 116, 121, 18, 16, 97, 98, 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, - 101, 115, 115, 34, 10, 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, - 97, 114, 115, 46, 116, 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, - 104, 116, 116, 112, 82, 4, 72, 84, 84, 80, 82, 20, 10, 4, 104, 111, 115, 116, 18, - 12, 97, 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, + 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 157, 1, 10, 12, 8, + 146, 140, 179, 185, 6, 16, 240, 213, 233, 163, 3, 18, 140, 1, 18, 3, 71, 69, 84, + 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, 105, 116, 121, 18, 16, 97, 98, + 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, 101, 115, 115, 26, 14, 10, 7, + 58, 109, 101, 116, 104, 111, 100, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, + 116, 104, 18, 29, 47, 100, 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, + 101, 115, 116, 47, 104, 101, 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 34, 10, + 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, 97, 114, 115, 46, 116, + 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, 104, 116, 116, 112, 82, + 8, 72, 84, 84, 80, 47, 49, 46, 49, 82, 20, 10, 4, 104, 111, 115, 116, 18, 12, 97, + 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, ]), Some(5000), ) @@ -278,19 +281,19 @@ fn it_denies() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("POST".as_bytes())) + .returning(Some(data::request::method::POST)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -303,61 +306,61 @@ fn it_denies() { Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("GET".as_bytes())) + .returning(Some(data::request::method::GET)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"scheme\"]"), ) .expect_get_property(Some(vec!["request", "scheme"])) - .returning(Some("http".as_bytes())) + .returning(Some(data::request::scheme::HTTP)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"path\"]"), ) .expect_get_property(Some(vec!["request", "path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"protocol\"]"), ) .expect_get_property(Some(vec!["request", "protocol"])) - .returning(Some("HTTP".as_bytes())) + .returning(Some(data::request::protocol::HTTP_1_1)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"time\"]"), ) .expect_get_property(Some(vec!["request", "time"])) - .returning(None) + .returning(Some(data::request::TIME)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"address\"]"), ) .expect_get_property(Some(vec!["destination", "address"])) - .returning(Some("127.0.0.1:8000".as_bytes())) + .returning(Some(data::destination::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"port\"]"), ) .expect_get_property(Some(vec!["destination", "port"])) - .returning(Some(&8000u64.to_le_bytes())) + .returning(Some(data::destination::port::P_8000)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"address\"]"), ) .expect_get_property(Some(vec!["source", "address"])) - .returning(Some("127.0.0.1:45000".as_bytes())) + .returning(Some(data::source::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"port\"]"), ) .expect_get_property(Some(vec!["source", "port"])) - .returning(Some(&45000u64.to_le_bytes())) + .returning(Some(data::source::port::P_45000)) // retrieving tracing headers .expect_get_header_map_value(Some(MapType::HttpRequestHeaders), Some("traceparent")) .returning(None) @@ -371,18 +374,19 @@ fn it_denies() { Some("Check"), Some(&[0, 0, 0, 0]), Some(&[ - 10, 220, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, + 10, 236, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 52, 53, 48, 48, 48, 24, 200, 223, 2, 18, 23, 10, 21, 10, 19, 18, 14, 49, 50, 55, - 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 141, 1, 10, 0, 18, - 136, 1, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, 116, 104, 18, 29, 47, 100, - 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, 101, 115, 116, 47, 104, 101, - 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 26, 14, 10, 7, 58, 109, 101, 116, - 104, 111, 100, 18, 3, 71, 69, 84, 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, - 105, 116, 121, 18, 16, 97, 98, 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, - 101, 115, 115, 34, 10, 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, - 97, 114, 115, 46, 116, 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, - 104, 116, 116, 112, 82, 4, 72, 84, 84, 80, 82, 20, 10, 4, 104, 111, 115, 116, 18, - 12, 97, 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, + 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 157, 1, 10, 12, 8, + 146, 140, 179, 185, 6, 16, 240, 213, 233, 163, 3, 18, 140, 1, 18, 3, 71, 69, 84, + 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, 105, 116, 121, 18, 16, 97, 98, + 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, 101, 115, 115, 26, 14, 10, 7, + 58, 109, 101, 116, 104, 111, 100, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, + 116, 104, 18, 29, 47, 100, 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, + 101, 115, 116, 47, 104, 101, 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 34, 10, + 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, 97, 114, 115, 46, 116, + 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, 104, 116, 116, 112, 82, + 8, 72, 84, 84, 80, 47, 49, 46, 49, 82, 20, 10, 4, 104, 111, 115, 116, 18, 12, 97, + 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, ]), Some(5000), ) diff --git a/tests/multi.rs b/tests/multi.rs index d2cb383..bc5b6e4 100644 --- a/tests/multi.rs +++ b/tests/multi.rs @@ -1,9 +1,10 @@ -use crate::util::wasm_module; +use crate::util::common::wasm_module; +use crate::util::data; use proxy_wasm_test_framework::tester; use proxy_wasm_test_framework::types::{Action, BufferType, LogLevel, MapType, ReturnType}; use serial_test::serial; -pub(crate) mod util; +pub mod util; const CONFIG: &str = r#"{ "services": { @@ -100,19 +101,19 @@ fn it_performs_authenticated_rate_limiting() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("POST".as_bytes())) + .returning(Some(data::request::method::POST)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -125,61 +126,61 @@ fn it_performs_authenticated_rate_limiting() { Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("GET".as_bytes())) + .returning(Some(data::request::method::GET)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"scheme\"]"), ) .expect_get_property(Some(vec!["request", "scheme"])) - .returning(Some("http".as_bytes())) + .returning(Some(data::request::scheme::HTTP)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"path\"]"), ) .expect_get_property(Some(vec!["request", "path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"protocol\"]"), ) .expect_get_property(Some(vec!["request", "protocol"])) - .returning(Some("HTTP".as_bytes())) + .returning(Some(data::request::protocol::HTTP_1_1)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"time\"]"), ) .expect_get_property(Some(vec!["request", "time"])) - .returning(None) + .returning(Some(data::request::TIME)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"address\"]"), ) .expect_get_property(Some(vec!["destination", "address"])) - .returning(Some("127.0.0.1:8000".as_bytes())) + .returning(Some(data::destination::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"port\"]"), ) .expect_get_property(Some(vec!["destination", "port"])) - .returning(Some(&8000u64.to_le_bytes())) + .returning(Some(data::destination::port::P_8000)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"address\"]"), ) .expect_get_property(Some(vec!["source", "address"])) - .returning(Some("127.0.0.1:45000".as_bytes())) + .returning(Some(data::source::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"port\"]"), ) .expect_get_property(Some(vec!["source", "port"])) - .returning(Some(&45000u64.to_le_bytes())) + .returning(Some(data::source::port::P_45000)) // retrieving tracing headers .expect_get_header_map_value(Some(MapType::HttpRequestHeaders), Some("traceparent")) .returning(None) @@ -193,18 +194,19 @@ fn it_performs_authenticated_rate_limiting() { Some("Check"), Some(&[0, 0, 0, 0]), Some(&[ - 10, 220, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, + 10, 236, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 52, 53, 48, 48, 48, 24, 200, 223, 2, 18, 23, 10, 21, 10, 19, 18, 14, 49, 50, 55, - 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 141, 1, 10, 0, 18, - 136, 1, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, 116, 104, 18, 29, 47, 100, - 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, 101, 115, 116, 47, 104, 101, - 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 26, 14, 10, 7, 58, 109, 101, 116, - 104, 111, 100, 18, 3, 71, 69, 84, 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, - 105, 116, 121, 18, 16, 97, 98, 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, - 101, 115, 115, 34, 10, 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, - 97, 114, 115, 46, 116, 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, - 104, 116, 116, 112, 82, 4, 72, 84, 84, 80, 82, 20, 10, 4, 104, 111, 115, 116, 18, - 12, 97, 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, + 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 157, 1, 10, 12, 8, + 146, 140, 179, 185, 6, 16, 240, 213, 233, 163, 3, 18, 140, 1, 18, 3, 71, 69, 84, + 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, 105, 116, 121, 18, 16, 97, 98, + 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, 101, 115, 115, 26, 14, 10, 7, + 58, 109, 101, 116, 104, 111, 100, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, + 116, 104, 18, 29, 47, 100, 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, + 101, 115, 116, 47, 104, 101, 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 34, 10, + 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, 97, 114, 115, 46, 116, + 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, 104, 116, 116, 112, 82, + 8, 72, 84, 84, 80, 47, 49, 46, 49, 82, 20, 10, 4, 104, 111, 115, 116, 18, 12, 97, + 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, ]), Some(5000), ) @@ -313,19 +315,19 @@ fn unauthenticated_does_not_ratelimit() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("POST".as_bytes())) + .returning(Some(data::request::method::POST)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -338,61 +340,61 @@ fn unauthenticated_does_not_ratelimit() { Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("GET".as_bytes())) + .returning(Some(data::request::method::GET)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"scheme\"]"), ) .expect_get_property(Some(vec!["request", "scheme"])) - .returning(Some("http".as_bytes())) + .returning(Some(data::request::scheme::HTTP)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"path\"]"), ) .expect_get_property(Some(vec!["request", "path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"protocol\"]"), ) .expect_get_property(Some(vec!["request", "protocol"])) - .returning(Some("HTTP".as_bytes())) + .returning(Some(data::request::protocol::HTTP_1_1)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"time\"]"), ) .expect_get_property(Some(vec!["request", "time"])) - .returning(None) + .returning(Some(data::request::TIME)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"address\"]"), ) .expect_get_property(Some(vec!["destination", "address"])) - .returning(Some("127.0.0.1:8000".as_bytes())) + .returning(Some(data::destination::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"port\"]"), ) .expect_get_property(Some(vec!["destination", "port"])) - .returning(Some(&8000u64.to_le_bytes())) + .returning(Some(data::destination::port::P_8000)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"address\"]"), ) .expect_get_property(Some(vec!["source", "address"])) - .returning(Some("127.0.0.1:45000".as_bytes())) + .returning(Some(data::source::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"port\"]"), ) .expect_get_property(Some(vec!["source", "port"])) - .returning(Some(&45000u64.to_le_bytes())) + .returning(Some(data::source::port::P_45000)) // retrieving tracing headers .expect_get_header_map_value(Some(MapType::HttpRequestHeaders), Some("traceparent")) .returning(None) @@ -406,18 +408,19 @@ fn unauthenticated_does_not_ratelimit() { Some("Check"), Some(&[0, 0, 0, 0]), Some(&[ - 10, 220, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, + 10, 236, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 52, 53, 48, 48, 48, 24, 200, 223, 2, 18, 23, 10, 21, 10, 19, 18, 14, 49, 50, 55, - 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 141, 1, 10, 0, 18, - 136, 1, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, 116, 104, 18, 29, 47, 100, - 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, 101, 115, 116, 47, 104, 101, - 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 26, 14, 10, 7, 58, 109, 101, 116, - 104, 111, 100, 18, 3, 71, 69, 84, 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, - 105, 116, 121, 18, 16, 97, 98, 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, - 101, 115, 115, 34, 10, 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, - 97, 114, 115, 46, 116, 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, - 104, 116, 116, 112, 82, 4, 72, 84, 84, 80, 82, 20, 10, 4, 104, 111, 115, 116, 18, - 12, 97, 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, + 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 157, 1, 10, 12, 8, + 146, 140, 179, 185, 6, 16, 240, 213, 233, 163, 3, 18, 140, 1, 18, 3, 71, 69, 84, + 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, 105, 116, 121, 18, 16, 97, 98, + 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, 101, 115, 115, 26, 14, 10, 7, + 58, 109, 101, 116, 104, 111, 100, 18, 3, 71, 69, 84, 26, 38, 10, 5, 58, 112, 97, + 116, 104, 18, 29, 47, 100, 101, 102, 97, 117, 108, 116, 47, 114, 101, 113, 117, + 101, 115, 116, 47, 104, 101, 97, 100, 101, 114, 115, 47, 112, 97, 116, 104, 34, 10, + 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, 97, 114, 115, 46, 116, + 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, 104, 116, 116, 112, 82, + 8, 72, 84, 84, 80, 47, 49, 46, 49, 82, 20, 10, 4, 104, 111, 115, 116, 18, 12, 97, + 117, 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, ]), Some(5000), ) @@ -586,19 +589,19 @@ fn authenticated_one_ratelimit_action_matches() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("POST".as_bytes())) + .returning(Some(data::request::method::POST)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -611,61 +614,61 @@ fn authenticated_one_ratelimit_action_matches() { Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("GET".as_bytes())) + .returning(Some(data::request::method::GET)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"scheme\"]"), ) .expect_get_property(Some(vec!["request", "scheme"])) - .returning(Some("http".as_bytes())) + .returning(Some(data::request::scheme::HTTP)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"path\"]"), ) .expect_get_property(Some(vec!["request", "path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"protocol\"]"), ) .expect_get_property(Some(vec!["request", "protocol"])) - .returning(Some("HTTP".as_bytes())) + .returning(Some(data::request::protocol::HTTP_1_1)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"time\"]"), ) .expect_get_property(Some(vec!["request", "time"])) - .returning(None) + .returning(Some(data::request::TIME)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"address\"]"), ) .expect_get_property(Some(vec!["destination", "address"])) - .returning(Some("127.0.0.1:8000".as_bytes())) + .returning(Some(data::destination::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"destination\", \"port\"]"), ) .expect_get_property(Some(vec!["destination", "port"])) - .returning(Some(&8000u64.to_le_bytes())) + .returning(Some(data::destination::port::P_8000)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"address\"]"), ) .expect_get_property(Some(vec!["source", "address"])) - .returning(Some("1.2.3.4:80".as_bytes())) + .returning(Some(data::source::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"source\", \"port\"]"), ) .expect_get_property(Some(vec!["source", "port"])) - .returning(Some(&45000u64.to_le_bytes())) + .returning(Some(data::source::port::P_45000)) // retrieving tracing headers .expect_get_header_map_value(Some(MapType::HttpRequestHeaders), Some("traceparent")) .returning(None) @@ -679,18 +682,19 @@ fn authenticated_one_ratelimit_action_matches() { Some("Check"), Some(&[0, 0, 0, 0]), Some(&[ - 10, 215, 1, 10, 20, 10, 18, 10, 16, 18, 10, 49, 46, 50, 46, 51, 46, 52, 58, 56, 48, - 24, 200, 223, 2, 18, 23, 10, 21, 10, 19, 18, 14, 49, 50, 55, 46, 48, 46, 48, 46, - 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 141, 1, 10, 0, 18, 136, 1, 18, 3, 71, 69, - 84, 26, 14, 10, 7, 58, 109, 101, 116, 104, 111, 100, 18, 3, 71, 69, 84, 26, 38, 10, - 5, 58, 112, 97, 116, 104, 18, 29, 47, 100, 101, 102, 97, 117, 108, 116, 47, 114, - 101, 113, 117, 101, 115, 116, 47, 104, 101, 97, 100, 101, 114, 115, 47, 112, 97, - 116, 104, 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, 105, 116, 121, 18, 16, - 97, 98, 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, 101, 115, 115, 34, 10, - 47, 97, 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, 97, 114, 115, 46, 116, - 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, 104, 116, 116, 112, 82, - 4, 72, 84, 84, 80, 82, 20, 10, 4, 104, 111, 115, 116, 18, 12, 97, 117, 116, 104, - 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, + 10, 236, 1, 10, 25, 10, 23, 10, 21, 18, 15, 49, 50, 55, 46, 48, 46, 48, 46, 49, 58, + 52, 53, 48, 48, 48, 24, 200, 223, 2, 18, 23, 10, 21, 10, 19, 18, 14, 49, 50, 55, + 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48, 24, 192, 62, 34, 157, 1, 10, 12, 8, + 146, 140, 179, 185, 6, 16, 240, 213, 233, 163, 3, 18, 140, 1, 18, 3, 71, 69, 84, + 26, 38, 10, 5, 58, 112, 97, 116, 104, 18, 29, 47, 100, 101, 102, 97, 117, 108, 116, + 47, 114, 101, 113, 117, 101, 115, 116, 47, 104, 101, 97, 100, 101, 114, 115, 47, + 112, 97, 116, 104, 26, 14, 10, 7, 58, 109, 101, 116, 104, 111, 100, 18, 3, 71, 69, + 84, 26, 30, 10, 10, 58, 97, 117, 116, 104, 111, 114, 105, 116, 121, 18, 16, 97, 98, + 105, 95, 116, 101, 115, 116, 95, 104, 97, 114, 110, 101, 115, 115, 34, 10, 47, 97, + 100, 109, 105, 110, 47, 116, 111, 121, 42, 17, 99, 97, 114, 115, 46, 116, 111, 121, + 115, 116, 111, 114, 101, 46, 99, 111, 109, 50, 4, 104, 116, 116, 112, 82, 8, 72, + 84, 84, 80, 47, 49, 46, 49, 82, 20, 10, 4, 104, 111, 115, 116, 18, 12, 97, 117, + 116, 104, 99, 111, 110, 102, 105, 103, 45, 65, 90, 0, ]), Some(5000), ) diff --git a/tests/rate_limited.rs b/tests/rate_limited.rs index f0fd84f..0c0e72b 100644 --- a/tests/rate_limited.rs +++ b/tests/rate_limited.rs @@ -1,9 +1,10 @@ -use crate::util::wasm_module; +use crate::util::common::wasm_module; +use crate::util::data; use proxy_wasm_test_framework::tester; use proxy_wasm_test_framework::types::{Action, BufferType, LogLevel, MapType, ReturnType}; use serial_test::serial; -pub(crate) mod util; +pub mod util; #[test] #[serial] @@ -150,19 +151,19 @@ fn it_limits() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("POST".as_bytes())) + .returning(Some(data::request::method::POST)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -296,19 +297,19 @@ fn it_passes_additional_headers() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin/toy".as_bytes())) + .returning(Some(data::request::path::ADMIN_TOY)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"host\"]"), ) .expect_get_property(Some(vec!["request", "host"])) - .returning(Some("cars.toystore.com".as_bytes())) + .returning(Some(data::request::HOST)) .expect_log( Some(LogLevel::Debug), Some("get_property: path: [\"request\", \"method\"]"), ) .expect_get_property(Some(vec!["request", "method"])) - .returning(Some("POST".as_bytes())) + .returning(Some(data::request::method::POST)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -573,7 +574,7 @@ fn it_does_not_rate_limits_when_predicates_does_not_match() { Some("get_property: path: [\"request\", \"url_path\"]"), ) .expect_get_property(Some(vec!["request", "url_path"])) - .returning(Some("/admin".as_bytes())) + .returning(Some(data::request::path::ADMIN)) .expect_log( Some(LogLevel::Debug), Some("actions conditions do not apply, skipping"), diff --git a/tests/remote_address.rs b/tests/remote_address.rs index c89a53d..4e6fe82 100644 --- a/tests/remote_address.rs +++ b/tests/remote_address.rs @@ -1,9 +1,10 @@ -use crate::util::wasm_module; +use crate::util::common::wasm_module; +use crate::util::data; use proxy_wasm_test_framework::tester; use proxy_wasm_test_framework::types::{Action, BufferType, LogLevel, MapType, ReturnType}; use serial_test::serial; -pub(crate) mod util; +pub mod util; #[test] #[serial] @@ -89,7 +90,7 @@ fn it_limits_based_on_source_address() { Some("get_property: path: [\"source\", \"address\"]"), ) .expect_get_property(Some(vec!["source", "address"])) - .returning(Some("40.0.0.1:0".as_bytes())) + .returning(Some(data::source::ADDRESS)) .expect_log( Some(LogLevel::Debug), Some("#2 action_set selected some-name"), @@ -100,7 +101,7 @@ fn it_limits_based_on_source_address() { Some("get_property: path: [\"source\", \"address\"]"), ) .expect_get_property(Some(vec!["source", "address"])) - .returning(Some("40.0.0.1:0".as_bytes())) + .returning(Some(data::source::ADDRESS)) // retrieving tracing headers .expect_get_header_map_value(Some(MapType::HttpRequestHeaders), Some("traceparent")) .returning(None) @@ -114,9 +115,9 @@ fn it_limits_based_on_source_address() { Some("ShouldRateLimit"), Some(&[0, 0, 0, 0]), Some(&[ - 10, 10, 82, 76, 83, 45, 100, 111, 109, 97, 105, 110, 18, 35, 10, 33, 10, 21, 115, + 10, 10, 82, 76, 83, 45, 100, 111, 109, 97, 105, 110, 18, 36, 10, 34, 10, 21, 115, 111, 117, 114, 99, 101, 46, 114, 101, 109, 111, 116, 101, 95, 97, 100, 100, 114, - 101, 115, 115, 18, 8, 52, 48, 46, 48, 46, 48, 46, 49, 24, 1, + 101, 115, 115, 18, 9, 49, 50, 55, 46, 48, 46, 48, 46, 49, 24, 1, ]), Some(5000), ) diff --git a/tests/util.rs b/tests/util/common.rs similarity index 100% rename from tests/util.rs rename to tests/util/common.rs diff --git a/tests/util/data.rs b/tests/util/data.rs new file mode 100644 index 0000000..68e3f44 --- /dev/null +++ b/tests/util/data.rs @@ -0,0 +1,127 @@ +// Data retrieved from the well-known attributes using Envoy v1.31-latest + +#[cfg(test)] +pub mod request { + pub mod method { + pub const GET: &[u8] = &[71, 69, 84]; + pub const POST: &[u8] = &[80, 79, 83, 84]; + } + pub mod scheme { + pub const HTTP: &[u8] = &[104, 116, 116, 112]; + pub const HTTPS: &[u8] = &[104, 116, 116, 112, 115]; + } + pub mod protocol { + // 'HTTP/1.1' + pub const HTTP_1_1: &[u8] = &[72, 84, 84, 80, 47, 49, 46, 49]; + } + pub mod path { + // '/admin' + pub const ADMIN: &[u8] = &[47, 97, 100, 109, 105, 110]; + // '/admin/toy' + pub const ADMIN_TOY: &[u8] = &[47, 97, 100, 109, 105, 110, 47, 116, 111, 121]; + } + pub mod useragent { + // 'curl/8.7.1' + pub const CURL_8_7_1: &[u8] = &[99, 117, 114, 108, 47, 56, 46, 55, 46, 49]; + } + // 'cars.toystore.com' + pub const HOST: &[u8] = &[ + 99, 97, 114, 115, 46, 116, 111, 121, 115, 116, 111, 114, 101, 46, 99, 111, 109, + ]; + // '12d04ae3-6cfd-4e55-aad4-63555beb0bc5' + pub const ID: &[u8] = &[ + 49, 50, 100, 48, 52, 97, 101, 51, 45, 54, 99, 102, 100, 45, 52, 101, 53, 53, 45, 97, 97, + 100, 52, 45, 54, 51, 53, 53, 53, 98, 101, 98, 48, 98, 99, 53, + ]; + pub const SIZE: &[u8] = &[0, 0, 0, 0, 0, 0, 0, 0]; + // 8 byte nanos from epoch: 1_730_987_538_880_438_000 + pub const TIME: &[u8] = &[240, 158, 152, 213, 254, 179, 5, 24]; +} + +pub mod source { + // '127.0.0.1:45000' + pub const ADDRESS: &[u8] = &[49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 52, 53, 48, 48, 48]; + pub mod port { + pub const P_45000: &[u8] = &[200, 175, 0, 0, 0, 0, 0, 0]; + } +} + +pub mod destination { + // '127.0.0.1:8000' + pub const ADDRESS: &[u8] = &[49, 50, 55, 46, 48, 46, 48, 46, 49, 58, 56, 48, 48, 48]; + pub mod port { + pub const P_8000: &[u8] = &[64, 31, 0, 0, 0, 0, 0, 0]; + } +} + +pub mod connection { + pub const ID: &[u8] = &[0, 0, 0, 0, 0, 0, 0, 0]; + pub const MTLS: &[u8] = &[0]; +} + +// Example CheckRequest +#[allow(dead_code)] +const CHECK_REQUEST: &str = r#" +attributes { + source { + address { + socket_address { + address: "127.0.0.1:45000" + port_value: 45000 + } + } + } + destination { + address { + socket_address { + address: "127.0.0.1:8000" + port_value: 8000 + } + } + } + request { + time { + seconds: 1730987538 + nanos: 880438000 + } + http { + method: "GET" + headers { + key: ":authority" + value: "abi_test_harness" + } + headers { + key: ":method" + value: "GET" + } + headers { + key: ":path" + value: "/default/request/headers/path" + } + path: "/admin/toy" + host: "cars.toystore.com" + scheme: "http" + protocol: "HTTP/1.1" + } + } + context_extensions { + key: "host" + value: "authconfig-A" + } + metadata_context { + } +} +"#; + +// Example Ratelimit Request +#[allow(dead_code)] +const RATELIMIT_REQUEST: &str = r#" +domain: "RLS-domain" +descriptors { + entries { + key: "admin" + value: "1" + } +} +hits_addend: 1 +"#; diff --git a/tests/util/mod.rs b/tests/util/mod.rs new file mode 100644 index 0000000..d063002 --- /dev/null +++ b/tests/util/mod.rs @@ -0,0 +1,3 @@ +pub mod common; + +pub mod data;