open-vault/http/util.go

103 lines
2.7 KiB
Go
Raw Normal View History

2018-09-18 03:03:00 +00:00
package http
import (
2020-06-26 21:13:16 +00:00
"fmt"
"net"
2018-09-18 03:03:00 +00:00
"net/http"
2020-06-26 21:13:16 +00:00
"strings"
2018-09-18 03:03:00 +00:00
"github.com/hashicorp/vault/sdk/logical"
2020-06-26 21:13:16 +00:00
"github.com/hashicorp/errwrap"
2018-09-18 03:03:00 +00:00
"github.com/hashicorp/vault/helper/namespace"
"github.com/hashicorp/vault/vault"
2020-06-26 21:13:16 +00:00
"github.com/hashicorp/vault/vault/quotas"
2018-09-18 03:03:00 +00:00
)
var (
adjustRequest = func(c *vault.Core, r *http.Request) (*http.Request, int) {
2020-06-26 21:13:16 +00:00
return r, 0
2018-09-18 03:03:00 +00:00
}
genericWrapping = func(core *vault.Core, in http.Handler, props *vault.HandlerProperties) http.Handler {
// Wrap the help wrapped handler with another layer with a generic
// handler
return wrapGenericHandler(core, in, props)
2018-09-18 03:03:00 +00:00
}
additionalRoutes = func(mux *http.ServeMux, core *vault.Core) {}
nonVotersAllowed = false
2018-09-18 03:03:00 +00:00
)
2020-06-26 21:13:16 +00:00
func rateLimitQuotaWrapping(handler http.Handler, core *vault.Core) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ns, err := namespace.FromContext(r.Context())
if err != nil {
respondError(w, http.StatusInternalServerError, err)
return
}
// We don't want to do buildLogicalRequestNoAuth here because, if the
// request gets allowed by the quota, the same function will get called
// again, which is not desired.
path, status, err := buildLogicalPath(r)
if err != nil || status != 0 {
respondError(w, status, err)
return
}
2020-06-26 21:13:16 +00:00
quotaResp, err := core.ApplyRateLimitQuota(&quotas.Request{
Type: quotas.TypeRateLimit,
Path: path,
MountPath: strings.TrimPrefix(core.MatchingMount(r.Context(), path), ns.Path),
2020-06-26 21:13:16 +00:00
NamespacePath: ns.Path,
ClientAddress: parseRemoteIPAddress(r),
})
if err != nil {
core.Logger().Error("failed to apply quota", "path", path, "error", err)
2020-06-26 21:13:16 +00:00
respondError(w, http.StatusUnprocessableEntity, err)
return
}
if !quotaResp.Allowed {
quotaErr := errwrap.Wrapf(fmt.Sprintf("request path %q: {{err}}", path), quotas.ErrRateLimitQuotaExceeded)
2020-06-26 21:13:16 +00:00
respondError(w, http.StatusTooManyRequests, quotaErr)
if core.Logger().IsTrace() {
core.Logger().Trace("request rejected due to lease count quota violation", "request_path", path)
2020-06-26 21:13:16 +00:00
}
if core.RateLimitAuditLoggingEnabled() {
req, _, status, err := buildLogicalRequestNoAuth(core.PerfStandby(), w, r)
if err != nil || status != 0 {
respondError(w, status, err)
return
}
err = core.AuditLogger().AuditRequest(r.Context(), &logical.LogInput{
2020-06-26 21:13:16 +00:00
Request: req,
OuterErr: quotaErr,
})
if err != nil {
core.Logger().Warn("failed to audit log request rejection caused by rate limit quota violation", "error", err)
}
2020-06-26 21:13:16 +00:00
}
return
}
handler.ServeHTTP(w, r)
return
})
}
func parseRemoteIPAddress(r *http.Request) string {
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err != nil {
return ""
}
return ip
}