Merge pull request #18 from FireTail-io/fix-openapi-spec-size-limit

load openapi spec via go middleware

Author: rileyfiretail

src/nginx_module/filter_response_body.c

@@ -96,21 +96,16 @@ ngx_int_t FiretailResponseBodyFilter(ngx_http_request_t *request, ngx_chain_t *c
     }
     ngx_log_debug(NGX_LOG_DEBUG, request->connection->log, 0, "Validating response body...");
 
-    char *schema = ngx_palloc(request->pool, main_config->FiretailAppSpec.len);
-    ngx_memcpy(schema, main_config->FiretailAppSpec.data, main_config->FiretailAppSpec.len);
-
     validation_result = response_body_validator(
         (char *)main_config->FiretailUrl.data, main_config->FiretailUrl.len, (char *)main_config->FiretailApiToken.data,
         main_config->FiretailApiToken.len, (char *)ctx->request_body, (int)ctx->request_body_size,
-        (char *)ctx->request_headers_json, (int)ctx->request_headers_json_size, schema, strlen(schema),
-        ctx->response_body, ctx->response_body_size, response_headers_json_string, strlen(response_headers_json_string),
+        (char *)ctx->request_headers_json, (int)ctx->request_headers_json_size, ctx->response_body,
+        ctx->response_body_size, response_headers_json_string, strlen(response_headers_json_string),
         request->unparsed_uri.data, request->unparsed_uri.len, ctx->status_code, request->method_name.data,
         request->method_name.len);
     ngx_log_debug(NGX_LOG_DEBUG, request->connection->log, 0, "Validation response result: %d", validation_result.r0);
     ngx_log_debug(NGX_LOG_DEBUG, request->connection->log, 0, "Validating response body: %s", validation_result.r1);
 
-    ngx_pfree(request->pool, schema);
-
     // if validation result is not successful
     if (validation_result.r0 > 0) {
       return ngx_http_firetail_send(request, ctx, NULL, validation_result.r1);

src/nginx_module/firetail_module.c

@@ -87,9 +87,8 @@ static ngx_int_t ngx_http_firetail_handler_internal(ngx_http_request_t *request)
 
   // Update the ctx with the new updated body
   ctx->request_body = updated_request_body;
-  // run the validation
-  FiretailMainConfig *main_config = ngx_http_get_module_main_conf(request, ngx_firetail_module);
 
+  // run the validation
   void *validator_module = dlopen("/etc/nginx/modules/firetail-validator.so", RTLD_LAZY);
   if (!validator_module) {
     return NGX_ERROR;
@@ -103,23 +102,17 @@ static ngx_int_t ngx_http_firetail_handler_internal(ngx_http_request_t *request)
   }
   ngx_log_debug(NGX_LOG_DEBUG, request->connection->log, 0, "Validating request body...");
 
-  char *schema = ngx_palloc(request->pool, main_config->FiretailAppSpec.len);
-  ngx_memcpy(schema, main_config->FiretailAppSpec.data, main_config->FiretailAppSpec.len);
-
-  struct ValidateRequestBody_return validation_result = request_body_validator(
-      schema, strlen(schema), ctx->request_body, ctx->request_body_size, request->unparsed_uri.data,
-      request->unparsed_uri.len, request->method_name.data, request->method_name.len, (char *)ctx->request_headers_json,
-      ctx->request_headers_json_size);
+  struct ValidateRequestBody_return validation_result =
+      request_body_validator(ctx->request_body, ctx->request_body_size, request->unparsed_uri.data,
+                             request->unparsed_uri.len, request->method_name.data, request->method_name.len,
+                             (char *)ctx->request_headers_json, ctx->request_headers_json_size);
 
   ngx_log_debug(NGX_LOG_DEBUG, request->connection->log, 0, "Validation request result: %d", validation_result.r0);
   ngx_log_debug(NGX_LOG_DEBUG, request->connection->log, 0, "Validating request body: %s", validation_result.r1);
 
   // if validation is unsuccessful, return bad request
   if (validation_result.r0 > 0) return ngx_http_firetail_request(request, NULL, chain_head, validation_result.r1);
 
-  // else continue request
-  ngx_pfree(request->pool, schema);
-
   dlclose(validator_module);
 
   return NGX_OK;  // can be NGX_DECLINED - see ngx_http_mirror_handler_internal
@@ -201,34 +194,6 @@ static void *CreateFiretailMainConfig(ngx_conf_t *configuration_object) {
   http_main_config->FiretailApiToken = firetail_api_token;
   http_main_config->FiretailUrl = firetail_url;
 
-  // load appspec schema
-  // schema file pointer
-  FILE *schema;
-
-  // initialize variables with an arbitary size
-  char data[SIZE];
-  char str[SIZE];
-
-  // open schema spec
-  schema = fopen("/etc/nginx/appspec.yml", "r");
-  if (schema == NULL) {
-    printf("Error! count not load schema");
-    exit(1);
-  }
-
-  // resize data
-  while (fgets(str, SIZE, schema)) {
-    // concatenate the string with line termination \0
-    // at the end
-    strcat(data, str);
-  }
-
-  ngx_str_t spec = ngx_string(data);
-
-  http_main_config->FiretailAppSpec = spec;
-
-  fclose(schema);
-
   return http_main_config;
 }
 

src/nginx_module/firetail_module.h

@@ -10,20 +10,17 @@ struct ValidateResponseBody_return {
   char* r1;
 };
 typedef struct ValidateResponseBody_return (*ValidateResponseBody)(char*, int, char*, int, char*, int, char*, int,
-                                                                   char*, int, void*, int, char*, int, void*, int, int,
-                                                                   void*, int);
+                                                                   void*, int, char*, int, void*, int, int, void*, int);
 
 struct ValidateRequestBody_return {
   int r0;
   char* r1;
 };
-typedef struct ValidateRequestBody_return (*ValidateRequestBody)(char*, int, void*, int, void*, int, void*, int, void*,
-                                                                 int);
+typedef struct ValidateRequestBody_return (*ValidateRequestBody)(void*, int, void*, int, void*, int, void*, int);
 
 // This config struct will hold our API key
 typedef struct {
   ngx_str_t FiretailApiToken;  // TODO: this should probably be a *ngx_str_t
-  ngx_str_t FiretailAppSpec;
   ngx_str_t FiretailUrl;
 } FiretailMainConfig;
 

src/validator/main.go

@@ -23,7 +23,6 @@ var firetailResponseMiddleware func(next http.Handler) http.Handler
 
 //export ValidateRequestBody
 func ValidateRequestBody(
-	specBytes unsafe.Pointer, specLength C.int,
 	bodyCharPtr unsafe.Pointer, bodyLength C.int,
 	pathCharPtr unsafe.Pointer, pathLength C.int,
 	methodCharPtr unsafe.Pointer, methodLength C.int,
@@ -33,7 +32,7 @@ func ValidateRequestBody(
 	if firetailRequestMiddleware == nil {
 		var err error
 		firetailRequestMiddleware, err = firetail.GetMiddleware(&firetail.Options{
-			OpenapiBytes:             C.GoBytes(specBytes, specLength),
+			OpenapiSpecPath:          "/etc/nginx/appspec.yml",
 			LogsApiToken:             "",
 			LogsApiUrl:               "",
 			DebugErrs:                true,
@@ -97,7 +96,6 @@ func ValidateResponseBody(
 	tokenCharPtr unsafe.Pointer, tokenLength C.int,
 	reqBodyCharPtr unsafe.Pointer, reqBodyLength C.int,
 	reqHeadersJsonCharPtr unsafe.Pointer, reqHeadersJsonLength C.int,
-	specBytes unsafe.Pointer, specLength C.int,
 	resBodyCharPtr unsafe.Pointer, resBodyLength C.int,
 	resHeadersJsonCharPtr unsafe.Pointer, resHeadersJsonLength C.int,
 	pathCharPtr unsafe.Pointer, pathLength C.int,
@@ -107,7 +105,7 @@ func ValidateResponseBody(
 	if firetailResponseMiddleware == nil {
 		var err error
 		firetailResponseMiddleware, err = firetail.GetMiddleware(&firetail.Options{
-			OpenapiBytes:             C.GoBytes(specBytes, specLength),
+			OpenapiSpecPath:          "/etc/nginx/appspec.yml",
 			LogsApiToken:             strings.TrimSpace(string(C.GoBytes(tokenCharPtr, tokenLength))),
 			LogsApiUrl:               strings.TrimSpace(string(C.GoBytes(urlCharPtr, urlLength))),
 			DebugErrs:                true,