Reset

2025-04-04 19:06:29 -07:00
parent ebb45b13bb
commit 393381d456
275 changed files with 56094 additions and 2 deletions
--- a/config/web/web.go
+++ b/config/web/web.go
@ -0,0 +1,107 @@
+package web
+
+import (
+	"crypto/tls"
+	"errors"
+	"fmt"
+	"math"
+)
+
+const (
+	// DefaultAddress is the default address the application will bind to
+	DefaultAddress = "0.0.0.0"
+
+	// DefaultPort is the default port the application will listen on
+	DefaultPort = 8080
+
+	// DefaultReadBufferSize is the default value for ReadBufferSize
+	DefaultReadBufferSize = 8192
+
+	// MinimumReadBufferSize is the minimum value for ReadBufferSize, and also the default value set
+	// for fiber.Config.ReadBufferSize
+	MinimumReadBufferSize = 4096
+)
+
+// Config is the structure which supports the configuration of the server listening to requests
+type Config struct {
+	// Address to listen on (defaults to 0.0.0.0 specified by DefaultAddress)
+	Address string `yaml:"address"`
+
+	// Port to listen on (default to 8080 specified by DefaultPort)
+	Port int `yaml:"port"`
+
+	// ReadBufferSize sets fiber.Config.ReadBufferSize, which is the buffer size for reading requests coming from a
+	// single connection and also acts as a limit for the maximum header size.
+	//
+	// If you're getting occasional "Request Header Fields Too Large", you may want to try increasing this value.
+	//
+	// Defaults to DefaultReadBufferSize
+	ReadBufferSize int `yaml:"read-buffer-size,omitempty"`
+
+	// TLS configuration (optional)
+	TLS *TLSConfig `yaml:"tls,omitempty"`
+}
+
+type TLSConfig struct {
+	// CertificateFile is the public certificate for TLS in PEM format.
+	CertificateFile string `yaml:"certificate-file,omitempty"`
+
+	// PrivateKeyFile is the private key file for TLS in PEM format.
+	PrivateKeyFile string `yaml:"private-key-file,omitempty"`
+}
+
+// GetDefaultConfig returns a Config struct with the default values
+func GetDefaultConfig() *Config {
+	return &Config{
+		Address:        DefaultAddress,
+		Port:           DefaultPort,
+		ReadBufferSize: DefaultReadBufferSize,
+	}
+}
+
+// ValidateAndSetDefaults validates the web configuration and sets the default values if necessary.
+func (web *Config) ValidateAndSetDefaults() error {
+	// Validate the Address
+	if len(web.Address) == 0 {
+		web.Address = DefaultAddress
+	}
+	// Validate the Port
+	if web.Port == 0 {
+		web.Port = DefaultPort
+	} else if web.Port < 0 || web.Port > math.MaxUint16 {
+		return fmt.Errorf("invalid port: value should be between %d and %d", 0, math.MaxUint16)
+	}
+	// Validate ReadBufferSize
+	if web.ReadBufferSize == 0 {
+		web.ReadBufferSize = DefaultReadBufferSize // Not set? Use the default value.
+	} else if web.ReadBufferSize < MinimumReadBufferSize {
+		web.ReadBufferSize = MinimumReadBufferSize // Below the minimum? Use the minimum value.
+	}
+	// Try to load the TLS certificates
+	if web.TLS != nil {
+		if err := web.TLS.isValid(); err != nil {
+			return fmt.Errorf("invalid tls config: %w", err)
+		}
+	}
+	return nil
+}
+
+func (web *Config) HasTLS() bool {
+	return web.TLS != nil && len(web.TLS.CertificateFile) > 0 && len(web.TLS.PrivateKeyFile) > 0
+}
+
+// SocketAddress returns the combination of the Address and the Port
+func (web *Config) SocketAddress() string {
+	return fmt.Sprintf("%s:%d", web.Address, web.Port)
+}
+
+func (t *TLSConfig) isValid() error {
+	if len(t.CertificateFile) > 0 && len(t.PrivateKeyFile) > 0 {
+		_, err := tls.LoadX509KeyPair(t.CertificateFile, t.PrivateKeyFile)
+		if err != nil {
+			return err
+		}
+		return nil
+	}
+	return errors.New("certificate-file and private-key-file must be specified")
+}
--- a/config/web/web_test.go
+++ b/config/web/web_test.go
@ -0,0 +1,187 @@
+package web
+
+import (
+	"testing"
+)
+
+func TestGetDefaultConfig(t *testing.T) {
+	defaultConfig := GetDefaultConfig()
+	if defaultConfig.Port != DefaultPort {
+		t.Error("expected default config to have the default port")
+	}
+	if defaultConfig.Address != DefaultAddress {
+		t.Error("expected default config to have the default address")
+	}
+	if defaultConfig.ReadBufferSize != DefaultReadBufferSize {
+		t.Error("expected default config to have the default read buffer size")
+	}
+	if defaultConfig.TLS != nil {
+		t.Error("expected default config to have TLS disabled")
+	}
+}
+
+func TestConfig_ValidateAndSetDefaults(t *testing.T) {
+	scenarios := []struct {
+		name                   string
+		cfg                    *Config
+		expectedAddress        string
+		expectedPort           int
+		expectedReadBufferSize int
+		expectedErr            bool
+	}{
+		{
+			name:                   "no-explicit-config",
+			cfg:                    &Config{},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: 8192,
+			expectedErr:            false,
+		},
+		{
+			name:        "invalid-port",
+			cfg:         &Config{Port: 100000000},
+			expectedErr: true,
+		},
+		{
+			name:                   "read-buffer-size-below-minimum",
+			cfg:                    &Config{ReadBufferSize: 1024},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: MinimumReadBufferSize, // minimum is 4096, default is 8192.
+			expectedErr:            false,
+		},
+		{
+			name:                   "read-buffer-size-at-minimum",
+			cfg:                    &Config{ReadBufferSize: MinimumReadBufferSize},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: 4096,
+			expectedErr:            false,
+		},
+		{
+			name:                   "custom-read-buffer-size",
+			cfg:                    &Config{ReadBufferSize: 65536},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: 65536,
+			expectedErr:            false,
+		},
+		{
+			name:                   "with-good-tls-config",
+			cfg:                    &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "../../testdata/cert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           443,
+			expectedReadBufferSize: 8192,
+			expectedErr:            false,
+		},
+		{
+			name:                   "with-bad-tls-config",
+			cfg:                    &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "../../testdata/badcert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           443,
+			expectedReadBufferSize: 8192,
+			expectedErr:            true,
+		},
+		{
+			name:                   "with-partial-tls-config",
+			cfg:                    &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           443,
+			expectedReadBufferSize: 8192,
+			expectedErr:            true,
+		},
+	}
+	for _, scenario := range scenarios {
+		t.Run(scenario.name, func(t *testing.T) {
+			err := scenario.cfg.ValidateAndSetDefaults()
+			if (err != nil) != scenario.expectedErr {
+				t.Errorf("expected the existence of an error to be %v, got %v", scenario.expectedErr, err)
+				return
+			}
+			if !scenario.expectedErr {
+				if scenario.cfg.Port != scenario.expectedPort {
+					t.Errorf("expected Port to be %d, got %d", scenario.expectedPort, scenario.cfg.Port)
+				}
+				if scenario.cfg.ReadBufferSize != scenario.expectedReadBufferSize {
+					t.Errorf("expected ReadBufferSize to be %d, got %d", scenario.expectedReadBufferSize, scenario.cfg.ReadBufferSize)
+				}
+				if scenario.cfg.Address != scenario.expectedAddress {
+					t.Errorf("expected Address to be %s, got %s", scenario.expectedAddress, scenario.cfg.Address)
+				}
+			}
+		})
+	}
+}
+
+func TestConfig_SocketAddress(t *testing.T) {
+	web := &Config{
+		Address: "0.0.0.0",
+		Port:    8081,
+	}
+	if web.SocketAddress() != "0.0.0.0:8081" {
+		t.Errorf("expected %s, got %s", "0.0.0.0:8081", web.SocketAddress())
+	}
+}
+
+func TestConfig_isValid(t *testing.T) {
+	scenarios := []struct {
+		name        string
+		cfg         *Config
+		expectedErr bool
+	}{
+		{
+			name:        "good-tls-config",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "../../testdata/cert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedErr: false,
+		},
+		{
+			name:        "missing-certificate-file",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "doesnotexist", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedErr: true,
+		},
+		{
+			name:        "bad-certificate-file",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "../../testdata/badcert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedErr: true,
+		},
+		{
+			name:        "no-certificate-file",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedErr: true,
+		},
+		{
+			name:        "missing-private-key-file",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "../../testdata/cert.pem", PrivateKeyFile: "doesnotexist"}},
+			expectedErr: true,
+		},
+		{
+			name:        "no-private-key-file",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "../../testdata/cert.pem", PrivateKeyFile: ""}},
+			expectedErr: true,
+		},
+		{
+			name:        "bad-private-key-file",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "../../testdata/cert.pem", PrivateKeyFile: "../../testdata/badcert.key"}},
+			expectedErr: true,
+		},
+		{
+			name:        "bad-certificate-and-private-key-file",
+			cfg:         &Config{TLS: &TLSConfig{CertificateFile: "../../testdata/badcert.pem", PrivateKeyFile: "../../testdata/badcert.key"}},
+			expectedErr: true,
+		},
+	}
+	for _, scenario := range scenarios {
+		t.Run(scenario.name, func(t *testing.T) {
+			err := scenario.cfg.ValidateAndSetDefaults()
+			if (err != nil) != scenario.expectedErr {
+				t.Errorf("expected the existence of an error to be %v, got %v", scenario.expectedErr, err)
+				return
+			}
+			if !scenario.expectedErr {
+				if scenario.cfg.TLS.isValid() != nil {
+					t.Error("cfg.TLS.isValid() returned an error even though no error was expected")
+				}
+			}
+		})
+	}
+}