initial import

2020-07-26 17:09:05 +08:00
commit 7e3a369a8f
647 changed files with 54754 additions and 0 deletions
--- a/ngin/config.go
+++ b/ngin/config.go
@@ -0,0 +1,33 @@
+package ngin
+
+import (
+	"time"
+
+	"zero/core/service"
+)
+
+type (
+	PrivateKeyConf struct {
+		Fingerprint string
+		KeyFile     string
+	}
+
+	SignatureConf struct {
+		Strict      bool          `json:",default=false"`
+		Expiry      time.Duration `json:",default=1h"`
+		PrivateKeys []PrivateKeyConf
+	}
+
+	NgConf struct {
+		service.ServiceConf
+		Host     string `json:",default=0.0.0.0"`
+		Port     int
+		Verbose  bool  `json:",optional"`
+		MaxConns int   `json:",default=10000"`
+		MaxBytes int64 `json:",default=1048576,range=[0:8388608]"`
+		// milliseconds
+		Timeout      int64         `json:",default=3000"`
+		CpuThreshold int64         `json:",default=900,range=[0:1000]"`
+		Signature    SignatureConf `json:",optional"`
+	}
+)
--- a/ngin/etc/config.json
+++ b/ngin/etc/config.json
@@ -0,0 +1,13 @@
+{
+    "Name": "nging",
+    "Log": {
+        "Access": "logs/access.log",
+        "Error": "logs/error.log",
+        "Stat": "logs/stat.log"
+    },
+    "Host": "127.0.0.1",
+    "Port": 1111,
+    "Timeout": 1000,
+    "Verbose": 0,
+    "Develop": 1
+}
--- a/ngin/ngin.go
+++ b/ngin/ngin.go
@@ -0,0 +1,170 @@
+package ngin
+
+import (
+	"log"
+	"net/http"
+
+	"zero/core/httphandler"
+	"zero/core/httprouter"
+	"zero/core/logx"
+)
+
+type (
+	runOptions struct {
+		start func(*server) error
+	}
+
+	RunOption func(*Engine)
+
+	Engine struct {
+		srv  *server
+		opts runOptions
+	}
+)
+
+func MustNewEngine(c NgConf, opts ...RunOption) *Engine {
+	engine, err := NewEngine(c, opts...)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	return engine
+}
+
+func NewEngine(c NgConf, opts ...RunOption) (*Engine, error) {
+	if err := c.SetUp(); err != nil {
+		return nil, err
+	}
+
+	engine := &Engine{
+		srv: newServer(c),
+		opts: runOptions{
+			start: func(srv *server) error {
+				return srv.Start()
+			},
+		},
+	}
+
+	for _, opt := range opts {
+		opt(engine)
+	}
+
+	return engine, nil
+}
+
+func (e *Engine) AddRoutes(rs []Route, opts ...RouteOption) {
+	r := featuredRoutes{
+		routes: rs,
+	}
+	for _, opt := range opts {
+		opt(&r)
+	}
+	e.srv.AddRoutes(r)
+}
+
+func (e *Engine) AddRoute(r Route, opts ...RouteOption) {
+	e.AddRoutes([]Route{r}, opts...)
+}
+
+func (e *Engine) Start() {
+	handleError(e.opts.start(e.srv))
+}
+
+func (e *Engine) Stop() {
+	logx.Close()
+}
+
+func (e *Engine) Use(middleware Middleware) {
+	e.srv.use(middleware)
+}
+
+func ToMiddleware(handler func(next http.Handler) http.Handler) Middleware {
+	return func(handle http.HandlerFunc) http.HandlerFunc {
+		return handler(handle).ServeHTTP
+	}
+}
+
+func WithJwt(secret string) RouteOption {
+	return func(r *featuredRoutes) {
+		validateSecret(secret)
+		r.jwt.enabled = true
+		r.jwt.secret = secret
+	}
+}
+
+func WithJwtTransition(secret, prevSecret string) RouteOption {
+	return func(r *featuredRoutes) {
+		// why not validate prevSecret, because prevSecret is an already used one,
+		// even it not meet our requirement, we still need to allow the transition.
+		validateSecret(secret)
+		r.jwt.enabled = true
+		r.jwt.secret = secret
+		r.jwt.prevSecret = prevSecret
+	}
+}
+
+func WithMiddleware(middleware Middleware, rs ...Route) []Route {
+	routes := make([]Route, len(rs))
+
+	for i := range rs {
+		route := rs[i]
+		routes[i] = Route{
+			Method:  route.Method,
+			Path:    route.Path,
+			Handler: middleware(route.Handler),
+		}
+	}
+
+	return routes
+}
+
+func WithPriority() RouteOption {
+	return func(r *featuredRoutes) {
+		r.priority = true
+	}
+}
+
+func WithRouter(router httprouter.Router) RunOption {
+	return func(engine *Engine) {
+		engine.opts.start = func(srv *server) error {
+			return srv.StartWithRouter(router)
+		}
+	}
+}
+
+func WithSignature(signature SignatureConf) RouteOption {
+	return func(r *featuredRoutes) {
+		r.signature.enabled = true
+		r.signature.Strict = signature.Strict
+		r.signature.Expiry = signature.Expiry
+		r.signature.PrivateKeys = signature.PrivateKeys
+	}
+}
+
+func WithUnauthorizedCallback(callback httphandler.UnauthorizedCallback) RunOption {
+	return func(engine *Engine) {
+		engine.srv.SetUnauthorizedCallback(callback)
+	}
+}
+
+func WithUnsignedCallback(callback httphandler.UnsignedCallback) RunOption {
+	return func(engine *Engine) {
+		engine.srv.SetUnsignedCallback(callback)
+	}
+}
+
+func handleError(err error) {
+	// ErrServerClosed means the server is closed manually
+	if err == nil || err == http.ErrServerClosed {
+		return
+	}
+
+	logx.Error(err)
+	panic(err)
+}
+
+func validateSecret(secret string) {
+	if len(secret) < 8 {
+		panic("secret's length can't be less than 8")
+	}
+}
--- a/ngin/ngin_test.go
+++ b/ngin/ngin_test.go
@@ -0,0 +1,71 @@
+package ngin
+
+import (
+	"fmt"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"zero/core/httprouter"
+	"zero/core/httpx"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestWithMiddleware(t *testing.T) {
+	m := make(map[string]string)
+	router := httprouter.NewPatRouter()
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		var v struct {
+			Nickname string `form:"nickname"`
+			Zipcode  int64  `form:"zipcode"`
+		}
+
+		err := httpx.Parse(r, &v)
+		assert.Nil(t, err)
+		_, err = io.WriteString(w, fmt.Sprintf("%s:%d", v.Nickname, v.Zipcode))
+		assert.Nil(t, err)
+	}
+	rs := WithMiddleware(func(next http.HandlerFunc) http.HandlerFunc {
+		return func(w http.ResponseWriter, r *http.Request) {
+			var v struct {
+				Name string `path:"name"`
+				Year string `path:"year"`
+			}
+			assert.Nil(t, httpx.ParsePath(r, &v))
+			m[v.Name] = v.Year
+			next.ServeHTTP(w, r)
+		}
+	}, Route{
+		Method:  http.MethodGet,
+		Path:    "/first/:name/:year",
+		Handler: handler,
+	}, Route{
+		Method:  http.MethodGet,
+		Path:    "/second/:name/:year",
+		Handler: handler,
+	})
+
+	urls := []string{
+		"http://hello.com/first/kevin/2017?nickname=whatever&zipcode=200000",
+		"http://hello.com/second/wan/2020?nickname=whatever&zipcode=200000",
+	}
+	for _, route := range rs {
+		assert.Nil(t, router.Handle(route.Method, route.Path, route.Handler))
+	}
+	for _, url := range urls {
+		r, err := http.NewRequest(http.MethodGet, url, nil)
+		assert.Nil(t, err)
+
+		rr := httptest.NewRecorder()
+		router.ServeHTTP(rr, r)
+
+		assert.Equal(t, "whatever:200000", rr.Body.String())
+	}
+
+	assert.EqualValues(t, map[string]string{
+		"kevin": "2017",
+		"wan":   "2020",
+	}, m)
+}
--- a/ngin/server.go
+++ b/ngin/server.go
@@ -0,0 +1,218 @@
+package ngin
+
+import (
+	"errors"
+	"fmt"
+	"net/http"
+	"time"
+
+	"zero/core/codec"
+	"zero/core/httphandler"
+	"zero/core/httprouter"
+	"zero/core/httpserver"
+	"zero/core/load"
+	"zero/core/stat"
+
+	"github.com/justinas/alice"
+)
+
+// use 1000m to represent 100%
+const topCpuUsage = 1000
+
+var ErrSignatureConfig = errors.New("bad config for Signature")
+
+type (
+	Middleware func(next http.HandlerFunc) http.HandlerFunc
+
+	server struct {
+		conf                 NgConf
+		routes               []featuredRoutes
+		unauthorizedCallback httphandler.UnauthorizedCallback
+		unsignedCallback     httphandler.UnsignedCallback
+		middlewares          []Middleware
+		shedder              load.Shedder
+		priorityShedder      load.Shedder
+	}
+)
+
+func newServer(c NgConf) *server {
+	srv := &server{
+		conf: c,
+	}
+	if c.CpuThreshold > 0 {
+		srv.shedder = load.NewAdaptiveShedder(load.WithCpuThreshold(c.CpuThreshold))
+		srv.priorityShedder = load.NewAdaptiveShedder(load.WithCpuThreshold(
+			(c.CpuThreshold + topCpuUsage) >> 1))
+	}
+
+	return srv
+}
+
+func (s *server) AddRoutes(r featuredRoutes) {
+	s.routes = append(s.routes, r)
+}
+
+func (s *server) SetUnauthorizedCallback(callback httphandler.UnauthorizedCallback) {
+	s.unauthorizedCallback = callback
+}
+
+func (s *server) SetUnsignedCallback(callback httphandler.UnsignedCallback) {
+	s.unsignedCallback = callback
+}
+
+func (s *server) Start() error {
+	return s.StartWithRouter(httprouter.NewPatRouter())
+}
+
+func (s *server) StartWithRouter(router httprouter.Router) error {
+	if err := s.bindRoutes(router); err != nil {
+		return err
+	}
+
+	return httpserver.StartHttp(s.conf.Host, s.conf.Port, router)
+}
+
+func (s *server) appendAuthHandler(fr featuredRoutes, chain alice.Chain,
+	verifier func(alice.Chain) alice.Chain) alice.Chain {
+	if fr.jwt.enabled {
+		if len(fr.jwt.prevSecret) == 0 {
+			chain = chain.Append(httphandler.Authorize(fr.jwt.secret,
+				httphandler.WithUnauthorizedCallback(s.unauthorizedCallback)))
+		} else {
+			chain = chain.Append(httphandler.Authorize(fr.jwt.secret,
+				httphandler.WithPrevSecret(fr.jwt.prevSecret),
+				httphandler.WithUnauthorizedCallback(s.unauthorizedCallback)))
+		}
+	}
+
+	return verifier(chain)
+}
+
+func (s *server) bindFeaturedRoutes(router httprouter.Router, fr featuredRoutes, metrics *stat.Metrics) error {
+	verifier, err := s.signatureVerifier(fr.signature)
+	if err != nil {
+		return err
+	}
+
+	for _, route := range fr.routes {
+		if err := s.bindRoute(fr, router, metrics, route, verifier); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (s *server) bindRoute(fr featuredRoutes, router httprouter.Router, metrics *stat.Metrics,
+	route Route, verifier func(chain alice.Chain) alice.Chain) error {
+	chain := alice.New(
+		httphandler.TracingHandler,
+		s.getLogHandler(),
+		httphandler.MaxConns(s.conf.MaxConns),
+		httphandler.BreakerHandler(route.Method, route.Path, metrics),
+		httphandler.SheddingHandler(s.getShedder(fr.priority), metrics),
+		httphandler.TimeoutHandler(time.Duration(s.conf.Timeout)*time.Millisecond),
+		httphandler.RecoverHandler,
+		httphandler.MetricHandler(metrics),
+		httphandler.PromMetricHandler(route.Path),
+		httphandler.MaxBytesHandler(s.conf.MaxBytes),
+		httphandler.GunzipHandler,
+	)
+	chain = s.appendAuthHandler(fr, chain, verifier)
+
+	for _, middleware := range s.middlewares {
+		chain = chain.Append(convertMiddleware(middleware))
+	}
+	handle := chain.ThenFunc(route.Handler)
+
+	return router.Handle(route.Method, route.Path, handle)
+}
+
+func (s *server) bindRoutes(router httprouter.Router) error {
+	metrics := s.createMetrics()
+
+	for _, fr := range s.routes {
+		if err := s.bindFeaturedRoutes(router, fr, metrics); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (s *server) createMetrics() *stat.Metrics {
+	var metrics *stat.Metrics
+
+	if len(s.conf.Name) > 0 {
+		metrics = stat.NewMetrics(s.conf.Name)
+	} else {
+		metrics = stat.NewMetrics(fmt.Sprintf("%s:%d", s.conf.Host, s.conf.Port))
+	}
+
+	return metrics
+}
+
+func (s *server) getLogHandler() func(http.Handler) http.Handler {
+	if s.conf.Verbose {
+		return httphandler.DetailedLogHandler
+	} else {
+		return httphandler.LogHandler
+	}
+}
+
+func (s *server) getShedder(priority bool) load.Shedder {
+	if priority && s.priorityShedder != nil {
+		return s.priorityShedder
+	}
+	return s.shedder
+}
+
+func (s *server) signatureVerifier(signature signatureSetting) (func(chain alice.Chain) alice.Chain, error) {
+	if !signature.enabled {
+		return func(chain alice.Chain) alice.Chain {
+			return chain
+		}, nil
+	}
+
+	if len(signature.PrivateKeys) == 0 {
+		if signature.Strict {
+			return nil, ErrSignatureConfig
+		} else {
+			return func(chain alice.Chain) alice.Chain {
+				return chain
+			}, nil
+		}
+	}
+
+	decrypters := make(map[string]codec.RsaDecrypter)
+	for _, key := range signature.PrivateKeys {
+		fingerprint := key.Fingerprint
+		file := key.KeyFile
+		decrypter, err := codec.NewRsaDecrypter(file)
+		if err != nil {
+			return nil, err
+		}
+
+		decrypters[fingerprint] = decrypter
+	}
+
+	return func(chain alice.Chain) alice.Chain {
+		if s.unsignedCallback != nil {
+			return chain.Append(httphandler.ContentSecurityHandler(
+				decrypters, signature.Expiry, signature.Strict, s.unsignedCallback))
+		} else {
+			return chain.Append(httphandler.ContentSecurityHandler(
+				decrypters, signature.Expiry, signature.Strict))
+		}
+	}, nil
+}
+
+func (s *server) use(middleware Middleware) {
+	s.middlewares = append(s.middlewares, middleware)
+}
+
+func convertMiddleware(ware Middleware) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(ware(next.ServeHTTP))
+	}
+}
--- a/ngin/types.go
+++ b/ngin/types.go
@@ -0,0 +1,31 @@
+package ngin
+
+import "net/http"
+
+type (
+	Route struct {
+		Method  string
+		Path    string
+		Handler http.HandlerFunc
+	}
+
+	jwtSetting struct {
+		enabled    bool
+		secret     string
+		prevSecret string
+	}
+
+	signatureSetting struct {
+		SignatureConf
+		enabled bool
+	}
+
+	featuredRoutes struct {
+		priority  bool
+		jwt       jwtSetting
+		signature signatureSetting
+		routes    []Route
+	}
+
+	RouteOption func(r *featuredRoutes)
+)