wire-gateway/src/json.rs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

use hyper::{body::HttpBody, header, http::request::Parts, Body, Response, StatusCode};
use miniz_oxide::inflate::TINFLStatus;

const MAX_ALLOWED_RESPONSE_SIZE: u64 = 1024 * 1024; // 1MB

#[derive(Debug, thiserror::Error)]
pub enum ParseBodyError {
    #[error(transparent)]
    Body(#[from] hyper::Error),
    #[error(transparent)]
    Json(#[from] serde_json::Error),
    #[error("deflate decompression error")]
    Deflate,
    #[error("body is suspiciously big")]
    SuspiciousBody,
    #[error("decompression is suspiciously big")]
    SuspiciousCompression,
}

/// Parse json body, perform security check and decompression
pub async fn parse_body<J: serde::de::DeserializeOwned>(
    parts: &Parts,
    body: Body,
) -> Result<J, ParseBodyError> {
    // Check announced body size
    if body.size_hint().upper().unwrap_or(u64::MAX) > MAX_ALLOWED_RESPONSE_SIZE {
        return Err(ParseBodyError::SuspiciousBody);
    }
    // Read body
    let bytes = hyper::body::to_bytes(body).await?;

    // Decompress if necessary
    if parts
        .headers
        .get(header::CONTENT_ENCODING)
        .map(|it| it == "deflate")
        .unwrap_or(false)
    {
        let decompressed = miniz_oxide::inflate::decompress_to_vec_zlib_with_limit(
            &bytes,
            MAX_ALLOWED_RESPONSE_SIZE as usize,
        )
        .map_err(|s| match s {
            TINFLStatus::HasMoreOutput => ParseBodyError::SuspiciousCompression,
            _ => ParseBodyError::Deflate,
        })?;
        // Parse json
        Ok(serde_json::from_slice(&decompressed)?)
    } else {
        // Parse json
        Ok(serde_json::from_slice(&bytes)?)
    }
}

#[derive(Debug, thiserror::Error)]
pub enum EncodeBodyError {
    #[error(transparent)]
    Json(#[from] serde_json::Error),
}

pub async fn encode_body<J: serde::Serialize>(
    parts: &Parts,
    status: StatusCode,
    json: &J,
) -> Result<Response<Body>, EncodeBodyError> {
    let json = serde_json::to_vec(json)?;
    if parts
        .headers
        .get(header::ACCEPT_ENCODING)
        .and_then(|it| it.to_str().ok())
        .map(|str| str.contains("deflate"))
        .unwrap_or(false)
    {
        let compressed = miniz_oxide::deflate::compress_to_vec_zlib(&json, 6);
        Ok(Response::builder()
            .status(status)
            .header(header::CONTENT_TYPE, "application/json")
            .header(header::CONTENT_ENCODING, "deflate")
            .body(Body::from(compressed))
            .unwrap())
    } else {
        Ok(Response::builder()
            .status(status)
            .header(header::CONTENT_TYPE, "application/json")
            .body(Body::from(json))
            .unwrap())
    }
}