Merge branch 'dev' of https://github.com/oslabs-beta/GraphQL-Gate into fw/fixedWindow

Author: Yufei Wu

src/@types/rateLimit.d.ts

@@ -16,6 +16,7 @@ export interface RateLimiter {
 export interface RateLimiterResponse {
     success: boolean;
     tokens: number;
+    retryAfter?: number;
 }
 
 export interface RedisBucket {
@@ -32,7 +33,7 @@ export interface RedisWindow {
 export interface RedisWindow {
     currentTokens: number;
     previousTokens: number;
-    fixedWindowStart?: number;
+    fixedWindowStart: number;
 }
 
 export type RedisLog = RedisBucket[];
@@ -54,18 +55,15 @@ export interface TokenBucketOptions {
 }
 
 /**
- * @type {number} windowSize - Size of each fixed window and the rolling window
- * @type {number} capacity - Number of tokens a window can hold
+ * @type {number} windowSize - size of the window in milliseconds
+ * @type {number} capacity - max number of tokens that can be used in the bucket
  */
-export interface SlidingWindowCounterOptions {
+export interface WindowOptions {
     windowSize: number;
     capacity: number;
 }
 
 // TODO: This will be a union type where we can specify Option types for other Rate Limiters
-// Record<string, never> represents the empty object for alogorithms that don't require settings
+// Record<string, never> represents the empty object for algorithms that don't require settings
 // and might be able to be removed in the future.
-export type RateLimiterOptions =
-    | TokenBucketOptions
-    | SlidingWindowCounterOptions
-    | Record<string, never>;
+export type RateLimiterOptions = TokenBucketOptions | Record<string, never>;

src/analysis/buildTypeWeights.ts

@@ -80,11 +80,9 @@ function parseObjectFields(
     // Iterate through the fields and add the required data to the result
     Object.keys(fields).forEach((field: string) => {
         // The GraphQL type that this field represents
-        const fieldType: GraphQLOutputType = fields[field].type;
-        if (
-            isScalarType(fieldType) ||
-            (isNonNullType(fieldType) && isScalarType(fieldType.ofType))
-        ) {
+        let fieldType: GraphQLOutputType = fields[field].type;
+        if (isNonNullType(fieldType)) fieldType = fieldType.ofType;
+        if (isScalarType(fieldType)) {
             result.fields[field] = {
                 weight: typeWeights.scalar,
                 // resolveTo: fields[field].name.toLowerCase(),
@@ -100,7 +98,8 @@ function parseObjectFields(
             };
         } else if (isListType(fieldType)) {
             // 'listType' is the GraphQL type that the list resolves to
-            const listType = fieldType.ofType;
+            let listType = fieldType.ofType;
+            if (isNonNullType(listType)) listType = listType.ofType;
             if (isScalarType(listType) && typeWeights.scalar === 0) {
                 // list won't compound if weight is zero
                 result.fields[field] = {
@@ -115,7 +114,6 @@ function parseObjectFields(
                 fields[field].args.forEach((arg: GraphQLArgument) => {
                     // If field has an argument matching one of the limiting keywords and resolves to a list
                     // then the weight of the field should be dependent on both the weight of the resolved type and the limiting argument.
-                    // FIXME: Can nonnull wrap list types?
                     if (KEYWORDS.includes(arg.name)) {
                         // Get the type that comprises the list
                         result.fields[field] = {
@@ -183,6 +181,7 @@ function compareTypes(a: GraphQLOutputType, b: GraphQLOutputType): boolean {
     return (
         (isObjectType(b) && isObjectType(a) && a.name === b.name) ||
         (isUnionType(b) && isUnionType(a) && a.name === b.name) ||
+        (isEnumType(b) && isEnumType(a) && a.name === b.name) ||
         (isInterfaceType(b) && isInterfaceType(a) && a.name === b.name) ||
         (isScalarType(b) && isScalarType(a) && a.name === b.name) ||
         (isListType(b) && isListType(a) && compareTypes(b.ofType, a.ofType)) ||
@@ -289,24 +288,26 @@ function parseUnionTypes(
              *   c. objects have a resolveTo type.
              *  */
 
-            const current = commonFields[field].type;
+            let current = commonFields[field].type;
+            if (isNonNullType(current)) current = current.ofType;
             if (isScalarType(current)) {
                 fieldTypes[field] = {
                     weight: commonFields[field].weight,
                 };
-            } else if (isObjectType(current) || isInterfaceType(current) || isUnionType(current)) {
+            } else if (
+                isObjectType(current) ||
+                isInterfaceType(current) ||
+                isUnionType(current) ||
+                isEnumType(current)
+            ) {
                 fieldTypes[field] = {
                     resolveTo: commonFields[field].resolveTo,
-                    weight: typeWeights.object,
                 };
             } else if (isListType(current)) {
                 fieldTypes[field] = {
                     resolveTo: commonFields[field].resolveTo,
                     weight: commonFields[field].weight,
                 };
-            } else if (isNonNullType(current)) {
-                throw new Error('non null types not supported on unions');
-                // TODO: also a recursive data structure
             } else {
                 throw new Error('Unhandled union type. Should never get here');
             }

src/middleware/rateLimiterSetup.ts

@@ -1,6 +1,5 @@
 import Redis from 'ioredis';
-import { RateLimiterOptions, RateLimiterSelection, TokenBucketOptions } from '../@types/rateLimit';
-import SlidingWindowCounter from '../rateLimiters/slidingWindowCounter';
+import { RateLimiterOptions, RateLimiterSelection } from '../@types/rateLimit';
 import TokenBucket from '../rateLimiters/tokenBucket';
 
 /**
@@ -26,13 +25,12 @@ export default function setupRateLimiter(
             break;
         case 'LEAKY_BUCKET':
             throw new Error('Leaky Bucket algonithm has not be implemented.');
-            break;
         case 'FIXED_WINDOW':
             throw new Error('Fixed Window algonithm has not be implemented.');
-            break;
         case 'SLIDING_WINDOW_LOG':
-            throw new Error('Sliding Window Log has not be implemented.');
-            break;
+            // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+            // @ts-ignore
+            return new SlidingWindowLog(options.windowSize, options.capacity, client);
         case 'SLIDING_WINDOW_COUNTER':
             // eslint-disable-next-line @typescript-eslint/ban-ts-comment
             // @ts-ignore
@@ -41,6 +39,5 @@ export default function setupRateLimiter(
         default:
             // typescript should never let us invoke this function with anything other than the options above
             throw new Error('Selected rate limiting algorithm is not suppported');
-            break;
     }
 }

src/rateLimiters/slidingWindowLog.ts

@@ -1,5 +1,5 @@
 import Redis from 'ioredis';
-import { RateLimiter, RateLimiterResponse } from '../@types/rateLimit';
+import { RateLimiter, RateLimiterResponse, RedisBucket, RedisLog } from '../@types/rateLimit';
 
 /**
  * The SlidingWindowLog instance of a RateLimiter limits requests based on a unique user ID.
@@ -13,7 +13,7 @@ import { RateLimiter, RateLimiterResponse } from '../@types/rateLimit';
  *  2. Any requests that are older than window size are dropped from the log.
  *  3. The complexity of the current request is added to the complexity of all requests in the log.
  *  4. If the request exceeds the specified capacity it is dropped.
- *  5. Otherwise the request is allowed and ther current request is added to the log.
+ *  5. Otherwise the request is allowed and the current request is added to the end of the log (if it has a complexity > 0).
  */
 class SlidingWindowLog implements RateLimiter {
     private windowSize: number;
@@ -33,7 +33,40 @@ class SlidingWindowLog implements RateLimiter {
         this.capacity = capacity;
         this.client = client;
         if (windowSize <= 0 || capacity <= 0)
-            throw SyntaxError('SlidingWindowLog windowSize and capacity must be positive');
+            throw SyntaxError('SlidingWindowLog window size and capacity must be positive');
+
+        // TODO: Define lua script for server side computation using either sorted sets or lists
+        // while x.timestamp + window_size < timestamp lpop
+        // //https://stackoverflow.com/questions/35677682/filtering-deleting-items-from-a-redis-set
+        // this.client.defineCommand('popWindow', {
+        //     // 2 value timestamp and complexity of this request
+        //     lua: `
+        //         local totalComplexity = 0 -- complexity of active requests
+        //         local expiredMembers = 0 -- number of requests to remove
+        //         local key = keys[1] -- uuid
+        //         local current_time = keys[2]
+
+        //         for index, value in next, redis.call(key, ????) do
+        //             -- string comparisson of timestamps
+        //             if .... then
+
+        //             else
+        //                 totalComplexity += ????
+        //             end
+        //         end
+
+        //         redis.call(pop, ???)
+
+        //         if total_complexity < window_size then
+        //             then
+        //         end
+        //         return {
+
+        //         }
+        //     `,
+        //     numberOfKeys: 3, // uuid
+        //     readOnly: true,
+        // });
     }
 
     /**
@@ -50,9 +83,63 @@ class SlidingWindowLog implements RateLimiter {
     ): Promise<RateLimiterResponse> {
         // set the expiry of key-value pairs in the cache to 24 hours
         const keyExpiry = 86400000; // TODO: Make this a global for consistency across each algo.
-        if (tokens > this.capacity) return { success: false, tokens: this.capacity };
 
-        throw new Error('SlidingWindowLog.processRequest not implemented');
+        // Each user's log is represented by a redis list with a score = request timestamp
+        // and a value equal to the complexity
+        // Drop expired requests from the log. represented by a sorted set in redis
+
+        // Get the log from redis
+        let requestLog: RedisLog = JSON.parse((await this.client.get(uuid)) || '[]');
+
+        // Iterate through the list in reverse and count active tokens
+        // This allows us to track the threshold for when this request would be allowed if it is blocked
+        // Stop at the first timestamp that's expired and cut the rest.
+
+        const cutoff = timestamp - this.windowSize;
+        let tokensInLog = 0; // total active tokens in the log
+        let cutoffIndex = 0; // index of oldest active request
+        let lastAllowedIndex = requestLog.length; // Index of oldest request in the log for which this request would be allowed.
+
+        for (let index = requestLog.length - 1; index >= 0; index--) {
+            if (cutoff >= requestLog[index].timestamp) {
+                // we reached the first expired request
+                cutoffIndex = index + 1;
+                break;
+            } else {
+                // the request is active
+                tokensInLog += requestLog[index].tokens;
+                if (this.capacity - tokensInLog >= tokens) {
+                    // the log is able to accept the current request
+                    lastAllowedIndex = index;
+                }
+            }
+        }
+
+        // Time (ms) after which the current request would succeed if it is blocked.
+        let retryAfter: number;
+
+        // Request will never be allowed
+        if (tokens > this.capacity) retryAfter = Infinity;
+        // need the request before lastAllowedIndex
+        else if (lastAllowedIndex > 0)
+            retryAfter = this.windowSize + requestLog[lastAllowedIndex - 1].timestamp;
+        else retryAfter = 0; // request is allowed
+
+        // Conditional check to avoid unecessary slice
+        if (cutoffIndex > 0) requestLog = requestLog.slice(cutoffIndex);
+
+        // allow/disallow current request
+        if (tokensInLog + tokens <= this.capacity) {
+            // update the log
+            if (tokens > 0) requestLog.push({ timestamp, tokens });
+            await this.client.setex(uuid, keyExpiry, JSON.stringify(requestLog));
+            tokensInLog += tokens;
+            return { success: true, tokens: this.capacity - tokensInLog };
+        }
+
+        await this.client.setex(uuid, keyExpiry, JSON.stringify(requestLog));
+
+        return { success: false, tokens: this.capacity - tokensInLog, retryAfter };
     }
 
     /**