Add support for tower's CORS middleware

Closes #47
roadster-rs · Jun 9, 2024 · 50c6ca2 · 50c6ca2
1 parent b860fe1
commit 50c6ca2
Show file tree

Hide file tree

Showing 35 changed files with 639 additions and 50 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -46,7 +46,7 @@ tracing-opentelemetry = { version = "0.24.0", features = ["metrics"], optional =
 axum = { workspace = true, optional = true }
 axum-extra = { version = "0.9.0", features = ["typed-header"], optional = true }
 tower = { version = "0.4.13", optional = true }
-tower-http = { version = "0.5.0", features = ["trace", "timeout", "request-id", "util", "normalize-path", "sensitive-headers", "catch-panic", "compression-full", "decompression-full", "limit"], optional = true }
+tower-http = { version = "0.5.0", features = ["trace", "timeout", "request-id", "util", "normalize-path", "sensitive-headers", "catch-panic", "compression-full", "decompression-full", "limit", "cors"], optional = true }
 aide = { workspace = true, features = ["axum", "redoc", "scalar", "macros"], optional = true }
 schemars = { workspace = true, optional = true }
 

diff --git a/src/config/service/http/default.toml b/src/config/service/http/default.toml
@@ -38,6 +38,9 @@ timeout = 10000
 priority = -9970
 limit = "5 MB"
 
+[service.http.middleware.cors]
+priority = -9950
+
 # Initializers
 [service.http.initializer]
 default-enable = true

diff --git a/src/config/service/http/middleware.rs b/src/config/service/http/middleware.rs
@@ -4,6 +4,7 @@ use crate::service::http::middleware::catch_panic::CatchPanicConfig;
 use crate::service::http::middleware::compression::{
     RequestDecompressionConfig, ResponseCompressionConfig,
 };
+use crate::service::http::middleware::cors::CorsConfig;
 use crate::service::http::middleware::request_id::{PropagateRequestIdConfig, SetRequestIdConfig};
 use crate::service::http::middleware::sensitive_headers::{
     SensitiveRequestHeadersConfig, SensitiveResponseHeadersConfig,
@@ -44,6 +45,9 @@ pub struct Middleware {
     pub timeout: MiddlewareConfig<TimeoutConfig>,
 
     pub size_limit: MiddlewareConfig<SizeLimitConfig>,
+
+    pub cors: MiddlewareConfig<CorsConfig>,
+
     /// Allows providing configs for custom middleware. Any configs that aren't pre-defined above
     /// will be collected here.
     ///
@@ -102,7 +106,7 @@ impl CommonConfig {
     }
 }
 
-#[derive(Debug, Clone, Serialize, Deserialize)]
+#[derive(Debug, Clone, Validate, Serialize, Deserialize)]
 #[serde(rename_all = "kebab-case")]
 pub struct MiddlewareConfig<T> {
     #[serde(flatten)]

diff --git a/src/config/snapshots/roadster__config__app_config__tests__test.snap b/src/config/snapshots/roadster__config__app_config__tests__test.snap
@@ -64,6 +64,11 @@ timeout = 10000
 priority = -9970
 limit = '5 MB'
 
+[service.http.middleware.cors]
+priority = -9950
+preset = 'restrictive'
+max-age = 3600000
+
 [service.http.initializer]
 default-enable = true
 

diff --git a/src/error/axum.rs b/src/error/axum.rs
@@ -3,7 +3,13 @@ use crate::error::Error;
 #[derive(Debug, Error)]
 pub enum AxumError {
     #[error(transparent)]
-    InvalidHeader(#[from] axum::http::header::InvalidHeaderName),
+    InvalidHeaderName(#[from] axum::http::header::InvalidHeaderName),
+
+    #[error(transparent)]
+    InvalidHeaderValue(#[from] axum::http::header::InvalidHeaderValue),
+
+    #[error(transparent)]
+    InvalidMethod(#[from] axum::http::method::InvalidMethod),
 
     #[cfg(feature = "jwt")]
     #[error(transparent)]
@@ -19,6 +25,18 @@ impl From<axum::http::header::InvalidHeaderName> for Error {
     }
 }
 
+impl From<axum::http::header::InvalidHeaderValue> for Error {
+    fn from(value: axum::http::header::InvalidHeaderValue) -> Self {
+        Self::Axum(AxumError::from(value))
+    }
+}
+
+impl From<axum::http::method::InvalidMethod> for Error {
+    fn from(value: axum::http::method::InvalidMethod) -> Self {
+        Self::Axum(AxumError::from(value))
+    }
+}
+
 #[cfg(feature = "jwt")]
 impl From<axum_extra::typed_header::TypedHeaderRejection> for Error {
     fn from(value: axum_extra::typed_header::TypedHeaderRejection) -> Self {

diff --git a/src/middleware/http/auth/jwt/ietf.rs b/src/middleware/http/auth/jwt/ietf.rs
@@ -54,10 +54,9 @@ mod tests {
     use super::*;
     use crate::error::RoadsterResult;
     use crate::middleware::http::auth::jwt::decode_auth_token;
-    use crate::util::serde_util::UriOrString;
+    use crate::util::serde_util::{UriOrString, Wrapper};
     use chrono::{TimeDelta, Utc};
     use jsonwebtoken::{encode, EncodingKey, Header, TokenData};
-    use serde_derive::{Deserialize, Serialize};
     use serde_json::from_str;
     use std::ops::{Add, Sub};
     use std::str::FromStr;
@@ -132,11 +131,6 @@ mod tests {
         (claims, token)
     }
 
-    #[derive(Debug, Deserialize, Serialize)]
-    struct Wrapper<T> {
-        inner: T,
-    }
-
     #[test]
     #[cfg_attr(coverage_nightly, coverage(off))]
     fn deserialize_audience_as_vec() {

diff --git a/src/middleware/http/auth/jwt/mod.rs b/src/middleware/http/auth/jwt/mod.rs
@@ -129,16 +129,11 @@ pub enum Subject {
 #[cfg(test)]
 mod tests {
     use super::*;
-    use serde_derive::{Deserialize, Serialize};
+    use crate::util::serde_util::Wrapper;
     use serde_json::from_str;
     use std::str::FromStr;
     use url::Url;
 
-    #[derive(Debug, Deserialize, Serialize)]
-    struct Wrapper<T> {
-        inner: T,
-    }
-
     #[test]
     #[cfg_attr(coverage_nightly, coverage(off))]
     fn deserialize_subject_as_uri() {

diff --git a/src/middleware/http/auth/jwt/openid.rs b/src/middleware/http/auth/jwt/openid.rs
@@ -69,16 +69,11 @@ pub enum Acr {
 #[cfg(test)]
 mod tests {
     use super::*;
-    use serde_derive::{Deserialize, Serialize};
+    use crate::util::serde_util::Wrapper;
     use serde_json::from_str;
     use std::str::FromStr;
     use url::Url;
 
-    #[derive(Debug, Deserialize, Serialize)]
-    struct Wrapper<T> {
-        inner: T,
-    }
-
     #[test]
     #[cfg_attr(coverage_nightly, coverage(off))]
     fn deserialize_acr_as_uri() {

diff --git a/src/service/http/middleware/catch_panic.rs b/src/service/http/middleware/catch_panic.rs
@@ -4,8 +4,9 @@ use crate::service::http::middleware::Middleware;
 use axum::Router;
 use serde_derive::{Deserialize, Serialize};
 use tower_http::catch_panic::CatchPanicLayer;
+use validator::Validate;
 
-#[derive(Debug, Clone, Default, Serialize, Deserialize)]
+#[derive(Debug, Clone, Default, Validate, Serialize, Deserialize)]
 #[serde(rename_all = "kebab-case", default)]
 pub struct CatchPanicConfig {}
 

diff --git a/src/service/http/middleware/compression.rs b/src/service/http/middleware/compression.rs
@@ -6,12 +6,13 @@ use serde_derive::{Deserialize, Serialize};
 use crate::error::RoadsterResult;
 use tower_http::compression::CompressionLayer;
 use tower_http::decompression::RequestDecompressionLayer;
+use validator::Validate;
 
-#[derive(Debug, Clone, Default, Serialize, Deserialize)]
+#[derive(Debug, Clone, Default, Validate, Serialize, Deserialize)]
 #[serde(rename_all = "kebab-case", default)]
 pub struct ResponseCompressionConfig {}
 
-#[derive(Debug, Clone, Default, Serialize, Deserialize)]
+#[derive(Debug, Clone, Default, Validate, Serialize, Deserialize)]
 #[serde(rename_all = "kebab-case", default)]
 pub struct RequestDecompressionConfig {}