Centralize rate limit response constants

Author: KSemenenko

ManagedCode.Orleans.RateLimiting.Client/Extensions/SignalRServerBuilderExtensions.cs

@@ -15,10 +15,11 @@ public static ISignalRServerBuilder AddOrleansRateLimiting(
         string configurationName,
         RateLimitPartitionKind partitionKind = RateLimitPartitionKind.User)
     {
-        builder.Services.AddOrleansRateLimiting(options => options.AddToPolicy("SignalR", partitionKind, configurationName, required: true));
+        builder.Services.AddOrleansRateLimiting(options =>
+            options.AddToPolicy(SignalRRateLimitingDefaults.PolicyName, partitionKind, configurationName, required: true));
         builder.Services.Configure<SignalRRateLimitingOptions>(options =>
         {
-            options.PolicyName = "SignalR";
+            options.PolicyName = SignalRRateLimitingDefaults.PolicyName;
             options.ConfigurationName = configurationName;
             options.PartitionKind = partitionKind;
         });

ManagedCode.Orleans.RateLimiting.Client/Middlewares/OrleansBaseRateLimitingMiddleware.cs

@@ -1,6 +1,5 @@
 using System;
 using System.Collections.Generic;
-using System.Net;
 using System.Reflection;
 using System.Threading.Tasks;
 using ManagedCode.Orleans.RateLimiting.Client.Attributes;
@@ -38,26 +37,14 @@ public async Task Invoke(HttpContext httpContext)
 
         AddLimiters(httpContext, holder);
 
-        // throw too many requests if any of the limiters is null code 429
         var error = await holder.AcquireAsync();
         if (error is null)
         {
             await _next(httpContext);
         }
         else
         {
-            if (httpContext.Response.HasStarted)
-                return;
-
-            httpContext.Response.Clear();
-            httpContext.Response.StatusCode = (int)HttpStatusCode.TooManyRequests;
-            await httpContext.Response.WriteAsJsonAsync(new
-            {
-                StatusCode = (int)HttpStatusCode.TooManyRequests,
-                Error = "Too many requests",
-                error.Reason,
-                RetryAfter = error.RetryAfter.ToString()
-            });
+            await RateLimitResponseWriter.WriteTooManyRequestsAsync(httpContext, error);
         }
     }
 
@@ -95,13 +82,13 @@ protected static (T attribute, string? postfix)? TryGetAttribute<T>(HttpContext
         var limiter = _client.GetRateLimiterByConfig(key, configurationName, _services.GetServices<RateLimiterConfig>());
 
         if (limiter is null)
-            _logger.LogError("Configuration {ConfigurationName} not found for RateLimiter", configurationName);
+            _logger.LogError(RateLimitMiddlewareConstants.ConfigurationNotFoundLogMessage, configurationName);
 
         return limiter;
     }
 
     protected static string CreateKey(params string[] parts)
     {
-        return string.Join(":", parts);
+        return string.Join(RateLimitMiddlewareConstants.KeySeparator, parts);
     }
 }

ManagedCode.Orleans.RateLimiting.Client/Middlewares/OrleansRequestRateLimitingMiddleware.cs

@@ -1,6 +1,5 @@
 using System.Collections.Generic;
 using System.Linq;
-using System.Net;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using ManagedCode.Orleans.RateLimiting.Client.Extensions;
@@ -39,39 +38,31 @@ public async Task Invoke(HttpContext httpContext)
             return;
         }
 
-        if (httpContext.Response.HasStarted)
-            return;
-
-        httpContext.Response.Clear();
-        httpContext.Response.StatusCode = (int)HttpStatusCode.TooManyRequests;
-        await httpContext.Response.WriteAsJsonAsync(new
-        {
-            StatusCode = (int)HttpStatusCode.TooManyRequests,
-            Error = "Too many requests",
-            error.Reason,
-            RetryAfter = error.RetryAfter.ToString()
-        });
+        await RateLimitResponseWriter.WriteTooManyRequestsAsync(httpContext, error);
     }
 
     private RateLimitRequestContext CreateContext(HttpContext httpContext)
     {
         var endpoint = httpContext.GetEndpoint();
         var user = httpContext.User;
-        var path = httpContext.Request.Path.Value ?? "/";
+        var path = httpContext.Request.Path.Value ?? RateLimitMiddlewareConstants.DefaultPath;
 
         return new RateLimitRequestContext
         {
-            OperationName = endpoint?.DisplayName ?? $"{httpContext.Request.Method} {path}",
+            OperationName = endpoint?.DisplayName ?? string.Concat(httpContext.Request.Method, RateLimitMiddlewareConstants.OperationNameSeparator, path),
             UserId = user.FindFirstValue(ClaimTypes.NameIdentifier) ?? user.Identity?.Name,
-            GroupId = user.FindFirstValue("group") ?? user.FindFirstValue("groups") ?? user.FindFirstValue(ClaimTypes.GroupSid),
-            TenantId = user.FindFirstValue("tenant_id") ?? user.FindFirstValue("tid"),
+            GroupId = user.FindFirstValue(RateLimitMiddlewareConstants.GroupClaimType)
+                      ?? user.FindFirstValue(RateLimitMiddlewareConstants.GroupsClaimType)
+                      ?? user.FindFirstValue(ClaimTypes.GroupSid),
+            TenantId = user.FindFirstValue(RateLimitMiddlewareConstants.TenantIdClaimType)
+                       ?? user.FindFirstValue(RateLimitMiddlewareConstants.ShortTenantIdClaimType),
             Role = user.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.Role)?.Value,
             IpAddress = httpContext.Request.GetClientIpAddress(),
             Resource = path,
             Metadata = new Dictionary<string, string>
             {
-                ["method"] = httpContext.Request.Method,
-                ["path"] = path
+                [RateLimitMiddlewareConstants.MethodMetadataKey] = httpContext.Request.Method,
+                [RateLimitMiddlewareConstants.PathMetadataKey] = path
             },
             PolicyName = _policyName
         };

ManagedCode.Orleans.RateLimiting.Client/Middlewares/RateLimitMiddlewareConstants.cs

@@ -0,0 +1,20 @@
+namespace ManagedCode.Orleans.RateLimiting.Client.Middlewares;
+
+internal static class RateLimitMiddlewareConstants
+{
+    public const string DefaultPath = "/";
+    public const string KeySeparator = ":";
+    public const string OperationNameSeparator = " ";
+    public const string ResourceSeparator = ".";
+    public const string TooManyRequestsError = "Too many requests";
+    public const string ConfigurationNotFoundLogMessage = "Configuration {ConfigurationName} not found for RateLimiter";
+    public const string GroupClaimType = "group";
+    public const string GroupsClaimType = "groups";
+    public const string TenantIdClaimType = "tenant_id";
+    public const string ShortTenantIdClaimType = "tid";
+    public const string HubMetadataKey = "hub";
+    public const string MethodMetadataKey = "method";
+    public const string ConfigurationMetadataKey = "configuration";
+    public const string PartitionMetadataKey = "partition";
+    public const string PathMetadataKey = "path";
+}

ManagedCode.Orleans.RateLimiting.Client/Middlewares/RateLimitResponseWriter.cs

@@ -0,0 +1,24 @@
+using System.Threading.Tasks;
+using ManagedCode.Orleans.RateLimiting.Core.Models;
+using Microsoft.AspNetCore.Http;
+
+namespace ManagedCode.Orleans.RateLimiting.Client.Middlewares;
+
+internal static class RateLimitResponseWriter
+{
+    public static async Task WriteTooManyRequestsAsync(HttpContext httpContext, OrleansRateLimitLease lease)
+    {
+        if (httpContext.Response.HasStarted)
+            return;
+
+        httpContext.Response.Clear();
+        httpContext.Response.StatusCode = StatusCodes.Status429TooManyRequests;
+        await httpContext.Response.WriteAsJsonAsync(new RateLimitRejectedResponse(
+            StatusCodes.Status429TooManyRequests,
+            RateLimitMiddlewareConstants.TooManyRequestsError,
+            lease.Reason,
+            lease.RetryAfter.ToString()));
+    }
+
+    private sealed record RateLimitRejectedResponse(int StatusCode, string Error, string Reason, string RetryAfter);
+}

ManagedCode.Orleans.RateLimiting.Client/Middlewares/RateLimitingHubFilter.cs

@@ -64,17 +64,23 @@ private RateLimitRequestContext CreateContext(HubInvocationContext invocationCon
         {
             OperationName = invocationContext.HubMethodName,
             UserId = userKey,
-            GroupId = user?.FindFirstValue("group") ?? user?.FindFirstValue("groups") ?? user?.FindFirstValue(ClaimTypes.GroupSid),
-            TenantId = user?.FindFirstValue("tenant_id") ?? user?.FindFirstValue("tid"),
+            GroupId = user?.FindFirstValue(RateLimitMiddlewareConstants.GroupClaimType)
+                      ?? user?.FindFirstValue(RateLimitMiddlewareConstants.GroupsClaimType)
+                      ?? user?.FindFirstValue(ClaimTypes.GroupSid),
+            TenantId = user?.FindFirstValue(RateLimitMiddlewareConstants.TenantIdClaimType)
+                       ?? user?.FindFirstValue(RateLimitMiddlewareConstants.ShortTenantIdClaimType),
             Role = user?.FindFirstValue(ClaimTypes.Role),
             IpAddress = httpContext?.Connection.RemoteIpAddress?.ToString(),
-            Resource = $"{invocationContext.Hub.GetType().FullName}.{invocationContext.HubMethodName}",
+            Resource = string.Concat(
+                invocationContext.Hub.GetType().FullName,
+                RateLimitMiddlewareConstants.ResourceSeparator,
+                invocationContext.HubMethodName),
             Metadata = new Dictionary<string, string>
             {
-                ["hub"] = invocationContext.Hub.GetType().FullName ?? invocationContext.Hub.GetType().Name,
-                ["method"] = invocationContext.HubMethodName,
-                ["configuration"] = _options.ConfigurationName,
-                ["partition"] = _options.PartitionKind.ToString()
+                [RateLimitMiddlewareConstants.HubMetadataKey] = invocationContext.Hub.GetType().FullName ?? invocationContext.Hub.GetType().Name,
+                [RateLimitMiddlewareConstants.MethodMetadataKey] = invocationContext.HubMethodName,
+                [RateLimitMiddlewareConstants.ConfigurationMetadataKey] = _options.ConfigurationName,
+                [RateLimitMiddlewareConstants.PartitionMetadataKey] = _options.PartitionKind.ToString()
             },
             PolicyName = _options.PolicyName
         };

ManagedCode.Orleans.RateLimiting.Client/Options/SignalRRateLimitingDefaults.cs

@@ -0,0 +1,8 @@
+namespace ManagedCode.Orleans.RateLimiting.Client.Options;
+
+public static class SignalRRateLimitingDefaults
+{
+    public const string PolicyName = "SignalR";
+    public const string ConfigurationName = "SignalR";
+    public const string AnonymousUserKey = "anonymous";
+}

ManagedCode.Orleans.RateLimiting.Client/Options/SignalRRateLimitingOptions.cs

@@ -4,11 +4,11 @@ namespace ManagedCode.Orleans.RateLimiting.Client.Options;
 
 public sealed class SignalRRateLimitingOptions
 {
-    public string PolicyName { get; set; } = "SignalR";
+    public string PolicyName { get; set; } = SignalRRateLimitingDefaults.PolicyName;
 
-    public string ConfigurationName { get; set; } = "SignalR";
+    public string ConfigurationName { get; set; } = SignalRRateLimitingDefaults.ConfigurationName;
 
     public RateLimitPartitionKind PartitionKind { get; set; } = RateLimitPartitionKind.User;
 
-    public string AnonymousUserKey { get; set; } = "anonymous";
+    public string AnonymousUserKey { get; set; } = SignalRRateLimitingDefaults.AnonymousUserKey;
 }

ManagedCode.Orleans.RateLimiting.Core/Exceptions/RateLimitExceededException.cs

@@ -1,12 +1,13 @@
 using System;
+using ManagedCode.Orleans.RateLimiting.Core.Models;
 
 namespace ManagedCode.Orleans.RateLimiting.Core.Exceptions;
 
 public class RateLimitExceededException : Exception
 {
-    public RateLimitExceededException() : base("Rate limit exceeded")
+    public RateLimitExceededException() : base(RateLimitMetadataNames.RateLimitExceededReason)
     {
-        Reason = "Rate limit exceeded";
+        Reason = RateLimitMetadataNames.RateLimitExceededReason;
         RetryAfter = TimeSpan.Zero;
     }
 
@@ -16,9 +17,9 @@ public RateLimitExceededException(string reason) : base(reason)
         RetryAfter = TimeSpan.Zero;
     }
 
-    public RateLimitExceededException(TimeSpan retry) : base("Time limit exceeded")
+    public RateLimitExceededException(TimeSpan retry) : base(RateLimitMetadataNames.TimeLimitExceededReason)
     {
-        Reason = "Time limit exceeded";
+        Reason = RateLimitMetadataNames.TimeLimitExceededReason;
         RetryAfter = retry;
     }
 
@@ -30,4 +31,4 @@ public RateLimitExceededException(string reason, TimeSpan retry) : base(reason)
 
     public string Reason { get; set; }
     public TimeSpan RetryAfter { get; set; }
-}
+}

ManagedCode.Orleans.RateLimiting.Core/Models/Holders/GroupLimiterHolder.cs

@@ -7,6 +7,8 @@ namespace ManagedCode.Orleans.RateLimiting.Core.Models.Holders;
 
 public class GroupLimiterHolder : IAsyncDisposable
 {
+    private const string AlreadyAcquiredMessage = "A limiter group can only be acquired once before it is disposed.";
+
     private readonly List<LimiterEntry> _holders = [];
     private bool _acquired;
     private bool _disposed;
@@ -41,7 +43,7 @@ public bool AddLimiter(ILimiterHolder? holder)
         ObjectDisposedException.ThrowIf(_disposed, this);
 
         if (_acquired)
-            throw new InvalidOperationException("A limiter group can only be acquired once before it is disposed.");
+            throw new InvalidOperationException(AlreadyAcquiredMessage);
 
         for (var index = 0; index < _holders.Count; index++)
         {