fix(nodes): add rate limiting to tool_http_request node (#560)

* fix(nodes): add configurable rate limiting to tool_http_request node

Without rate limiting, the HTTP request node can be abused to flood
external APIs or exhaust server resources. This adds a token-bucket
rate limiter with three configurable limits: per-second, per-minute,
and max concurrent requests.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(nodes): address PR #560 review feedback for rate limiter

- Fix critical bug: check semaphore BEFORE consuming tokens so rejected
  requests don't wastefully consume rate-limit tokens. Release semaphore
  if token check fails afterward.
- Extract _config_int() utility with min_value/max_value clamping params
  from inline _int_or_default helper in IGlobal._build_rate_limiter.
- Allow _build_rate_limiter to return None when all three rate-limit
  knobs are explicitly set to 0 (opt-out path).
- Remove unused RateLimitError import with noqa:F401 from http_driver.py.
- Add unit tests covering: normal acquire/release, per-second enforcement,
  per-minute enforcement, semaphore exhaustion, token restoration on
  semaphore rejection, and thread safety.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* chore(nodes): move tool_http_request tests

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: stepmik <stepmikhaylov@yandex.ru>

Author: 3 people

nodes/src/nodes/tool_http_request/IGlobal.py

@@ -25,7 +25,7 @@
 HTTP Request tool node - global (shared) state.
 
 Reads config and stores security guardrails (allowed methods + URL whitelist)
-for IInstance tool methods.
+and rate limiter for IInstance tool methods.
 """
 
 from __future__ import annotations
@@ -34,6 +34,32 @@
 from ai.common.config import Config
 from rocketlib import IGlobalBase, OPEN_MODE, warning
 
+from .rate_limiter import DEFAULT_MAX_CONCURRENT, DEFAULT_MAX_PER_MINUTE, DEFAULT_MAX_PER_SECOND, RateLimiter
+
+
+def _config_int(cfg: dict, key: str, default: int, *, min_value: int | None = None, max_value: int | None = None) -> int:
+    """Read an integer from *cfg*, falling back to *default*.
+
+    Returns *default* when the key is missing, non-numeric, or <= 0.
+    The result is clamped to [min_value, max_value] when those bounds are given.
+    """
+    raw = cfg.get(key)
+    if raw is None:
+        val = default
+    else:
+        try:
+            val = int(raw)
+            if val <= 0:
+                val = default
+        except (TypeError, ValueError):
+            val = default
+    if min_value is not None:
+        val = max(val, min_value)
+    if max_value is not None:
+        val = min(val, max_value)
+    return val
+
+
 _METHOD_FLAGS = {
     'GET': 'allowGET',
     'POST': 'allowPOST',
@@ -50,13 +76,15 @@ class IGlobal(IGlobalBase):
 
     enabled_methods: set[str] | None = None
     url_patterns: list[re.Pattern] | None = None
+    rate_limiter: RateLimiter | None = None
 
     def beginGlobal(self) -> None:
         if self.IEndpoint.endpoint.openMode == OPEN_MODE.CONFIG:
             return
 
         cfg = Config.getNodeConfig(self.glb.logicalType, self.glb.connConfig)
         self.enabled_methods, self.url_patterns = self._build_guardrails(cfg)
+        self.rate_limiter = self._build_rate_limiter(cfg)
 
     @staticmethod
     def _build_guardrails(cfg: dict) -> tuple[set[str], list[re.Pattern]]:
@@ -89,6 +117,35 @@ def _build_guardrails(cfg: dict) -> tuple[set[str], list[re.Pattern]]:
 
         return enabled, patterns
 
+    @staticmethod
+    def _build_rate_limiter(cfg: dict) -> RateLimiter | None:
+        """Create a ``RateLimiter`` from the node configuration.
+
+        Returns ``None`` when all three rate-limit knobs are explicitly set to
+        ``0`` (i.e. the user has opted out of rate limiting).
+        """
+        raw_ps = cfg.get('rateLimitPerSecond')
+        raw_pm = cfg.get('rateLimitPerMinute')
+        raw_mc = cfg.get('maxConcurrentRequests')
+
+        # If all three are explicitly set to 0, disable rate limiting entirely.
+        def _is_zero(raw: object) -> bool:
+            if raw is None:
+                return False
+            try:
+                return int(raw) == 0
+            except (TypeError, ValueError):
+                return False
+
+        if _is_zero(raw_ps) and _is_zero(raw_pm) and _is_zero(raw_mc):
+            return None
+
+        return RateLimiter(
+            max_per_second=_config_int(cfg, 'rateLimitPerSecond', DEFAULT_MAX_PER_SECOND, min_value=1),
+            max_per_minute=_config_int(cfg, 'rateLimitPerMinute', DEFAULT_MAX_PER_MINUTE, min_value=1),
+            max_concurrent=_config_int(cfg, 'maxConcurrentRequests', DEFAULT_MAX_CONCURRENT, min_value=1),
+        )
+
     def validateConfig(self) -> None:
         try:
             cfg = Config.getNodeConfig(self.glb.logicalType, self.glb.connConfig)
@@ -105,3 +162,4 @@ def validateConfig(self) -> None:
     def endGlobal(self) -> None:
         self.enabled_methods = set()
         self.url_patterns = []
+        self.rate_limiter = None

nodes/src/nodes/tool_http_request/IInstance.py

@@ -128,16 +128,25 @@ def http_request(self, args):
         # Validate guardrails from config
         self._validate_guardrails(args)
 
-        return execute_request(
-            url=args.get('url', ''),
-            method=args.get('method', 'GET'),
-            query_params=args.get('query_params'),
-            path_params=args.get('path_params'),
-            headers=args.get('headers'),
-            auth=args.get('auth'),
-            body=args.get('body'),
-            timeout=args.get('timeout'),
-        )
+        # Enforce rate limits before executing the request
+        rate_limiter = self.IGlobal.rate_limiter
+        if rate_limiter is not None:
+            rate_limiter.acquire()
+
+        try:
+            return execute_request(
+                url=args.get('url', ''),
+                method=args.get('method', 'GET'),
+                query_params=args.get('query_params'),
+                path_params=args.get('path_params'),
+                headers=args.get('headers'),
+                auth=args.get('auth'),
+                body=args.get('body'),
+                timeout=args.get('timeout'),
+            )
+        finally:
+            if rate_limiter is not None:
+                rate_limiter.release()
 
     def _validate_guardrails(self, args):
         """Enforce allowed methods + URL whitelist from config."""

nodes/src/nodes/tool_http_request/http_client.py

@@ -56,7 +56,6 @@ def execute_request(
 
     Raises ``requests.RequestException`` on transport-level failures.
     """
-
     resolved_url = _resolve_path_params(url, path_params)
 
     req_headers = dict(headers or {})
@@ -95,6 +94,7 @@ def execute_request(
 # Internal helpers
 # ---------------------------------------------------------------------------
 
+
 def _resolve_path_params(url: str, path_params: Optional[Dict[str, str]]) -> str:
     """Replace ``:name`` placeholders in the URL with values from *path_params*."""
     if not path_params:

nodes/src/nodes/tool_http_request/rate_limiter.py

@@ -0,0 +1,121 @@
+# =============================================================================
+# MIT License
+# Copyright (c) 2024 RocketRide Inc.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+# =============================================================================
+
+"""
+Token-bucket rate limiter with concurrency control for HTTP requests.
+
+Enforces three independent limits:
+  - requests per second  (token bucket, refills every second)
+  - requests per minute  (token bucket, refills every minute)
+  - max concurrent requests  (semaphore)
+
+All limits are configurable via services.json; sensible defaults are provided.
+Thread-safe: uses a single ``threading.Lock`` for the token buckets and a
+``threading.Semaphore`` for concurrency.
+"""
+
+from __future__ import annotations
+
+import threading
+import time
+
+
+class RateLimitError(Exception):
+    """Raised when a request is rejected due to rate limiting."""
+
+
+# Defaults used when services.json omits the fields.
+DEFAULT_MAX_PER_SECOND = 10
+DEFAULT_MAX_PER_MINUTE = 100
+DEFAULT_MAX_CONCURRENT = 5
+
+
+class RateLimiter:
+    """Token-bucket rate limiter with concurrent-request semaphore."""
+
+    def __init__(
+        self,
+        *,
+        max_per_second: int = DEFAULT_MAX_PER_SECOND,
+        max_per_minute: int = DEFAULT_MAX_PER_MINUTE,
+        max_concurrent: int = DEFAULT_MAX_CONCURRENT,
+    ) -> None:
+        """Initialise token buckets and concurrency semaphore."""
+        # --- per-second bucket ---
+        self._ps_capacity = max(max_per_second, 1)
+        self._ps_tokens = float(self._ps_capacity)
+        self._ps_refill_rate = float(self._ps_capacity)  # tokens / second
+
+        # --- per-minute bucket ---
+        self._pm_capacity = max(max_per_minute, 1)
+        self._pm_tokens = float(self._pm_capacity)
+        self._pm_refill_rate = self._pm_capacity / 60.0  # tokens / second
+
+        self._last_refill = time.monotonic()
+        self._lock = threading.Lock()
+
+        # --- concurrency semaphore ---
+        self._max_concurrent = max(max_concurrent, 1)
+        self._semaphore = threading.Semaphore(self._max_concurrent)
+
+    # ------------------------------------------------------------------
+    # Public API
+    # ------------------------------------------------------------------
+
+    def acquire(self) -> None:
+        """Acquire a rate-limit slot, or raise ``RateLimitError``."""
+        # 1. Check concurrency limit first (non-blocking) so we never
+        #    consume tokens for a request that would be rejected anyway.
+        if not self._semaphore.acquire(blocking=False):
+            raise RateLimitError(f'Too many concurrent requests: max {self._max_concurrent} in-flight. Please wait for an ongoing request to complete.')
+
+        # 2. Check token buckets (per-second + per-minute).
+        try:
+            with self._lock:
+                self._refill()
+                if self._ps_tokens < 1.0:
+                    raise RateLimitError(f'Rate limit exceeded: max {self._ps_capacity} requests per second. Please retry after a short delay.')
+                if self._pm_tokens < 1.0:
+                    raise RateLimitError(f'Rate limit exceeded: max {self._pm_capacity} requests per minute. Please retry after a short delay.')
+                self._ps_tokens -= 1.0
+                self._pm_tokens -= 1.0
+        except RateLimitError:
+            self._semaphore.release()
+            raise
+
+    def release(self) -> None:
+        """Release the concurrency slot after a request completes."""
+        self._semaphore.release()
+
+    # ------------------------------------------------------------------
+    # Internals
+    # ------------------------------------------------------------------
+
+    def _refill(self) -> None:
+        """Refill both token buckets based on elapsed time.  Caller holds ``_lock``."""
+        now = time.monotonic()
+        elapsed = now - self._last_refill
+        self._last_refill = now
+
+        self._ps_tokens = min(self._ps_capacity, self._ps_tokens + elapsed * self._ps_refill_rate)
+        self._pm_tokens = min(self._pm_capacity, self._pm_tokens + elapsed * self._pm_refill_rate)

nodes/src/nodes/tool_http_request/services.json

@@ -109,13 +109,32 @@
 				"type": "object",
 				"properties": ["http_request.whitelistPattern"]
 			}
+		},
+
+		"http_request.rateLimitPerSecond": {
+			"type": "number",
+			"title": "Max requests per second",
+			"description": "Maximum number of HTTP requests allowed per second. Uses a token-bucket algorithm for smooth enforcement.",
+			"default": 10
+		},
+		"http_request.rateLimitPerMinute": {
+			"type": "number",
+			"title": "Max requests per minute",
+			"description": "Maximum number of HTTP requests allowed per minute. Provides a broader throttle beyond the per-second limit.",
+			"default": 100
+		},
+		"http_request.maxConcurrentRequests": {
+			"type": "number",
+			"title": "Max concurrent requests",
+			"description": "Maximum number of HTTP requests that can be in-flight simultaneously.",
+			"default": 5
 		}
 	},
 	"shape": [
 		{
 			"section": "Pipe",
 			"title": "HTTP Request",
-			"properties": ["type", "http_request.allowGET", "http_request.allowPOST", "http_request.allowPUT", "http_request.allowPATCH", "http_request.allowDELETE", "http_request.allowHEAD", "http_request.allowOPTIONS", "http_request.urlWhitelist"]
+			"properties": ["type", "http_request.allowGET", "http_request.allowPOST", "http_request.allowPUT", "http_request.allowPATCH", "http_request.allowDELETE", "http_request.allowHEAD", "http_request.allowOPTIONS", "http_request.urlWhitelist", "http_request.rateLimitPerSecond", "http_request.rateLimitPerMinute", "http_request.maxConcurrentRequests"]
 		}
 	]
 }