fix: Use JSONSchema to verify the original data submitted by users

api/filter/schema.go

@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package filter
+
+import (
+	"bytes"
+	"io/ioutil"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+
+	"github.com/apisix/manager-api/internal/core/store"
+	"github.com/apisix/manager-api/internal/utils/consts"
+	"github.com/apisix/manager-api/log"
+)
+
+var resources = map[string]string{
+	"routes":    "route",
+	"upstreams": "upstream",
+	"services":  "service",
+	"consumers": "consumer",
+	"ssl":       "ssl",
+}
+
+func SchemaCheck() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		pathPrefix := "/apisix/admin/"
+		resource := strings.Replace(c.Request.URL.Path, pathPrefix, "", 1)
+
+		idx := strings.LastIndex(resource, "/")
+		if idx > 1 {
+			resource = resource[:idx]
+		}
+		method := strings.ToUpper(c.Request.Method)
+
+		if method != "PUT" && method != "POST" {
+			c.Next()
+			return
+		}
+		schemaKey, ok := resources[resource]
+		if !ok {
+			c.Next()
+			return
+		}
+
+		reqBody, err := c.GetRawData()
+		if err != nil {
+			log.Errorf("read request body failed: %s", err)
+			c.AbortWithStatusJSON(http.StatusBadRequest, consts.ErrInvalidRequest)
+			return
+		}
+
+		// other filter need it
+		c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(reqBody))
+
+		validator, err := store.NewAPISIXSchemaValidator("main." + schemaKey)
+		if err != nil {
+			log.Errorf("init validator failed: %s", err)
+			c.AbortWithStatusJSON(http.StatusInternalServerError, consts.ErrSchemaValidateFailed)
+			return
+		}
+
+		if err := validator.Validate(reqBody); err != nil {
+			log.Warnf("data validate failed: %s", err)
+			c.AbortWithStatusJSON(http.StatusBadRequest, consts.ErrSchemaValidateFailed)
+			return
+		}
+
+		c.Next()
+	}
+}

api/internal/core/store/validate.go

@@ -291,3 +291,45 @@ func (v *APISIXJsonSchemaValidator) Validate(obj interface{}) error {
 
 	return nil
 }
+
+type APISIXSchemaValidator struct {
+	schema *gojsonschema.Schema
+}
+
+func NewAPISIXSchemaValidator(jsonPath string) (Validator, error) {
+	schemaDef := conf.Schema.Get(jsonPath).String()
+	if schemaDef == "" {
+		log.Warnf("schema validate failed: schema not found, path: %s", jsonPath)
+		return nil, fmt.Errorf("schema validate failed: schema not found, path: %s", jsonPath)
+	}
+
+	s, err := gojsonschema.NewSchema(gojsonschema.NewStringLoader(schemaDef))
+	if err != nil {
+		log.Warnf("new schema failed: %w", err)
+		return nil, fmt.Errorf("new schema failed: %w", err)
+	}
+	return &APISIXSchemaValidator{
+		schema: s,
+	}, nil
+}
+
+func (v *APISIXSchemaValidator) Validate(obj interface{}) error {
+	ret, err := v.schema.Validate(gojsonschema.NewBytesLoader(obj.([]byte)))
+	if err != nil {
+		log.Warnf("schema validate failed: %w", err)
+		return fmt.Errorf("schema validate failed: %w", err)
+	}
+
+	if !ret.Valid() {
+		errString := buffer.Buffer{}
+		for i, vErr := range ret.Errors() {
+			if i != 0 {
+				errString.AppendString("\n")
+			}
+			errString.AppendString(vErr.String())
+		}
+		return fmt.Errorf("schema validate failed: %s", errString.String())
+	}
+
+	return nil
+}

api/internal/core/store/validate_test.go

@@ -378,3 +378,44 @@ func TestAPISIXJsonSchemaValidator_Route_checkRemoteAddr(t *testing.T) {
 		assert.Equal(t, tc.wantValidateErr, err, tc.caseDesc)
 	}
 }
+
+func TestAPISIXSchemaValidator_Validate(t *testing.T) {
+	validator, err := NewAPISIXSchemaValidator("main.consumer")
+	assert.Nil(t, err)
+
+	// normal config, should pass
+	reqBody := `{
+		"id": "jack",
+		"username": "jack",
+		"plugins": {
+		  "limit-count": {
+		      "count": 2,
+		      "time_window": 60,
+		      "rejected_code": 503,
+		      "key": "remote_addr"
+		  }
+		},
+		"desc": "test description"
+	}`
+	err = validator.Validate([]byte(reqBody))
+	assert.Nil(t, err)
+
+	// config with not exists field, should be failed.
+	reqBody = `{
+	      "username": "jack",
+              "not-exist": "val",
+	      "plugins": {
+	          "limit-count": {
+	              "count": 2,
+	              "time_window": 60,
+	              "rejected_code": 503,
+	              "key": "remote_addr"
+	          }
+	      },
+	    "desc": "test description"
+	}`
+	err = validator.Validate([]byte(reqBody))
+	assert.NotNil(t, err)
+	assert.EqualError(t, err, "schema validate failed: (root): Additional property not-exist is not allowed")
+
+}

api/internal/route.go

@@ -46,7 +46,7 @@ func SetUpRouter() *gin.Engine {
 	r := gin.New()
 	store := cookie.NewStore([]byte("secret"))
 	r.Use(sessions.Sessions("session", store))
-	r.Use(filter.CORS(), filter.Authentication(), filter.RequestId(), filter.RecoverHandler())
+	r.Use(filter.CORS(), filter.Authentication(), filter.RequestId(), filter.SchemaCheck(), filter.RecoverHandler())
 	r.Use(static.Serve("/", static.LocalFile(conf.WebDir, false)))
 	r.NoRoute(func(c *gin.Context) {
 		c.File(fmt.Sprintf("%s/index.html", conf.WebDir))

api/internal/utils/consts/error.go

@@ -19,10 +19,11 @@ package consts
 import "github.com/shiningrush/droplet/data"
 
 const (
-	ErrCodeDemoBiz = 20000
+	ErrBadRequest = 20001
 )
 
 var (
 	// base error please refer to github.com/shiningrush/droplet/data, such as data.ErrNotFound, data.ErrConflicted
-	ErrDemoBiz = data.BaseError{Code: ErrCodeDemoBiz, Message: "this is just a demo error"}
+	ErrInvalidRequest       = data.BaseError{Code: ErrBadRequest, Message: "invalid request"}
+	ErrSchemaValidateFailed = data.BaseError{Code: ErrBadRequest, Message: "JSONSchema validate failed"}
 )

api/test/e2e/json_schema_validate_test.go

@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package e2e
+
+import (
+	"net/http"
+	"testing"
+)
+
+func TestSchema_not_exist_field(t *testing.T) {
+	tests := []HttpTestCase{
+		{
+			caseDesc: "config route with non-existent fields",
+			Object:   ManagerApiExpect(t),
+			Path:     "/apisix/admin/routes/r1",
+			Method:   http.MethodPut,
+			Body: `{
+                                "uri": "/hello",
+                                "nonexistent": "test non-existent",
+                                "upstream": {
+                                        "type": "roundrobin",
+                                        "nodes": [{
+                                                "host": "172.16.238.20",
+                                                "port": 1980,
+                                                "weight": 1
+                                        }]
+                                }
+                        }`,
+			Headers:      map[string]string{"Authorization": token},
+			ExpectStatus: http.StatusBadRequest,
+		},
+		{
+			caseDesc:     "make sure the route create failed",
+			Object:       APISIXExpect(t),
+			Method:       http.MethodGet,
+			Path:         "/hello",
+			ExpectStatus: http.StatusNotFound,
+			Sleep:        sleepTime,
+		},
+	}
+
+	for _, tc := range tests {
+		testCaseCheck(tc)
+	}
+}