Refactor http libraries contribs to look the same

Strech · Strech · commit 934fc357380d · 2026-02-05T17:32:52.000+01:00
diff --git a/lib/datadog/appsec/contrib/excon/ssrf_detection_middleware.rb b/lib/datadog/appsec/contrib/excon/ssrf_detection_middleware.rb
@@ -14,13 +14,13 @@ module Contrib
       module Excon
         # AppSec Middleware for Excon
         class SSRFDetectionMiddleware < ::Excon::Middleware::Base
-          ANALYZE_BODY_KEY = :__datadog_appsec_analyze_body
+          SAMPLE_BODY_KEY = :__datadog_appsec_sample_downstream_body
 
           def request_call(data)
             context = AppSec.active_context
             return super unless context && AppSec.rasp_enabled?
 
-            data[ANALYZE_BODY_KEY] = analyze_body?(context)
+            mark_body_sampling!(data, context: context)
 
             headers = normalize_headers(data[:headers])
             ephemeral_data = {
@@ -29,9 +29,8 @@ def request_call(data)
               'server.io.net.request.headers' => headers
             }
 
-            if data[ANALYZE_BODY_KEY] && (media_type = Utils::HTTP::MediaType.parse(headers['content-type']))
-              body = Utils::HTTP::Body.parse(data[:body], media_type: media_type)
-              ephemeral_data['server.io.net.request.body'] = body if body
+            if data[SAMPLE_BODY_KEY] && (body = parse_body(data[:body], content_type: headers['content-type']))
+              ephemeral_data['server.io.net.request.body'] = body
             end
 
             timeout = Datadog.configuration.appsec.waf_timeout
@@ -51,9 +50,8 @@ def response_call(data)
               'server.io.net.response.headers' => headers
             }
 
-            if data[ANALYZE_BODY_KEY] && (media_type = Utils::HTTP::MediaType.parse(headers['content-type']))
-              body = Utils::HTTP::Body.parse(data.dig(:response, :body), media_type: media_type)
-              ephemeral_data['server.io.net.response.body'] = body if body
+            if data[SAMPLE_BODY_KEY] && (body = parse_body(data.dig(:response, :body), content_type: headers['content-type']))
+              ephemeral_data['server.io.net.response.body'] = body
             end
 
             timeout = Datadog.configuration.appsec.waf_timeout
@@ -65,13 +63,20 @@ def response_call(data)
 
           private
 
-          def analyze_body?(context)
+          def mark_body_sampling!(data, context:)
             max = Datadog.configuration.appsec.api_security.downstream_body_analysis.max_requests
-            return false if context.state[:downstream_body_analyzed_count] >= max
-            return false unless context.downstream_body_sampler.sample?
+            return if context.state[:downstream_body_analyzed_count] >= max
+            return unless context.downstream_body_sampler.sample?
 
             context.state[:downstream_body_analyzed_count] += 1
-            true
+            data[SAMPLE_BODY_KEY] = true
+          end
+
+          def parse_body(body, content_type:)
+            media_type = Utils::HTTP::MediaType.parse(content_type)
+            return unless media_type
+
+            Utils::HTTP::Body.parse(body, media_type: media_type)
           end
 
           def request_url(data)
diff --git a/lib/datadog/appsec/contrib/faraday/ssrf_detection_middleware.rb b/lib/datadog/appsec/contrib/faraday/ssrf_detection_middleware.rb
@@ -12,13 +12,13 @@ module Contrib
       module Faraday
         # AppSec SSRF detection Middleware for Faraday
         class SSRFDetectionMiddleware < ::Faraday::Middleware
-          ANALYZE_BODY_KEY = :__datadog_appsec_analyze_body
+          SAMPLE_BODY_KEY = :__datadog_appsec_sample_downstream_body
 
           def call(env)
             context = AppSec.active_context
             return @app.call(env) unless context && AppSec.rasp_enabled?
 
-            env[ANALYZE_BODY_KEY] = analyze_body?(context)
+            mark_body_sampling!(env, context: context)
 
             headers = normalize_headers(env.request_headers)
             ephemeral_data = {
@@ -27,9 +27,8 @@ def call(env)
               'server.io.net.request.headers' => headers
             }
 
-            if env[ANALYZE_BODY_KEY] && (media_type = Utils::HTTP::MediaType.parse(headers['content-type']))
-              body = Utils::HTTP::Body.parse(env.body, media_type: media_type)
-              ephemeral_data['server.io.net.request.body'] = body if body
+            if env[SAMPLE_BODY_KEY] && (body = parse_body(env.body, content_type: headers['content-type']))
+              ephemeral_data['server.io.net.request.body'] = body
             end
 
             timeout = Datadog.configuration.appsec.waf_timeout
@@ -48,23 +47,29 @@ def on_complete(env, context:)
               'server.io.net.response.headers' => headers
             }
 
-            if env[ANALYZE_BODY_KEY] && (media_type = Utils::HTTP::MediaType.parse(headers['content-type']))
-              body = Utils::HTTP::Body.parse(env.body, media_type: media_type)
-              ephemeral_data['server.io.net.response.body'] = body if body
+            if env[SAMPLE_BODY_KEY] && (body = parse_body(env.body, content_type: headers['content-type']))
+              ephemeral_data['server.io.net.response.body'] = body
             end
 
             timeout = Datadog.configuration.appsec.waf_timeout
             result = context.run_rasp(Ext::RASP_SSRF, {}, ephemeral_data, timeout, phase: Ext::RASP_RESPONSE_PHASE)
             handle(result, context: context) if result.match?
           end
 
-          def analyze_body?(context)
+          def mark_body_sampling!(env, context:)
             max = Datadog.configuration.appsec.api_security.downstream_body_analysis.max_requests
-            return false if context.state[:downstream_body_analyzed_count] >= max
-            return false unless context.downstream_body_sampler.sample?
+            return if context.state[:downstream_body_analyzed_count] >= max
+            return unless context.downstream_body_sampler.sample?
 
             context.state[:downstream_body_analyzed_count] += 1
-            true
+            env[SAMPLE_BODY_KEY] = true
+          end
+
+          def parse_body(body, content_type:)
+            media_type = Utils::HTTP::MediaType.parse(content_type)
+            return unless media_type
+
+            Utils::HTTP::Body.parse(body, media_type: media_type)
           end
 
           def normalize_headers(headers)
diff --git a/lib/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rb b/lib/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rb
@@ -23,10 +23,9 @@ def execute(&block)
               'server.io.net.request.headers' => headers
             }
 
-            analyze_body = analyze_body?(context)
-            if analyze_body && payload && (media_type = Utils::HTTP::MediaType.parse(headers['content-type']))
-              body = Utils::HTTP::Body.parse(payload.to_s, media_type: media_type)
-              ephemeral_data['server.io.net.request.body'] = body if body
+            sample_body = mark_body_sampling!(context)
+            if sample_body && (body = parse_body(payload.to_s, content_type: headers['content-type']))
+              ephemeral_data['server.io.net.request.body'] = body
             end
 
             timeout = Datadog.configuration.appsec.waf_timeout
@@ -41,9 +40,8 @@ def execute(&block)
               'server.io.net.response.headers' => headers
             }
 
-            if analyze_body && (media_type = Utils::HTTP::MediaType.parse(headers['content-type']))
-              body = Utils::HTTP::Body.parse(response.body, media_type: media_type)
-              ephemeral_data['server.io.net.response.body'] = body if body
+            if sample_body && (body = parse_body(response.body, content_type: headers['content-type']))
+              ephemeral_data['server.io.net.response.body'] = body
             end
 
             result = context.run_rasp(Ext::RASP_SSRF, {}, ephemeral_data, timeout, phase: Ext::RASP_RESPONSE_PHASE)
@@ -54,7 +52,7 @@ def execute(&block)
 
           private
 
-          def analyze_body?(context)
+          def mark_body_sampling!(context)
             max = Datadog.configuration.appsec.api_security.downstream_body_analysis.max_requests
             return false if context.state[:downstream_body_analyzed_count] >= max
             return false unless context.downstream_body_sampler.sample?
@@ -63,6 +61,15 @@ def analyze_body?(context)
             true
           end
 
+          def parse_body(body, content_type:)
+            return if body.empty?
+
+            media_type = Utils::HTTP::MediaType.parse(content_type)
+            return unless media_type
+
+            Utils::HTTP::Body.parse(body, media_type: media_type)
+          end
+
           # NOTE: Starting version 2.1.0 headers are already normalized via internal
           #       variable `@processed_headers_lowercase`. In case it's available,
           #       we use it to avoid unnecessary transformation.
diff --git a/sig/datadog/appsec/contrib/excon/ssrf_detection_middleware.rbs b/sig/datadog/appsec/contrib/excon/ssrf_detection_middleware.rbs
@@ -3,15 +3,17 @@ module Datadog
     module Contrib
       module Excon
         class SSRFDetectionMiddleware
-          ANALYZE_BODY_KEY: ::Symbol
+          SAMPLE_BODY_KEY: ::Symbol
 
           def request_call: (::Excon::Middleware::Base::datum data) -> Excon::Middleware::Base::datum
 
           def response_call: (::Excon::Middleware::Base::datum data) -> ::Excon::Middleware::Base::datum
 
           private
 
-          def analyze_body?: (Context context) -> bool
+          def mark_body_sampling!: (::Excon::Middleware::Base::datum data, context: Context) -> void
+
+          def parse_body: (Utils::HTTP::Body::body body, content_type: ::String?) -> untyped
 
           def request_url: (::Excon::Middleware::Base::datum data) -> ::String
 
diff --git a/sig/datadog/appsec/contrib/faraday/ssrf_detection_middleware.rbs b/sig/datadog/appsec/contrib/faraday/ssrf_detection_middleware.rbs
@@ -3,15 +3,17 @@ module Datadog
     module Contrib
       module Faraday
         class SSRFDetectionMiddleware < ::Faraday::Middleware
-          ANALYZE_BODY_KEY: ::Symbol
+          SAMPLE_BODY_KEY: ::Symbol
 
           def call: (::Faraday::Env env) -> untyped
 
           private
 
           def on_complete: (::Faraday::Env env, context: Context) -> void
 
-          def analyze_body?: (Context context) -> bool
+          def mark_body_sampling!: (::Faraday::Env env, context: Context) -> void
+
+          def parse_body: (Utils::HTTP::Body::body body, content_type: ::String?) -> untyped
 
           def normalize_headers: (::Faraday::Utils::Headers? headers) -> ::Hash[::String, ::String]
 
diff --git a/sig/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rbs b/sig/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rbs
@@ -9,7 +9,9 @@ module Datadog
 
           private
 
-          def analyze_body?: (Context context) -> bool
+          def mark_body_sampling!: (Context context) -> bool
+
+          def parse_body: (::String body, content_type: ::String?) -> untyped
 
           def normalize_request_headers: () -> headers
 
