Capture HTTP error response headers & handle Retry-After header (MSC4041) (#4471)

* Include HTTP response headers in MatrixError

* Lint

* Support MSC4041 / Retry-After header

* Fix tests

* Remove redundant MatrixError parameter properties

They are inherited from HTTPError, so there is no need to mark them as
parameter properties.

* Comment that retry_after_ms is deprecated

* Properly handle colons in XHR header values

Also remove the negation in the if-condition for better readability

* Improve Retry-After parsing and docstring

* Revert ternary operator to if statements

for readability

* Reuse resolved Headers for Content-Type parsing

* Treat empty Content-Type differently from null

* Add MatrixError#isRateLimitError

This is separate from MatrixError#getRetryAfterMs because it's possible
for a rate-limit error to have no Retry-After time, and having separate
methods to check each makes that more clear.

* Ignore HTTP status code when getting Retry-After

because status codes other than 429 may have Retry-After

* Catch Retry-After parsing errors

* Add test coverage for HTTP error headers

* Update license years

* Move safe Retry-After lookup to global function

so it can more conveniently check if an error is a MatrixError

* Lint

* Inline Retry-After header value parsing

as it is only used in one place and doesn't need to be exported

* Update docstrings

Co-authored-by: Richard van der Hoff <[email protected]>

* Use bare catch

Co-authored-by: Richard van der Hoff <[email protected]>

* Give HTTPError methods for rate-limit checks

and make MatrixError inherit them

* Cover undefined errcode in rate-limit check

* Update safeGetRetryAfterMs docstring

Be explicit that errors that don't look like rate-limiting errors will
not pull a retry delay value from the error.

* Use rate-limit helper functions in more places

* Group the header tests

---------

Co-authored-by: Richard van der Hoff <[email protected]>

Author: AndrewFerr

spec/unit/http-api/errors.spec.ts

@@ -0,0 +1,98 @@
+/*
+Copyright 2024 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { MatrixError } from "../../../src";
+
+type IErrorJson = MatrixError["data"];
+
+describe("MatrixError", () => {
+    let headers: Headers;
+
+    beforeEach(() => {
+        headers = new Headers({ "Content-Type": "application/json" });
+    });
+
+    function makeMatrixError(httpStatus: number, data: IErrorJson): MatrixError {
+        return new MatrixError(data, httpStatus, undefined, undefined, headers);
+    }
+
+    it("should accept absent retry time from rate-limit error", () => {
+        const err = makeMatrixError(429, { errcode: "M_LIMIT_EXCEEDED" });
+        expect(err.isRateLimitError()).toBe(true);
+        expect(err.getRetryAfterMs()).toEqual(null);
+    });
+
+    it("should retrieve retry_after_ms from rate-limit error", () => {
+        const err = makeMatrixError(429, { errcode: "M_LIMIT_EXCEEDED", retry_after_ms: 150000 });
+        expect(err.isRateLimitError()).toBe(true);
+        expect(err.getRetryAfterMs()).toEqual(150000);
+    });
+
+    it("should ignore retry_after_ms if errcode is not M_LIMIT_EXCEEDED", () => {
+        const err = makeMatrixError(429, { errcode: "M_UNKNOWN", retry_after_ms: 150000 });
+        expect(err.isRateLimitError()).toBe(true);
+        expect(err.getRetryAfterMs()).toEqual(null);
+    });
+
+    it("should retrieve numeric Retry-After header from rate-limit error", () => {
+        headers.set("Retry-After", "120");
+        const err = makeMatrixError(429, { errcode: "M_LIMIT_EXCEEDED", retry_after_ms: 150000 });
+        expect(err.isRateLimitError()).toBe(true);
+        // prefer Retry-After header over retry_after_ms
+        expect(err.getRetryAfterMs()).toEqual(120000);
+    });
+
+    it("should retrieve Date Retry-After header from rate-limit error", () => {
+        headers.set("Retry-After", `${new Date(160000).toUTCString()}`);
+        jest.spyOn(global.Date, "now").mockImplementationOnce(() => 100000);
+        const err = makeMatrixError(429, { errcode: "M_LIMIT_EXCEEDED", retry_after_ms: 150000 });
+        expect(err.isRateLimitError()).toBe(true);
+        // prefer Retry-After header over retry_after_ms
+        expect(err.getRetryAfterMs()).toEqual(60000);
+    });
+
+    it("should prefer M_FORBIDDEN errcode over HTTP status code 429", () => {
+        headers.set("Retry-After", "120");
+        const err = makeMatrixError(429, { errcode: "M_FORBIDDEN" });
+        expect(err.isRateLimitError()).toBe(false);
+        // retrieve Retry-After header even for non-M_LIMIT_EXCEEDED errors
+        expect(err.getRetryAfterMs()).toEqual(120000);
+    });
+
+    it("should prefer M_LIMIT_EXCEEDED errcode over HTTP status code 400", () => {
+        headers.set("Retry-After", "120");
+        const err = makeMatrixError(400, { errcode: "M_LIMIT_EXCEEDED" });
+        expect(err.isRateLimitError()).toBe(true);
+        // retrieve Retry-After header even for non-429 errors
+        expect(err.getRetryAfterMs()).toEqual(120000);
+    });
+
+    it("should reject invalid Retry-After header", () => {
+        for (const invalidValue of ["-1", "1.23", new Date(0).toString()]) {
+            headers.set("Retry-After", invalidValue);
+            const err = makeMatrixError(429, { errcode: "M_LIMIT_EXCEEDED" });
+            expect(() => err.getRetryAfterMs()).toThrow(
+                "value is not a valid HTTP-date or non-negative decimal integer",
+            );
+        }
+    });
+
+    it("should reject too-large Retry-After header", () => {
+        headers.set("Retry-After", "1" + Array(500).fill("0").join(""));
+        const err = makeMatrixError(429, { errcode: "M_LIMIT_EXCEEDED" });
+        expect(() => err.getRetryAfterMs()).toThrow("integer value is too large");
+    });
+});

spec/unit/http-api/index.spec.ts

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 The Matrix.org Foundation C.I.C.
+Copyright 2022 - 2024 The Matrix.org Foundation C.I.C.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -41,6 +41,7 @@ describe("MatrixHttpApi", () => {
             setRequestHeader: jest.fn(),
             onreadystatechange: undefined,
             getResponseHeader: jest.fn(),
+            getAllResponseHeaders: jest.fn(),
         } as unknown as XMLHttpRequest;
         // We stub out XHR here as it is not available in JSDOM
         // @ts-ignore
@@ -171,7 +172,10 @@ describe("MatrixHttpApi", () => {
         xhr.readyState = DONE;
         xhr.responseText = '{"errcode": "M_NOT_FOUND", "error": "Not found"}';
         xhr.status = 404;
-        mocked(xhr.getResponseHeader).mockReturnValue("application/json");
+        mocked(xhr.getResponseHeader).mockImplementation((name) =>
+            name.toLowerCase() === "content-type" ? "application/json" : null,
+        );
+        mocked(xhr.getAllResponseHeaders).mockReturnValue("content-type: application/json\r\n");
         // @ts-ignore
         xhr.onreadystatechange?.(new Event("test"));
 

spec/unit/http-api/utils.spec.ts

@@ -1,5 +1,5 @@
 /*
-Copyright 2022 The Matrix.org Foundation C.I.C.
+Copyright 2022 - 2024 The Matrix.org Foundation C.I.C.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -86,13 +86,28 @@ describe("anySignal", () => {
 });
 
 describe("parseErrorResponse", () => {
+    let headers: Headers;
+    const xhrHeaderMethods = {
+        getResponseHeader: (name: string) => headers.get(name),
+        getAllResponseHeaders: () => {
+            let allHeaders = "";
+            headers.forEach((value, key) => {
+                allHeaders += `${key.toLowerCase()}: ${value}\r\n`;
+            });
+            return allHeaders;
+        },
+    };
+
+    beforeEach(() => {
+        headers = new Headers();
+    });
+
     it("should resolve Matrix Errors from XHR", () => {
+        headers.set("Content-Type", "application/json");
         expect(
             parseErrorResponse(
                 {
-                    getResponseHeader(name: string): string | null {
-                        return name === "Content-Type" ? "application/json" : null;
-                    },
+                    ...xhrHeaderMethods,
                     status: 500,
                 } as XMLHttpRequest,
                 '{"errcode": "TEST"}',
@@ -108,14 +123,11 @@ describe("parseErrorResponse", () => {
     });
 
     it("should resolve Matrix Errors from fetch", () => {
+        headers.set("Content-Type", "application/json");
         expect(
             parseErrorResponse(
                 {
-                    headers: {
-                        get(name: string): string | null {
-                            return name === "Content-Type" ? "application/json" : null;
-                        },
-                    },
+                    headers,
                     status: 500,
                 } as Response,
                 '{"errcode": "TEST"}',
@@ -131,13 +143,12 @@ describe("parseErrorResponse", () => {
     });
 
     it("should resolve Matrix Errors from XHR with urls", () => {
+        headers.set("Content-Type", "application/json");
         expect(
             parseErrorResponse(
                 {
                     responseURL: "https://example.com",
-                    getResponseHeader(name: string): string | null {
-                        return name === "Content-Type" ? "application/json" : null;
-                    },
+                    ...xhrHeaderMethods,
                     status: 500,
                 } as XMLHttpRequest,
                 '{"errcode": "TEST"}',
@@ -154,15 +165,12 @@ describe("parseErrorResponse", () => {
     });
 
     it("should resolve Matrix Errors from fetch with urls", () => {
+        headers.set("Content-Type", "application/json");
         expect(
             parseErrorResponse(
                 {
                     url: "https://example.com",
-                    headers: {
-                        get(name: string): string | null {
-                            return name === "Content-Type" ? "application/json" : null;
-                        },
-                    },
+                    headers,
                     status: 500,
                 } as Response,
                 '{"errcode": "TEST"}',
@@ -178,6 +186,66 @@ describe("parseErrorResponse", () => {
         );
     });
 
+    describe("with HTTP headers", () => {
+        function addHeaders(headers: Headers) {
+            headers.set("Age", "0");
+            headers.set("Date", "Thu, 01 Jan 1970 00:00:00 GMT"); // value contains colons
+            headers.set("x-empty", "");
+            headers.set("x-multi", "1");
+            headers.append("x-multi", "2");
+        }
+
+        function compareHeaders(expectedHeaders: Headers, otherHeaders: Headers | undefined) {
+            expect(new Map(otherHeaders)).toEqual(new Map(expectedHeaders));
+        }
+
+        it("should resolve HTTP Errors from XHR with headers", () => {
+            headers.set("Content-Type", "text/plain");
+            addHeaders(headers);
+            const err = parseErrorResponse({
+                ...xhrHeaderMethods,
+                status: 500,
+            } as XMLHttpRequest) as HTTPError;
+            compareHeaders(headers, err.httpHeaders);
+        });
+
+        it("should resolve HTTP Errors from fetch with headers", () => {
+            headers.set("Content-Type", "text/plain");
+            addHeaders(headers);
+            const err = parseErrorResponse({
+                headers,
+                status: 500,
+            } as Response) as HTTPError;
+            compareHeaders(headers, err.httpHeaders);
+        });
+
+        it("should resolve Matrix Errors from XHR with headers", () => {
+            headers.set("Content-Type", "application/json");
+            addHeaders(headers);
+            const err = parseErrorResponse(
+                {
+                    ...xhrHeaderMethods,
+                    status: 500,
+                } as XMLHttpRequest,
+                '{"errcode": "TEST"}',
+            ) as MatrixError;
+            compareHeaders(headers, err.httpHeaders);
+        });
+
+        it("should resolve Matrix Errors from fetch with headers", () => {
+            headers.set("Content-Type", "application/json");
+            addHeaders(headers);
+            const err = parseErrorResponse(
+                {
+                    headers,
+                    status: 500,
+                } as Response,
+                '{"errcode": "TEST"}',
+            ) as MatrixError;
+            compareHeaders(headers, err.httpHeaders);
+        });
+    });
+
     it("should set a sensible default error message on MatrixError", () => {
         let err = new MatrixError();
         expect(err.message).toEqual("MatrixError: Unknown message");
@@ -188,46 +256,50 @@ describe("parseErrorResponse", () => {
     });
 
     it("should handle no type gracefully", () => {
+        // No Content-Type header
         expect(
             parseErrorResponse(
                 {
-                    headers: {
-                        get(name: string): string | null {
-                            return null;
-                        },
-                    },
+                    headers,
                     status: 500,
                 } as Response,
                 '{"errcode": "TEST"}',
             ),
         ).toStrictEqual(new HTTPError("Server returned 500 error", 500));
     });
 
+    it("should handle empty type gracefully", () => {
+        headers.set("Content-Type", " ");
+        expect(
+            parseErrorResponse(
+                {
+                    headers,
+                    status: 500,
+                } as Response,
+                '{"errcode": "TEST"}',
+            ),
+        ).toStrictEqual(new Error("Error parsing Content-Type '': TypeError: argument string is required"));
+    });
+
     it("should handle invalid type gracefully", () => {
+        headers.set("Content-Type", "unknown");
         expect(
             parseErrorResponse(
                 {
-                    headers: {
-                        get(name: string): string | null {
-                            return name === "Content-Type" ? " " : null;
-                        },
-                    },
+                    headers,
                     status: 500,
                 } as Response,
                 '{"errcode": "TEST"}',
             ),
-        ).toStrictEqual(new Error("Error parsing Content-Type ' ': TypeError: invalid media type"));
+        ).toStrictEqual(new Error("Error parsing Content-Type 'unknown': TypeError: invalid media type"));
     });
 
     it("should handle plaintext errors", () => {
+        headers.set("Content-Type", "text/plain");
         expect(
             parseErrorResponse(
                 {
-                    headers: {
-                        get(name: string): string | null {
-                            return name === "Content-Type" ? "text/plain" : null;
-                        },
-                    },
+                    headers,
                     status: 418,
                 } as Response,
                 "I'm a teapot",