WIP Add sliding window rate limiter

TODO: Commit message
+ Explain rationale for using the 'Sliding Window Counter Rate Limiter' algorithm
+ Link to https://medium.com/redis-with-raphael-de-lio/sliding-window-counter-rate-limiter-redis-java-1ba8901c02e5
+ Explain reason for filtering segments for sum (as opposed to relying purely on Redis expiring the segment hash fields)
+ Split out RedisConnection and FakeRedisConnectionManager into separate commit

Author: smfeest

src/Buttercup.Security.Tests/ServiceCollectionExtensionsTests.cs

@@ -90,6 +90,16 @@ public void AddSecurityServices_AddsRandomTokenGenerator() =>
                 serviceDescriptor.ImplementationType == typeof(RandomTokenGenerator) &&
                 serviceDescriptor.Lifetime == ServiceLifetime.Transient);
 
+    [Fact]
+    public void AddSecurityServices_AddsSlidingWindowRateLimiter() =>
+        Assert.Contains(
+            new ServiceCollection().AddSecurityServices(),
+            serviceDescriptor =>
+                serviceDescriptor.ServiceType == typeof(ISlidingWindowRateLimiter) &&
+                serviceDescriptor.ImplementationType == typeof(SlidingWindowRateLimiter) &&
+                serviceDescriptor.Lifetime == ServiceLifetime.Transient);
+
+
     [Fact]
     public void AddSecurityServices_AddsTokenAuthenticationService() =>
         Assert.Contains(

src/Buttercup.Security.Tests/SlidingWindowRateLimiterTests.cs

@@ -0,0 +1,80 @@
+using Buttercup.TestUtils;
+using Microsoft.Extensions.Time.Testing;
+using Moq;
+using StackExchange.Redis;
+using Xunit;
+
+namespace Buttercup.Security;
+
+public sealed class SlidingWindowRateLimiterTests
+{
+    private readonly FakeTimeProvider timeProvider = new();
+
+    private readonly SlidingWindowRateLimiterOptions options = new()
+    {
+        Limit = 15,
+        SegmentsPerWindow = 5,
+        Window = TimeSpan.FromMilliseconds(50),
+    };
+
+    [Fact]
+    public async Task IsAllowed_ReturnsTrueOrFalseBasedOnLimit()
+    {
+        var keySuffix = Random.Shared.Next();
+        var key1 = $"Foo{keySuffix}";
+        var key2 = $"Bar{keySuffix}";
+
+        using var connection = await RedisConnection.GetConnection();
+        var connectionManager = new FakeRedisConnectionManager(connection);
+        var rateLimiter = new SlidingWindowRateLimiter(connectionManager, this.timeProvider);
+
+        for (var i = 0; i < 5; i++)
+        {
+            Assert.True(await rateLimiter.IsAllowed(key1, this.options));
+        }
+
+        this.timeProvider.Advance(TimeSpan.FromMilliseconds(10));
+
+        for (var i = 0; i < 5; i++)
+        {
+            Assert.True(await rateLimiter.IsAllowed(key1, this.options));
+        }
+
+        this.timeProvider.Advance(TimeSpan.FromMilliseconds(20));
+
+        for (var i = 0; i < 5; i++)
+        {
+            Assert.True(await rateLimiter.IsAllowed(key1, this.options));
+        }
+
+        Assert.False(await rateLimiter.IsAllowed(key1, this.options));
+        Assert.True(await rateLimiter.IsAllowed(key2, this.options));
+
+        this.timeProvider.Advance(TimeSpan.FromMilliseconds(20));
+
+        for (var i = 0; i < 5; i++)
+        {
+            Assert.True(await rateLimiter.IsAllowed(key1, this.options));
+        }
+
+        Assert.False(await rateLimiter.IsAllowed(key1, this.options));
+        Assert.True(await rateLimiter.IsAllowed(key2, this.options));
+    }
+
+    [Fact]
+    public async Task IsAllowed_ChecksAndRethrowsExceptions()
+    {
+        var connectionMock = new Mock<IConnectionMultiplexer>();
+        var connectionManager = new FakeRedisConnectionManager(connectionMock.Object);
+        var rateLimiter = new SlidingWindowRateLimiter(connectionManager, this.timeProvider);
+
+        var expectedException = new RedisException("Fake exception");
+        connectionMock.Setup(x => x.GetDatabase(-1, null)).Throws(expectedException);
+
+        Assert.Same(
+            expectedException,
+            await Assert.ThrowsAsync<RedisException>(
+                () => rateLimiter.IsAllowed("Foo", this.options)));
+        Assert.Same(expectedException, Assert.Single(connectionManager.CheckedExceptions));
+    }
+}

src/Buttercup.Security/Buttercup.Security.csproj

@@ -6,5 +6,6 @@
     <ProjectReference Include="..\Buttercup.Core\Buttercup.Core.csproj" />
     <ProjectReference Include="..\Buttercup.EntityModel\Buttercup.EntityModel.csproj" />
     <ProjectReference Include="..\Buttercup.Email\Buttercup.Email.csproj" />
+    <ProjectReference Include="..\Buttercup.Redis\Buttercup.Redis.csproj" />
   </ItemGroup>
 </Project>

src/Buttercup.Security/ISlidingWindowRateLimiter.cs

@@ -0,0 +1,17 @@
+namespace Buttercup.Security;
+
+/// <summary>
+/// Defines the contract for a sliding window rate limiter.
+/// </summary>
+public interface ISlidingWindowRateLimiter
+{
+    /// <summary>
+    /// Checks whether an operation is allowed to proceed based on a sliding window rate limit.
+    /// </summary>
+    /// <param name="key">The operation key.</param>
+    /// <param name="options">The rate limiter options.</param>
+    /// <returns>
+    /// <b>true</b> if the operation is allowed to proceed; otherwise, <b>false</b>
+    /// </returns>
+    Task<bool> IsAllowed(string key, SlidingWindowRateLimiterOptions options);
+}

src/Buttercup.Security/ServiceCollectionExtensions.cs

@@ -30,5 +30,6 @@ public static IServiceCollection AddSecurityServices(this IServiceCollection ser
             .AddTransient<IPasswordAuthenticationService, PasswordAuthenticationService>()
             .AddTransient<IRandomNumberGeneratorFactory, RandomNumberGeneratorFactory>()
             .AddTransient<IRandomTokenGenerator, RandomTokenGenerator>()
+            .AddTransient<ISlidingWindowRateLimiter, SlidingWindowRateLimiter>()
             .AddTransient<ITokenAuthenticationService, TokenAuthenticationService>();
 }

src/Buttercup.Security/SlidingWindowRateLimiter.cs

@@ -0,0 +1,61 @@
+using Buttercup.Redis;
+using StackExchange.Redis;
+
+namespace Buttercup.Security;
+
+internal sealed class SlidingWindowRateLimiter(
+    IRedisConnectionManager redisConnectionManager, TimeProvider timeProvider)
+    : ISlidingWindowRateLimiter
+{
+    private readonly IRedisConnectionManager redisConnectionManager = redisConnectionManager;
+    private readonly TimeProvider timeProvider = timeProvider;
+
+    public async Task<bool> IsAllowed(string key, SlidingWindowRateLimiterOptions options)
+    {
+        var redisKey = $"{options.RedisKeyPrefix}:{key}";
+
+        await this.redisConnectionManager.EnsureInitialized();
+
+        try
+        {
+            var currentTicks = this.timeProvider.GetUtcNow().Ticks;
+            var ticksPerSegment = options.Window.Ticks / options.SegmentsPerWindow;
+            var currentSegmentNumber = currentTicks / ticksPerSegment;
+            var windowStartSegmentNumber = currentSegmentNumber - options.SegmentsPerWindow;
+
+            var database = this.redisConnectionManager.CurrentConnection.GetDatabase();
+            var segmentCounts = await database.HashGetAllAsync(redisKey);
+            var totalCountAcrossWindow = segmentCounts
+                .Where(entry => (long)entry.Name > windowStartSegmentNumber)
+                .Sum(entry => (long)entry.Value);
+
+            if (totalCountAcrossWindow >= options.Limit)
+            {
+                return false;
+            }
+
+            var batch = database.CreateBatch();
+            var batchTasks = new Task[]
+            {
+                batch.HashIncrementAsync(
+                    redisKey, currentSegmentNumber, 1, CommandFlags.FireAndForget),
+                batch.HashFieldExpireAsync(
+                    redisKey,
+                    [currentSegmentNumber],
+                    options.Window,
+                    ExpireWhen.HasNoExpiry,
+                    CommandFlags.FireAndForget)
+            };
+            batch.Execute();
+
+            await Task.WhenAll(batchTasks);
+
+            return true;
+        }
+        catch (Exception e)
+        {
+            await this.redisConnectionManager.CheckException(e);
+            throw;
+        }
+    }
+}

src/Buttercup.Security/SlidingWindowRateLimiterOptions.cs

@@ -0,0 +1,31 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Buttercup.Security;
+
+/// <summary>
+/// The options for a sliding window rate limiter.
+/// </summary>
+public sealed class SlidingWindowRateLimiterOptions
+{
+    /// <summary>
+    /// The maximum number of requests allowed within the sliding window.
+    /// </summary>
+    [Required]
+    public long Limit { get; set; }
+
+    /// <summary>
+    /// The prefix used to create the Redis key for each rate limit key.
+    /// </summary>
+    public string RedisKeyPrefix { get; set; } = "rate_limit:sliding_window";
+
+    /// <summary>
+    /// The number of segments each window is divided into.
+    /// </summary>
+    public int SegmentsPerWindow { get; set; } = 10;
+
+    /// <summary>
+    /// The duration of the sliding window.
+    /// </summary>
+    [Required]
+    public TimeSpan Window { get; set; }
+}

src/Buttercup.TestUtils/Buttercup.TestUtils.csproj

@@ -11,5 +11,6 @@
   <ItemGroup>
     <ProjectReference Include="..\Buttercup.Core\Buttercup.Core.csproj" />
     <ProjectReference Include="..\Buttercup.EntityModel\Buttercup.EntityModel.csproj" />
+    <ProjectReference Include="..\Buttercup.Redis\Buttercup.Redis.csproj" />
   </ItemGroup>
 </Project>

src/Buttercup.TestUtils/FakeRedisConnectionManager.cs

@@ -0,0 +1,32 @@
+using Buttercup.Redis;
+using StackExchange.Redis;
+
+namespace Buttercup.TestUtils;
+
+/// <summary>
+/// A fake implementation of <see cref="IRedisConnectionManager" />.
+/// </summary>
+public sealed class FakeRedisConnectionManager(IConnectionMultiplexer connection)
+    : IRedisConnectionManager
+{
+    /// <summary>
+    /// The list of exceptions passed to <see cref="CheckException"/>, in invocation order.
+    /// </summary>
+    public List<Exception> CheckedExceptions { get; } = [];
+
+    /// <inheritdoc/>
+    public IConnectionMultiplexer CurrentConnection { get; } = connection;
+
+    /// <inheritdoc/>
+    public Task<bool> CheckException(Exception exception)
+    {
+        this.CheckedExceptions.Add(exception);
+        return Task.FromResult(false);
+    }
+
+    /// <inheritdoc/>
+    public ValueTask DisposeAsync() => ValueTask.CompletedTask;
+
+    /// <inheritdoc/>
+    public Task EnsureInitialized() => Task.CompletedTask;
+}

src/Buttercup.TestUtils/RedisConnectioncs.cs

@@ -0,0 +1,18 @@
+using StackExchange.Redis;
+
+namespace Buttercup.TestUtils;
+
+/// <summary>
+/// Provides a singleton Redis connection for use in tests.
+/// </summary>
+public static class RedisConnection
+{
+    private static readonly Lazy<Task<ConnectionMultiplexer>> lazyConnectionTask =
+        new(() => ConnectionMultiplexer.ConnectAsync("localhost,abortConnect=false"));
+
+    /// <summary>
+    /// Gets the singleton Redis connection.
+    /// </summary>
+    /// <returns>The singleton Redis connection.</returns>
+    public static Task<ConnectionMultiplexer> GetConnection() => lazyConnectionTask.Value;
+}