ratelimit

package
v0.33.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 1, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package ratelimit provides token-bucket rate limiting for MCP servers.

The public API consists of the Limiter interface, Decision result type, and NewLimiter constructor. The token bucket implementation is internal.

Index

Constants

View Source
const (
	// CodeRateLimited is the JSON-RPC error code for rate-limited requests.
	// Per RFC THV-0057: implementation-defined code in the -32000 to -32099 range.
	CodeRateLimited int64 = -32029

	// MessageRateLimited is the error message for rate-limited requests.
	MessageRateLimited = "Rate limit exceeded"
)
View Source
const (
	// MiddlewareType is the type constant for the rate limit middleware.
	MiddlewareType = "ratelimit"
)

Variables

This section is empty.

Functions

func Allow added in v0.33.0

func Allow(ctx context.Context, limiter Limiter, identity *auth.Identity, toolName string) error

Allow checks whether identity may call toolName through limiter.

func CreateMiddleware added in v0.17.0

func CreateMiddleware(config *types.MiddlewareConfig, runner types.MiddlewareRunner) error

CreateMiddleware is the factory function for rate limit middleware.

func NewMiddleware added in v0.30.0

func NewMiddleware(params MiddlewareParams) (types.Middleware, error)

NewMiddleware creates a Redis-backed rate limit middleware from typed params.

Types

type Decision

type Decision struct {
	// Allowed is true when the request may proceed.
	Allowed bool

	// RetryAfter is populated when Allowed is false.
	// It indicates the minimum wait before the next request may succeed.
	RetryAfter time.Duration
}

Decision holds the result of a rate limit check.

type Limiter

type Limiter interface {
	// Allow checks whether a request is permitted.
	// toolName is the MCP tool being called (empty for non-tool requests).
	// userID is the authenticated user (empty for unauthenticated requests).
	Allow(ctx context.Context, toolName, userID string) (*Decision, error)
}

Limiter checks rate limits for an MCP server.

func NewLimiter

func NewLimiter(client redis.Cmdable, namespace, name string, crd *v1beta1.RateLimitConfig) (Limiter, error)

NewLimiter constructs a Limiter from CRD configuration. Returns a no-op limiter (always allows) when crd is nil. namespace and name identify the MCP server for Redis key derivation.

func NewRedisLimiter added in v0.33.0

func NewRedisLimiter(params MiddlewareParams) (Limiter, io.Closer, error)

NewRedisLimiter creates a Redis-backed rate limiter from typed params.

type MiddlewareParams added in v0.17.0

type MiddlewareParams struct {
	Namespace  string                   `json:"namespace"`
	ServerName string                   `json:"server_name"`
	Config     *v1beta1.RateLimitConfig `json:"config"`
	RedisAddr  string                   `json:"redis_addr,omitempty"`
	RedisDB    int32                    `json:"redis_db,omitempty"`
}

MiddlewareParams holds the parameters for the rate limit middleware factory.

type RateLimitedError added in v0.33.0

type RateLimitedError struct {
	RetryAfter time.Duration
}

RateLimitedError reports that a request exceeded its configured rate limit.

func (*RateLimitedError) Code added in v0.33.0

func (*RateLimitedError) Code() int64

Code returns the ToolHive JSON-RPC-compatible code for rate-limited requests.

func (*RateLimitedError) Data added in v0.33.0

func (e *RateLimitedError) Data() map[string]any

Data returns structured retry metadata for transport adapters that cannot emit a custom JSON-RPC error object from the tool-handler seam.

func (*RateLimitedError) Error added in v0.33.0

func (*RateLimitedError) Error() string

Directories

Path Synopsis
internal
bucket
Package bucket implements the token bucket algorithm backed by Redis.
Package bucket implements the token bucket algorithm backed by Redis.
Package types defines shared rate limit configuration types.
Package types defines shared rate limit configuration types.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL