fix: Sentry capturing compressed bodies when RequestDecompression middleware is enabled (#4315)

Resolves #4312:
- #4312

#skip-changelog

Author: jamescrosswell

CHANGELOG.md

@@ -12,6 +12,7 @@
 
 ### Fixes
 
+- Sentry now decompresses Request bodies in ASP.NET Core when RequestDecompression middleware is enabled ([#4315](https://github.com/getsentry/sentry-dotnet/pull/4315))
 - Custom ISentryEventProcessors are now run for native iOS events ([#4318](https://github.com/getsentry/sentry-dotnet/pull/4318))
 - Crontab validation when capturing checkins ([#4314](https://github.com/getsentry/sentry-dotnet/pull/4314))
 - Native AOT: link to static `lzma` on Linux/MUSL ([#4326](https://github.com/getsentry/sentry-dotnet/pull/4326))

src/Sentry.AspNetCore/RequestDecompression/ATTRIBUTION.txt

@@ -0,0 +1,28 @@
+The code in this subdirectory has been adapted from
+https://github.com/dotnet/aspnetcore
+
+The original license is as follows:
+
+The MIT License (MIT)
+
+Copyright (c) .NET Foundation and Contributors
+
+All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

src/Sentry.AspNetCore/RequestDecompression/RequestDecompressionMiddleware.cs

@@ -0,0 +1,107 @@
+// Adapted from: https://github.com/dotnet/aspnetcore/blob/c18e93a9a2e2949e1a9c880da16abf0837aa978f/src/Middleware/RequestDecompression/src/RequestDecompressionMiddleware.cs
+
+// // Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http.Features;
+using Microsoft.AspNetCore.Http.Metadata;
+using Microsoft.AspNetCore.RequestDecompression;
+using Microsoft.Extensions.Logging;
+
+namespace Sentry.AspNetCore.RequestDecompression;
+
+/// <summary>
+/// Enables HTTP request decompression.
+/// </summary>
+internal sealed partial class RequestDecompressionMiddleware
+{
+    private readonly RequestDelegate _next;
+    private readonly ILogger<RequestDecompressionMiddleware> _logger;
+    private readonly IRequestDecompressionProvider _provider;
+    private readonly IHub _hub;
+
+    /// <summary>
+    /// Initialize the request decompression middleware.
+    /// </summary>
+    /// <param name="next">The delegate representing the remaining middleware in the request pipeline.</param>
+    /// <param name="logger">The logger.</param>
+    /// <param name="provider">The <see cref="IRequestDecompressionProvider"/>.</param>
+    /// <param name="hub">The Sentry Hub</param>
+    public RequestDecompressionMiddleware(
+        RequestDelegate next,
+        ILogger<RequestDecompressionMiddleware> logger,
+        IRequestDecompressionProvider provider,
+        IHub hub)
+    {
+        ArgumentNullException.ThrowIfNull(next);
+        ArgumentNullException.ThrowIfNull(logger);
+        ArgumentNullException.ThrowIfNull(provider);
+        ArgumentNullException.ThrowIfNull(hub);
+
+        _next = next;
+        _logger = logger;
+        _provider = provider;
+        _hub = hub;
+    }
+
+    /// <summary>
+    /// Invoke the middleware.
+    /// </summary>
+    /// <param name="context">The <see cref="HttpContext"/>.</param>
+    /// <returns>A task that represents the execution of this middleware.</returns>
+    public Task Invoke(HttpContext context)
+    {
+        Stream? decompressionStream = null;
+        try
+        {
+            decompressionStream = _provider.GetDecompressionStream(context);
+        }
+        catch (Exception e)
+        {
+            HandleException(e);
+        }
+        return decompressionStream is null
+            ? _next(context)
+            : InvokeCore(context, decompressionStream);
+    }
+
+    private async Task InvokeCore(HttpContext context, Stream decompressionStream)
+    {
+        var request = context.Request.Body;
+        try
+        {
+            try
+            {
+                var sizeLimit =
+                    context.GetEndpoint()?.Metadata?.GetMetadata<IRequestSizeLimitMetadata>()?.MaxRequestBodySize
+                        ?? context.Features.Get<IHttpMaxRequestBodySizeFeature>()?.MaxRequestBodySize;
+
+                context.Request.Body = new SizeLimitedStream(decompressionStream, sizeLimit, static (long sizeLimit) => throw new BadHttpRequestException(
+                        $"The decompressed request body is larger than the request body size limit {sizeLimit}.",
+                        StatusCodes.Status413PayloadTooLarge));
+            }
+            catch (Exception e)
+            {
+                HandleException(e);
+            }
+
+            await _next(context).ConfigureAwait(false);
+        }
+        finally
+        {
+            context.Request.Body = request;
+            await decompressionStream.DisposeAsync().ConfigureAwait(false);
+        }
+    }
+
+    private void HandleException(Exception e)
+    {
+        const string description =
+            "An exception was captured and then re-thrown, when attempting to decompress the request body." +
+            "The web server likely returned a 5xx error code as a result of this exception.";
+        e.SetSentryMechanism(nameof(RequestDecompressionMiddleware), description, handled: false);
+        _hub.CaptureException(e);
+        ExceptionDispatchInfo.Capture(e).Throw();
+    }
+}

src/Sentry.AspNetCore/RequestDecompression/SizeLimitedStream.cs

@@ -0,0 +1,113 @@
+// Copied from: https://github.com/dotnet/aspnetcore/blob/c18e93a9a2e2949e1a9c880da16abf0837aa978f/src/Shared/SizeLimitedStream.cs
+// The only changes are the namespace and the addition of this comment
+
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+namespace Sentry.AspNetCore.RequestDecompression;
+
+#nullable enable
+
+internal sealed class SizeLimitedStream : Stream
+{
+    private readonly Stream _innerStream;
+    private readonly long? _sizeLimit;
+    private readonly Action<long>? _handleSizeLimit;
+    private long _totalBytesRead;
+
+    public SizeLimitedStream(Stream innerStream, long? sizeLimit, Action<long>? handleSizeLimit = null)
+    {
+        ArgumentNullException.ThrowIfNull(innerStream);
+
+        _innerStream = innerStream;
+        _sizeLimit = sizeLimit;
+        _handleSizeLimit = handleSizeLimit;
+    }
+
+    public override bool CanRead => _innerStream.CanRead;
+
+    public override bool CanSeek => _innerStream.CanSeek;
+
+    public override bool CanWrite => _innerStream.CanWrite;
+
+    public override long Length => _innerStream.Length;
+
+    public override long Position
+    {
+        get
+        {
+            return _innerStream.Position;
+        }
+        set
+        {
+            _innerStream.Position = value;
+        }
+    }
+
+    public override void Flush()
+    {
+        _innerStream.Flush();
+    }
+
+    public override int Read(byte[] buffer, int offset, int count)
+    {
+        var bytesRead = _innerStream.Read(buffer, offset, count);
+
+        _totalBytesRead += bytesRead;
+        if (_totalBytesRead > _sizeLimit)
+        {
+            if (_handleSizeLimit != null)
+            {
+                _handleSizeLimit(_sizeLimit.Value);
+            }
+            else
+            {
+                throw new InvalidOperationException("The maximum number of bytes have been read.");
+            }
+        }
+
+        return bytesRead;
+    }
+
+    public override long Seek(long offset, SeekOrigin origin)
+    {
+        return _innerStream.Seek(offset, origin);
+    }
+
+    public override void SetLength(long value)
+    {
+        _innerStream.SetLength(value);
+    }
+
+    public override void Write(byte[] buffer, int offset, int count)
+    {
+        _innerStream.Write(buffer, offset, count);
+    }
+
+    public override Task<int> ReadAsync(byte[] buffer, int offset, int count, CancellationToken cancellationToken)
+    {
+        return ReadAsync(buffer.AsMemory(offset, count), cancellationToken).AsTask();
+    }
+
+    public override async ValueTask<int> ReadAsync(Memory<byte> buffer, CancellationToken cancellationToken = default)
+    {
+#pragma warning disable CA2007
+        var bytesRead = await _innerStream.ReadAsync(buffer, cancellationToken);
+#pragma warning restore CA2007
+
+        _totalBytesRead += bytesRead;
+        if (_totalBytesRead > _sizeLimit)
+        {
+            if (_handleSizeLimit != null)
+            {
+                _handleSizeLimit(_sizeLimit.Value);
+            }
+            else
+            {
+                throw new InvalidOperationException("The maximum number of bytes have been read.");
+            }
+        }
+
+        return bytesRead;
+    }
+}

src/Sentry.AspNetCore/SentryStartupFilter.cs

@@ -1,5 +1,10 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.RequestDecompression;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
+using Sentry.AspNetCore.RequestDecompression;
+using Sentry.Extensibility;
 
 namespace Sentry.AspNetCore;
 
@@ -11,10 +16,19 @@ public class SentryStartupFilter : IStartupFilter
     /// <summary>
     /// Adds Sentry to the pipeline.
     /// </summary>
-    public Action<IApplicationBuilder> Configure(Action<IApplicationBuilder> next) => e =>
+    public Action<IApplicationBuilder> Configure(Action<IApplicationBuilder> next) => app =>
     {
-        e.UseSentry();
+        // If we are capturing request bodies and the user has configured request body decompression, we need to
+        // ensure that the RequestDecompression middleware gets called before Sentry's middleware.
+        var options = app.ApplicationServices.GetService<IOptions<SentryAspNetCoreOptions>>();
+        if (options?.Value is { } o && o.MaxRequestBodySize != RequestSize.None
+            && app.ApplicationServices.GetService<IRequestDecompressionProvider>() is not null)
+        {
+            app.UseMiddleware<RequestDecompressionMiddleware>();
+        }
 
-        next(e);
+        app.UseSentry();
+
+        next(app);
     };
 }

src/Sentry/Extensibility/BaseRequestPayloadExtractor.cs

@@ -18,19 +18,22 @@ public abstract class BaseRequestPayloadExtractor : IRequestPayloadExtractor
             return null;
         }
 
-        if (request.Body == null
-            || !request.Body.CanSeek
-            || !request.Body.CanRead
-            || !IsSupported(request))
+        if (request.Body is not { CanRead: true } || !IsSupported(request))
         {
             return null;
         }
 
+        if (!request.Body.CanSeek)
+        {
+            // When RequestDecompression is enabled, the RequestDecompressionMiddleware will store a SizeLimitedStream
+            // in the request body after decompression. Seek operations throw an exception, but we can still read the stream
+            return DoExtractPayLoad(request);
+        }
+
         var originalPosition = request.Body.Position;
         try
         {
             request.Body.Position = 0;
-
             return DoExtractPayLoad(request);
         }
         finally

test/Sentry.AspNetCore.TestUtils/FakeSentryServer.cs

@@ -5,7 +5,7 @@
 
 namespace Sentry.AspNetCore.TestUtils;
 
-internal static class FakeSentryServer
+public static class FakeSentryServer
 {
     public static TestServer CreateServer(IReadOnlyCollection<RequestHandler> handlers)
     {