implement WAF v4 experimental

experimental/waf.go

@@ -4,14 +4,19 @@
 package experimental
 
 import (
-	"github.com/corazawaf/coraza/v3/internal/corazawaf"
+	"io"
+
+	"github.com/corazawaf/coraza/v3"
 	"github.com/corazawaf/coraza/v3/types"
 )
 
-type Options = corazawaf.Options
-
-// WAFWithOptions is an interface that allows to create transactions
-// with options
-type WAFWithOptions interface {
-	NewTransactionWithOptions(Options) types.Transaction
+// WAF IMPORTANT: This interface is experimental and may change in the future
+// WAF v4 interface supports creating transactions with options and
+// closing the WAF instance to release resources
+// This interface will replace coraza.WAF in v4
+type WAF interface {
+	coraza.WAF
+	io.Closer
+	// NewTransactionWithOptions creates a new initialized transaction for this WAF instance
+	NewTransactionWithOptions(coraza.Options) types.Transaction
 }

experimental/waf_test.go

@@ -1,31 +1,32 @@
 // Copyright 2024 Juan Pablo Tosso and the OWASP Coraza contributors
 // SPDX-License-Identifier: Apache-2.0
 
-package experimental_test
+package experimental
 
 import (
-	"fmt"
+	"testing"
 
 	"github.com/corazawaf/coraza/v3"
-	"github.com/corazawaf/coraza/v3/experimental"
 )
 
-func ExampleWAFWithOptions_NewTransactionWithOptions() {
+func TestWAFWithOptions(t *testing.T) {
 	waf, err := coraza.NewWAF(coraza.NewWAFConfig())
 	if err != nil {
-		panic(err)
+		t.Fatal(err)
 	}
 
-	oWAF, ok := waf.(experimental.WAFWithOptions)
+	oWAF, ok := waf.(WAF)
 	if !ok {
-		panic("WAF does not implement WAFWithOptions")
+		t.Fatal("WAF does not implement WAF v4")
 	}
 
-	tx := oWAF.NewTransactionWithOptions(experimental.Options{
+	tx := oWAF.NewTransactionWithOptions(coraza.Options{
 		ID: "abc123",
 	})
 
-	fmt.Println("Transaction ID:", tx.ID())
+	if tx.ID() != "abc123" {
+		t.Error("Transaction ID not set")
+	}
 
 	// Output:
 	// Transaction ID: abc123

http/middleware.go

@@ -105,9 +105,9 @@ func WrapHandler(waf coraza.WAF, h http.Handler) http.Handler {
 		return waf.NewTransaction()
 	}
 
-	if ctxwaf, ok := waf.(experimental.WAFWithOptions); ok {
+	if ctxwaf, ok := waf.(experimental.WAF); ok {
 		newTX = func(r *http.Request) types.Transaction {
-			return ctxwaf.NewTransactionWithOptions(experimental.Options{
+			return ctxwaf.NewTransactionWithOptions(coraza.Options{
 				Context: r.Context(),
 			})
 		}

internal/corazawaf/waf.go

@@ -165,6 +165,11 @@ func (w *WAF) NewTransactionWithOptions(opts Options) *Transaction {
 	return w.newTransaction(opts)
 }
 
+// Close will release resources used by the WAF instance
+func (w *WAF) Close() error {
+	return nil
+}
+
 // NewTransactionWithID Creates a new initialized transaction for this WAF instance
 // Using the specified ID
 func (w *WAF) newTransaction(opts Options) *Transaction {

waf.go

@@ -8,13 +8,17 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/corazawaf/coraza/v3/experimental"
 	"github.com/corazawaf/coraza/v3/internal/corazawaf"
 	"github.com/corazawaf/coraza/v3/internal/environment"
 	"github.com/corazawaf/coraza/v3/internal/seclang"
 	"github.com/corazawaf/coraza/v3/types"
 )
 
+// Options is used to create tranactions with context and ID
+// This is only supported as part of the experimental package
+// experimental.WAF.NewTransactionWithOptions(Options)
+type Options = corazawaf.Options
+
 // WAF instance is used to store configurations and rules
 // Every web application should have a different WAF instance,
 // but you can share an instance if you are ok with sharing
@@ -148,6 +152,11 @@ func (w wafWrapper) NewTransactionWithID(id string) types.Transaction {
 }
 
 // NewTransaction implements the same method on WAF.
-func (w wafWrapper) NewTransactionWithOptions(opts experimental.Options) types.Transaction {
+func (w wafWrapper) NewTransactionWithOptions(opts Options) types.Transaction {
 	return w.waf.NewTransactionWithOptions(opts)
 }
+
+// Close implements the same method on WAF.
+func (w wafWrapper) Close() error {
+	return w.waf.Close()
+}