HTTP (hypertext transfer protocol) is a communication protocol that transfers data between client and server. HTTP requests are very essential to access resources from the same or remote server. In Golang, the net/http package comes with the default settings that we need to adjust according to our high-performance requirement.
For setting up HTTP clients for making requests, most programming languages have different frameworks in place. We will take a hands-on approach in the coming sections to explore how HTTP requests can be made in Golang or Go, as I will refer to the language for the rest of the post.
\nWhile working on the Golang projects, I realized that improper configuration of HTTP might crash your server anytime.
\nIn the time when I was working with HTTP Client, I Observed some problems and their solutions, listed below:
\nThe HTTP client does not contain the request timeout setting by default.\nIf you are using http.Get(URL) or &Client{} that uses the http.DefaultClient. DefaultClient has not timeout setting; it comes with no timeout
Suppose the Rest API where you are making the request is broken, not sending the response back that keeps the connection open. More requests came, and open connection count will increase, Increasing server resources utilization, resulting in crashing your server when resource limits are reached.
\nvar httpClient = &http.Client{\n Timeout: time.Second * 10,\n}For the Rest API, it is recommended that timeout should not more than 10 seconds.\nIf the Requested resource is not responded to in 10 seconds, the HTTP connection will be canceled with net/http: request canceled (Client.Timeout exceeded ...) error.
\nBy default, the Golang Http client performs the connection pooling. When the request completes, that connection remains open until the idle connection timeout (default is 90 seconds). If another request came, that uses the same established connection instead of creating a new connection, after the idle connection time, the connection will return to the pool.
\nUsing the connection pooling will keep less connection open and more requests will be served with minimal server resources.
\nWhen we not defined transport in the http.Client, it uses the default transport Go HTTP Transport
\nDefault configuration of the HTTP Transport,
\nvar DefaultTransport RoundTripper = &Transport{\n\t...\n\tMaxIdleConns: 100,\n\tIdleConnTimeout: 90 * time.Second,\n\t...\n}\n\nconst DefaultMaxIdleConnsPerHost = 2MaxIdleConns is the connection pool size, and this is the maximum connection that can be open; its default value is 100 connections.
\nThere is problem with the default setting DefaultMaxIdleConnsPerHost with value of 2 connection,\nDefaultMaxIdleConnsPerHost is the number of connection can be allowed to open per host basic.\nMeans for any particular host out of 100 connection from the connection pool only two connection will be allocated to that host.
With the more request came, it will process only two requests; other requests will wait for the connection to communicate with the host server and go in the TIME_WAIT state. As more request came, increase the connection to the TIME_WAIT state and increase the server resource utilization; at the limit, the server will crash.
t := http.DefaultTransport.(*http.Transport).Clone()\nt.MaxIdleConns = 100\nt.MaxConnsPerHost = 100\nt.MaxIdleConnsPerHost = 100\n\t\nhttpClient = &http.Client{\n Timeout: 10 * time.Second,\n Transport: t,\n}By increasing connection per host and the total number of idle connection, this will increase the performance and serve more request with minimal server resources.
\nConnection pool size and connection per host count can be increased as per server resources and requirements.
\nIn this article, we discussed the problems around the 'net/http' client default configurations. By changing some of the default settings of HTTP Client, we can achieve a High-performance HTTP client for production use. If you want to learn more about http, here is an interesting post on HTTP security headers If you like what you read, share your thoughts in the comment section.
\n","frontmatter":{"title":"How to Use the HTTP Client in GO To Enhance Performance","author":{"id":"Mayank Agarwal","github":"mayankagrwal","avatar":null},"date":"January 12, 2021","updated_date":null,"tags":["Golang","HTTP","Performance"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7699115044247788,"src":"/static/68276d4b4277ad09e329598038e91917/14b42/index.jpg","srcSet":"/static/68276d4b4277ad09e329598038e91917/f836f/index.jpg 200w,\n/static/68276d4b4277ad09e329598038e91917/2244e/index.jpg 400w,\n/static/68276d4b4277ad09e329598038e91917/14b42/index.jpg 800w,\n/static/68276d4b4277ad09e329598038e91917/47498/index.jpg 1200w,\n/static/68276d4b4277ad09e329598038e91917/ec6c5/index.jpg 1280w","sizes":"(max-width: 800px) 100vw, 800px"}}}},"fields":{"authorId":"Mayank Agarwal","slug":"/engineering/tune-the-go-http-client-for-high-performance/"}}},{"node":{"id":"6ce369df-8811-5c71-9d65-a5ad1f848f8b","html":"A JSON Web Token (JWT) is a JSON object that is defined in RFC 7519 as a safe way of transmitting information between two parties. Information in the JWT is digitally-signed, so that it can be verified and trusted.
\nJWT Properties
\nJWT Use Cases
\nJWT contains three parts: Header, Payload, and Signature which are separated by a dot.
\nHeader.Payload.Signature
Header
\nThe JWT Header consists of 2 parts:
\n{ \n "typ" : "JWT", \n "alg" : "HS256" \n}Header Algorithm Types:
\nalg Value
\nDigital Signature or MAC Algorithm
\n| Algo | \nDescription | \n
|---|---|
| HS256 | \nHMAC using SHA-256 hash algorithm | \n
| HS384 | \nHMAC using SHA-384 hash algorithm | \n
| HS512 | \nHMAC using SHA-512 hash algorithm | \n
| RS256 | \nRSASSA using SHA-256 hash algorithm | \n
| RS384 | \nRSASSA using SHA-384 hash algorithm | \n
| RS512 | \nRSASSA using SHA-512 hash algorithm | \n
| ES256 | \nECDSA using P-256 curve and SHA-256 hash algorithm | \n
| ES384 | \nECDSA using P-384 curve and SHA-384 hash algorithm | \n
| ES512 | \nECDSA using P-521 curve and SHA-512 hash algorithm | \n
The Base64Url-encoded Header, which is first part of our JWT, looks like the following:
\neyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
Payload
\nThe Payload, also known as the JWT claim, contains all of the information we want to transmit.
\nDifferent types of claims can be used to build the Payload:
\n| Code | \nName | \nDescription | \n
|---|---|---|
| iss | \nissuer | \nIdentifies the principal that issued the JWT. | \n
| sub | \nsubject | \nIdentifies the principal that is the subject of the JWT. | \n
| aud | \naudience | \nIdentifies the recipients that the JWT is intended for. | \n
| exp | \nExpiration time | \nIdentifies the expiration time on or after which the JWT MUST NOT be accepted for processing. | \n
| nbf | \nNot before | \nIdentifies the time before which the JWT MUST NOT be accepted for processing. | \n
| iat | \nIssue at | \nIdentifies the time at which the JWT was issued. | \n
| jti | \nJWT id | \nUnique identifier for the JWT, can be used to prevent the JWT from being replayed. | \n
Example Payload:
\n{ \n "sub": "1234567890", \n "name": "Frank Emic", \n "jti": "4b5fcea6-2a5e-4a9d-97f2-3d8631ea2c5a", \n "iat": 1521191902, \n "exp": 1521195630 \n}This example contains a combination of registered and public claims. “sub”,”jti”,”iat”, and “exp” are registered claims and “name” is a public claim.
\nThe Base64Url-encoded Payload, which is the second part of our JWT, looks like the following:
\neyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkZyYW5rIEVtaWMiL \nCJqdGkiOiI0YjVmY2VhNi0yYTVlLTRhOWQtOTdmMi0zZDg2MzFlYTJjNWEiLCJpYXQiOjE1MjExOTE5MDIsImV4cCI6MTUyMTE5NTYzMH0Signature
\nThe final part of our JWT is the Signature. To create the Signature, we need 3 components:
\nvar encodedString = base64UrlEncode(header) + \".\" + base64UrlEncode(payload);
\nHMACSHA256(encodedString, 'secret');
The secret is the Signature held by the server in order to verify tokens and sign new ones.
\nThe above Base64Url-encoded Header and Payload are combined with a dot, and then digitally-signed using the secret. This generates the Signature as the third part of the our JWT:
\nwGDoDSxfKj3Ns379NVxocwM9TOiwxhxWl
\nPutting It All Together
\neyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkZyYW5rIEVtaWMiL \nCJqdGkiOiI0YjVmY2VhNi0yYTVlLTRhOWQtOTdmMi0zZDg2MzFlYTJjNWEiLCJpYXQiOjE1MjExOTE5MDIsImV4cCI6MTUyMTE5NTYzMH0.wGDoDSxfKj3Ns379NVxocwM9TOiwxhxWlThis is our final JWT, containing the Header, Payload, and Signature joined together with dots. It can be passed as a URL parameter, a POST parameter, or in the HTTP header to authenticate or exchange information.
\nYou can play around with JWT using our JWT SSO Tool.
\nNote: JWT does not hide information; it just encodes information using the digitally-signed signature and verifies that the information has not been altered over the network. So, do not add any sensitive information in the JWT claim.
\nConclusion
\nJWT comprises three encoded parts: Header, Payload, and Signature. It can be passed as a URL or POST parameter, or in an HTTP header. Due to JWT's lightweight, self-containing, and versatile strucutre, it remains a popular tool for information exchange and authentication.
\n","frontmatter":{"title":"What is JSON Web Token","author":{"id":"Mayank Agarwal","github":"mayankagrwal","avatar":null},"date":"July 11, 2018","updated_date":null,"tags":["JWT","JSON Web Token"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7699115044247788,"src":"/static/280ee8f1345faeaa2d33899ee2475b0b/ee604/jwt.png","srcSet":"/static/280ee8f1345faeaa2d33899ee2475b0b/69585/jwt.png 200w,\n/static/280ee8f1345faeaa2d33899ee2475b0b/497c6/jwt.png 400w,\n/static/280ee8f1345faeaa2d33899ee2475b0b/ee604/jwt.png 800w,\n/static/280ee8f1345faeaa2d33899ee2475b0b/f3583/jwt.png 1200w,\n/static/280ee8f1345faeaa2d33899ee2475b0b/e4d72/jwt.png 1280w","sizes":"(max-width: 800px) 100vw, 800px"}}}},"fields":{"authorId":"Mayank Agarwal","slug":"/engineering/jwt/"}}}]},"authorYaml":{"id":"Mayank Agarwal","bio":"Mayank is a Software developer at LoginRadius. He graduated with a Bachelor of Technology Degree in Computer Science. He loves to play cricket, watching TV series and listening music.","github":"mayankagrwal","stackoverflow":null,"linkedin":null,"medium":null,"twitter":null,"avatar":null}},"pageContext":{"id":"Mayank Agarwal","__params":{"id":"mayank-agarwal"}}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}