From d7d29149f2942ef5863f0eecfdc3f600df8b1cb2 Mon Sep 17 00:00:00 2001
From: rusirijayodaillesinghe <rusiri@wso2.com>
Date: Mon, 20 Nov 2023 21:22:06 +0530
Subject: [PATCH 1/2] Add config to modify the max payload size in choreo
 connect

---
 adapter/config/default_config.go                 | 1 +
 adapter/config/types.go                          | 1 +
 adapter/internal/oasparser/envoyconf/listener.go | 3 +++
 resources/conf/config.toml.template              | 2 ++
 4 files changed, 7 insertions(+)

diff --git a/adapter/config/default_config.go b/adapter/config/default_config.go
index a8e932e404..f9336db2fc 100644
--- a/adapter/config/default_config.go
+++ b/adapter/config/default_config.go
@@ -182,6 +182,7 @@ var defaultConfig = &Config{
 				},
 			},
 		},
+		PerConnectionBufferLimitBytes: 1048576,
 	},
 	Enforcer: enforcer{
 		Management: management{
diff --git a/adapter/config/types.go b/adapter/config/types.go
index cd142c2585..03f6b8a922 100644
--- a/adapter/config/types.go
+++ b/adapter/config/types.go
@@ -122,6 +122,7 @@ type envoy struct {
 	AwsLambda                        awsLambda
 	UseRemoteAddress                 bool
 	Filters                          filters
+	PerConnectionBufferLimitBytes    uint32
 }
 
 type connectionTimeouts struct {
diff --git a/adapter/internal/oasparser/envoyconf/listener.go b/adapter/internal/oasparser/envoyconf/listener.go
index 06dfbd30a0..e21f56ac6a 100644
--- a/adapter/internal/oasparser/envoyconf/listener.go
+++ b/adapter/internal/oasparser/envoyconf/listener.go
@@ -36,6 +36,7 @@ import (
 	logger "github.com/wso2/product-microgateway/adapter/internal/loggers"
 	"google.golang.org/protobuf/types/known/anypb"
 	"google.golang.org/protobuf/types/known/durationpb"
+	"google.golang.org/protobuf/types/known/wrapperspb"
 )
 
 // CreateRoutesConfigForRds generates the default RouteConfiguration.
@@ -185,6 +186,7 @@ func createListeners(conf *config.Config) []*listenerv3.Listener {
 				Filters: filters,
 			},
 			},
+			PerConnectionBufferLimitBytes: wrapperspb.UInt32(conf.Envoy.PerConnectionBufferLimitBytes),
 		}
 
 		tlsCert := generateTLSCert(conf.Envoy.KeyStore.KeyPath, conf.Envoy.KeyStore.CertPath)
@@ -263,6 +265,7 @@ func createListeners(conf *config.Config) []*listenerv3.Listener {
 				Filters: filters,
 			},
 			},
+			PerConnectionBufferLimitBytes: wrapperspb.UInt32(conf.Envoy.PerConnectionBufferLimitBytes),
 		}
 		listeners = append(listeners, &listener)
 		logger.LoggerOasparser.Infof("Non-secured Listener is added. %s : %d", listenerHostAddress, conf.Envoy.ListenerPort)
diff --git a/resources/conf/config.toml.template b/resources/conf/config.toml.template
index e3b6c2e227..a3c284fb7d 100644
--- a/resources/conf/config.toml.template
+++ b/resources/conf/config.toml.template
@@ -125,6 +125,8 @@ soapErrorInXMLEnabled = false
   systemHost = "localhost"
   # If configured true, router appends the immediate downstream ip address to the x-forward-for header
   useRemoteAddress = false
+  # If configured with a custom value, the buffer limit per connection will be set to the provided value.
+  perConnectionBufferLimitBytes = 1048576
 
 # Configurations of key store used in Choreo Connect Router
 [router.keystore]

From 7fe2f6dc32f8ce65c64b31d11ded5177f04cef2b Mon Sep 17 00:00:00 2001
From: rusirijayodaillesinghe <rusiri@wso2.com>
Date: Tue, 21 Nov 2023 11:31:12 +0530
Subject: [PATCH 2/2] Add unit test for the added property
 "perConnectionBufferLimitBytes"

---
 adapter/internal/oasparser/envoyconf/listener_test.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/adapter/internal/oasparser/envoyconf/listener_test.go b/adapter/internal/oasparser/envoyconf/listener_test.go
index 09a64a482a..e6b5bb299d 100644
--- a/adapter/internal/oasparser/envoyconf/listener_test.go
+++ b/adapter/internal/oasparser/envoyconf/listener_test.go
@@ -46,6 +46,8 @@ func TestCreateListenerWithRds(t *testing.T) {
 	assert.NotEmpty(t, securedListener.FilterChains, "Filter chain for listener should not be null.")
 	assert.NotNil(t, securedListener.FilterChains[0].GetTransportSocket(),
 		"Transport Socket should not be null for secured listener")
+	assert.Equal(t, uint32(1048576), securedListener.PerConnectionBufferLimitBytes.GetValue(),
+		"Buffered payload limit mismatch for secured Listener.")
 
 	nonSecuredListener := listeners[1]
 	if nonSecuredListener.Validate() != nil {
@@ -58,6 +60,8 @@ func TestCreateListenerWithRds(t *testing.T) {
 	assert.NotEmpty(t, nonSecuredListener.FilterChains, "Filter chain for listener should not be null.")
 	assert.Nil(t, nonSecuredListener.FilterChains[0].GetTransportSocket(),
 		"Transport Socket should be null for non-secured listener")
+	assert.Equal(t, uint32(1048576), nonSecuredListener.PerConnectionBufferLimitBytes.GetValue(),
+		"Buffered payload limit mismatch for non-secured Listener.")
 }
 
 func TestCreateVirtualHost(t *testing.T) {