package org.wso2.micro.gateway.enforcer.filters;

import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.HashMap;
import java.util.Map;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.json.JSONObject;
import org.wso2.micro.gateway.enforcer.Filter;
import org.wso2.micro.gateway.enforcer.api.RequestContext;
import org.wso2.micro.gateway.enforcer.api.config.APIConfig;
import org.wso2.micro.gateway.enforcer.api.config.ResourceConfig;
import org.wso2.micro.gateway.enforcer.config.ConfigHolder;
import org.wso2.micro.gateway.enforcer.security.AuthenticationContext;
import org.wso2.micro.gateway.enforcer.throttle.ThrottleAgent;
import org.wso2.micro.gateway.enforcer.throttle.ThrottleConstants;
import org.wso2.micro.gateway.enforcer.throttle.ThrottleDataHolder;
import org.wso2.micro.gateway.enforcer.throttle.databridge.agent.util.ThrottleEventConstants;
import org.wso2.micro.gateway.enforcer.util.FilterUtils;

/* loaded from: input_file:org/wso2/micro/gateway/enforcer/filters/ThrottleFilter.class */
public class ThrottleFilter implements Filter {
    private static final Logger log = LogManager.getLogger((Class<?>) ThrottleFilter.class);
    private final ThrottleDataHolder dataHolder = ThrottleDataHolder.getInstance();
    private final boolean isGlobalThrottlingEnabled = ConfigHolder.getInstance().getConfig().getThrottleConfig().isGlobalPublishingEnabled();

    @Override // org.wso2.micro.gateway.enforcer.Filter
    public void init(APIConfig aPIConfig) {
    }

    @Override // org.wso2.micro.gateway.enforcer.Filter
    public boolean handleRequest(RequestContext requestContext) {
        log.debug("Throttle filter received the request");
        if (doThrottle(requestContext)) {
            return false;
        }
        ThrottleAgent.publishNonThrottledEvent(getThrottleEventMap(requestContext));
        return true;
    }

    private boolean doThrottle(RequestContext requestContext) {
        AuthenticationContext authenticationContext = requestContext.getAuthenticationContext();
        if (requestContext.getAuthenticationContext() == null) {
            return false;
        }
        log.debug("Found AuthenticationContext for the request");
        APIConfig aPIConfig = requestContext.getMathedAPI().getAPIConfig();
        String basePath = aPIConfig.getBasePath();
        String version = aPIConfig.getVersion();
        String applicationId = authenticationContext.getApplicationId();
        String apiTier = authenticationContext.getApiTier();
        String apiThrottleKey = getApiThrottleKey(basePath, version);
        String resourceTier = getResourceTier(requestContext.getMatchedResourcePath());
        String resourceThrottleKey = getResourceThrottleKey(requestContext, basePath, version);
        String tier = authenticationContext.getTier();
        String applicationTier = authenticationContext.getApplicationTier();
        if (isAPILevelThrottled(apiThrottleKey, apiTier)) {
            FilterUtils.setThrottleErrorToContext(requestContext, ThrottleConstants.API_THROTTLE_OUT_ERROR_CODE, ThrottleConstants.THROTTLE_OUT_MESSAGE, ThrottleConstants.THROTTLE_OUT_DESCRIPTION);
            requestContext.getProperties().put(ThrottleConstants.THROTTLE_OUT_REASON, ThrottleConstants.THROTTLE_OUT_REASON_API_LIMIT_EXCEEDED);
            return true;
        }
        if (isResourceLevelThrottled(resourceThrottleKey, resourceTier)) {
            FilterUtils.setThrottleErrorToContext(requestContext, ThrottleConstants.RESOURCE_THROTTLE_OUT_ERROR_CODE, ThrottleConstants.THROTTLE_OUT_MESSAGE, ThrottleConstants.THROTTLE_OUT_DESCRIPTION);
            requestContext.getProperties().put(ThrottleConstants.THROTTLE_OUT_REASON, ThrottleConstants.THROTTLE_OUT_REASON_RESOURCE_LIMIT_EXCEEDED);
            return true;
        }
        if (isSubscriptionLevelThrottled(getSubscriptionThrottleKey(applicationId, basePath, version), tier)) {
            if (authenticationContext.isStopOnQuotaReach()) {
                log.debug("Setting subscription throttle out response");
                FilterUtils.setThrottleErrorToContext(requestContext, ThrottleConstants.SUBSCRIPTION_THROTTLE_OUT_ERROR_CODE, ThrottleConstants.THROTTLE_OUT_MESSAGE, ThrottleConstants.THROTTLE_OUT_DESCRIPTION);
                requestContext.getProperties().put(ThrottleConstants.THROTTLE_OUT_REASON, ThrottleConstants.THROTTLE_OUT_REASON_SUBSCRIPTION_LIMIT_EXCEEDED);
                return true;
            }
            log.debug("Proceeding since stopOnQuotaReach is false");
        }
        if (!isAppLevelThrottled(applicationId + ":" + authenticationContext.getUsername(), applicationTier)) {
            return false;
        }
        log.debug("Setting application throttle out response");
        FilterUtils.setThrottleErrorToContext(requestContext, ThrottleConstants.APPLICATION_THROTTLE_OUT_ERROR_CODE, ThrottleConstants.THROTTLE_OUT_MESSAGE, ThrottleConstants.THROTTLE_OUT_DESCRIPTION);
        requestContext.getProperties().put(ThrottleConstants.THROTTLE_OUT_REASON, ThrottleConstants.THROTTLE_OUT_REASON_APPLICATION_LIMIT_EXCEEDED);
        return true;
    }

    private boolean isSubscriptionLevelThrottled(String str, String str2) {
        boolean isThrottled = this.dataHolder.isThrottled(str);
        log.debug("Subscription Level throttle decision is {} for key:tier {}:{}", Boolean.valueOf(isThrottled), str, str2);
        return isThrottled;
    }

    private boolean isAppLevelThrottled(String str, String str2) {
        boolean isThrottled = this.dataHolder.isThrottled(str);
        log.debug("Application Level throttle decision is {} for key:tier {}:{}", Boolean.valueOf(isThrottled), str, str2);
        return isThrottled;
    }

    private boolean isAPILevelThrottled(String str, String str2) {
        log.debug("Checking if request is throttled at API level for tier: {}", str2);
        if (ThrottleConstants.UNLIMITED_TIER.equals(str2) || !this.isGlobalThrottlingEnabled) {
            return false;
        }
        boolean isThrottled = this.dataHolder.isThrottled(str + "_default");
        log.debug("API Level throttle decision: {}", Boolean.valueOf(isThrottled));
        return isThrottled;
    }

    private boolean isResourceLevelThrottled(String str, String str2) {
        log.debug("Checking if request is throttled at resource level for tier: " + str2);
        if (ThrottleConstants.UNLIMITED_TIER.equals(str2) || !this.isGlobalThrottlingEnabled) {
            return false;
        }
        boolean isThrottled = this.dataHolder.isThrottled(str + "_default");
        log.debug("Resource Level throttle decision: {}", Boolean.valueOf(isThrottled));
        return isThrottled;
    }

    private Map<String, String> getThrottleEventMap(RequestContext requestContext) {
        String resourceTier;
        String resourceThrottleKey;
        AuthenticationContext authenticationContext = requestContext.getAuthenticationContext();
        HashMap hashMap = new HashMap();
        String basePath = requestContext.getMathedAPI().getAPIConfig().getBasePath();
        String version = requestContext.getMathedAPI().getAPIConfig().getVersion();
        String str = basePath + ":" + version;
        String name = requestContext.getMathedAPI().getAPIConfig().getName();
        String tenantDomainFromRequestURL = FilterUtils.getTenantDomainFromRequestURL(str);
        if (tenantDomainFromRequestURL == null) {
            tenantDomainFromRequestURL = "carbon.super";
        }
        if (ThrottleConstants.UNLIMITED_TIER.equals(authenticationContext.getApiTier()) || authenticationContext.getApiTier() == null || authenticationContext.getApiTier().isBlank()) {
            resourceTier = getResourceTier(requestContext.getMatchedResourcePath());
            resourceThrottleKey = getResourceThrottleKey(requestContext, str, version);
        } else {
            resourceTier = authenticationContext.getApiTier();
            resourceThrottleKey = str;
        }
        hashMap.put(ThrottleEventConstants.MESSAGE_ID, requestContext.getRequestID());
        hashMap.put(ThrottleEventConstants.APP_KEY, authenticationContext.getApplicationId() + ":" + authenticationContext.getUsername());
        hashMap.put(ThrottleEventConstants.APP_TIER, authenticationContext.getApplicationTier());
        hashMap.put(ThrottleEventConstants.API_KEY, str);
        hashMap.put(ThrottleEventConstants.API_TIER, authenticationContext.getApiTier());
        hashMap.put(ThrottleEventConstants.SUBSCRIPTION_KEY, authenticationContext.getApplicationId() + ":" + str);
        hashMap.put("subscriptionTier", authenticationContext.getTier());
        hashMap.put(ThrottleEventConstants.RESOURCE_KEY, resourceThrottleKey);
        hashMap.put(ThrottleEventConstants.RESOURCE_TIER, resourceTier);
        hashMap.put(ThrottleEventConstants.USER_ID, authenticationContext.getUsername());
        hashMap.put("apiContext", basePath);
        hashMap.put("apiVersion", version);
        hashMap.put(ThrottleEventConstants.APP_TENANT, authenticationContext.getSubscriberTenantDomain());
        hashMap.put(ThrottleEventConstants.API_TENANT, tenantDomainFromRequestURL);
        hashMap.put(ThrottleEventConstants.APP_ID, authenticationContext.getApplicationId());
        hashMap.put("apiName", name);
        hashMap.put(ThrottleEventConstants.PROPERTIES, getProperties(requestContext).toString());
        return hashMap;
    }

    private String getResourceThrottleKey(RequestContext requestContext, String str, String str2) {
        String str3 = str;
        if (!str2.isBlank()) {
            str3 = str3 + "/" + str2;
        }
        return str3 + requestContext.getMatchedResourcePath().getPath() + ":" + requestContext.getRequestMethod();
    }

    private String getApiThrottleKey(String str, String str2) {
        String str3 = str;
        if (!str2.isBlank()) {
            str3 = str3 + ":" + str2;
        }
        return str3;
    }

    private String getSubscriptionThrottleKey(String str, String str2, String str3) {
        String str4 = str + ":" + str2;
        if (!str3.isBlank()) {
            str4 = str4 + ":" + str3;
        }
        return str4;
    }

    private String getResourceTier(ResourceConfig resourceConfig) {
        return !resourceConfig.getTier().isBlank() ? resourceConfig.getTier() : ThrottleConstants.UNLIMITED_TIER;
    }

    private JSONObject getProperties(RequestContext requestContext) {
        String address = requestContext.getAddress();
        JSONObject jSONObject = new JSONObject();
        if (address != null && address.length() > 0) {
            try {
                InetAddress byName = InetAddress.getByName(address);
                if (byName instanceof Inet4Address) {
                    jSONObject.put(ThrottleConstants.IP, FilterUtils.ipToLong(address));
                    jSONObject.put(ThrottleConstants.IPV6, 0);
                } else if (byName instanceof Inet6Address) {
                    jSONObject.put(ThrottleConstants.IPV6, FilterUtils.ipToBigInteger(address));
                    jSONObject.put(ThrottleConstants.IP, 0);
                }
            } catch (UnknownHostException e) {
                log.error("Error while parsing host IP {}", address, e);
                jSONObject.put(ThrottleConstants.IPV6, 0);
                jSONObject.put(ThrottleConstants.IP, 0);
            }
        }
        return jSONObject;
    }
}
