package org.wso2.carbon.apimgt.gateway.extension;

import java.util.Iterator;
import java.util.Map;
import org.osgi.service.component.annotations.Component;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.apimgt.gateway.throttling.ThrottleConditionEvaluator;
import org.wso2.carbon.apimgt.gateway.throttling.ThrottleDataHolder;
import org.wso2.carbon.apimgt.gateway.throttling.constants.APIConstants;
import org.wso2.carbon.apimgt.gateway.throttling.constants.APIThrottleConstants;
import org.wso2.carbon.apimgt.gateway.throttling.dto.AuthenticationContextDTO;
import org.wso2.carbon.apimgt.gateway.throttling.dto.ConditionGroupDTO;
import org.wso2.carbon.apimgt.gateway.throttling.dto.VerbInfoDTO;
import org.wso2.carbon.apimgt.gateway.throttling.temp.ThrottleDataPublisher;
import org.wso2.carbon.apimgt.gateway.throttling.utils.StringUtils;
import org.wso2.carbon.messaging.CarbonCallback;
import org.wso2.carbon.messaging.CarbonMessage;
import org.wso2.carbon.messaging.handler.MessagingHandler;
import org.wso2.securevault.SecurityConstants;

@Component(name = "org.wso2.carbon.apimgt.gateway.extension.ThrottleHandler", immediate = true, service = {MessagingHandler.class})
/* loaded from: input_file:plugins/org.wso2.carbon.apimgt.gateway.extension-7.0.16.jar:org/wso2/carbon/apimgt/gateway/extension/ThrottleHandler.class */
public class ThrottleHandler implements MessagingHandler {
    private static final Logger log = LoggerFactory.getLogger(ThrottleHandler.class);
    private static volatile ThrottleDataPublisher throttleDataPublisher = null;
    private String policyKeyApplication = null;
    private String policyKeyResource = null;
    private String policyKey = null;
    private String id;

    public ThrottleHandler() {
        if (log.isDebugEnabled()) {
            log.debug("Throttle Handler initialized");
        }
        initDataPublisher();
    }

    public boolean validateRequestContinuation(CarbonMessage carbonMessage, CarbonCallback carbonCallback) {
        log.info("Message is inside validateRequestContinuation ");
        return true;
    }

    public void invokeAtSourceConnectionInitiation(String str) {
    }

    public void invokeAtSourceConnectionTermination(String str) {
    }

    public void invokeAtSourceRequestReceiving(CarbonMessage carbonMessage) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            doThrottle(carbonMessage);
            carbonMessage.setProperty(APIThrottleConstants.THROTTLING_LATENCY, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        } catch (Throwable th) {
            carbonMessage.setProperty(APIThrottleConstants.THROTTLING_LATENCY, Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            throw th;
        }
    }

    public void invokeAtSourceRequestSending(CarbonMessage carbonMessage) {
    }

    public void invokeAtTargetRequestReceiving(CarbonMessage carbonMessage) {
    }

    public void invokeAtTargetRequestSending(CarbonMessage carbonMessage) {
    }

    public void invokeAtTargetResponseReceiving(CarbonMessage carbonMessage) {
    }

    public void invokeAtTargetResponseSending(CarbonMessage carbonMessage) {
    }

    public void invokeAtSourceResponseReceiving(CarbonMessage carbonMessage) {
    }

    public void invokeAtSourceResponseSending(CarbonMessage carbonMessage) {
    }

    public void invokeAtTargetConnectionInitiation(String str) {
    }

    public void invokeAtTargetConnectionTermination(String str) {
        log.info("Connection terminated :" + str);
    }

    public String handlerName() {
        return "ThrottleHandler";
    }

    private boolean doRoleBasedAccessThrottlingWithCEP(CarbonMessage carbonMessage, AuthenticationContextDTO authenticationContextDTO) {
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        boolean z6 = false;
        String str = (String) carbonMessage.getProperty(APIThrottleConstants.REST_API_CONTEXT);
        String str2 = (String) carbonMessage.getProperty("REST_API_VERSION");
        String str3 = str != null ? str : "";
        String str4 = str2 != null ? str2 : "";
        String applicationId = authenticationContextDTO.getApplicationId();
        String username = authenticationContextDTO.getUsername();
        if (ThrottleDataHolder.getInstance().isBlockingConditionsPresent()) {
            String str5 = "carbon.super" + SecurityConstants.NS_SEPARATOR + getClientIp(carbonMessage);
            String str6 = authenticationContextDTO.getSubscriber() + SecurityConstants.NS_SEPARATOR + authenticationContextDTO.getApplicationName();
            if (ThrottleDataHolder.getInstance().isRequestBlocked(str3, str6, username, str5)) {
                String str7 = "Request blocked as it violates defined blocking conditions, for API: " + str3 + " ,application:" + str6 + " ,user:" + username;
                if (log.isDebugEnabled()) {
                    log.debug(str7);
                }
                carbonMessage.setProperty("BLOCKED_REASON", str7);
                carbonMessage.setProperty("THROTTLED_OUT_REASON", APIThrottleConstants.REQUEST_BLOCKED);
                z = true;
            } else {
                String subscriberTenantDomain = authenticationContextDTO.getSubscriberTenantDomain();
                String str8 = applicationId + SecurityConstants.NS_SEPARATOR + username;
                String str9 = str3 + SecurityConstants.NS_SEPARATOR + str4;
                boolean isStopOnQuotaReach = authenticationContextDTO.isStopOnQuotaReach();
                VerbInfoDTO verbInfoDTO = (VerbInfoDTO) carbonMessage.getProperty("VERB_INFO");
                if (verbInfoDTO == null) {
                    log.warn("Error while getting throttling information for resource and http verb");
                    return false;
                }
                String applicationTier = authenticationContextDTO.getApplicationTier();
                String tier = authenticationContextDTO.getTier();
                String requestKey = verbInfoDTO.getRequestKey();
                String apiTier = authenticationContextDTO.getApiTier();
                String throttling = verbInfoDTO.getThrottling();
                if (!StringUtils.isEmpty(apiTier) && !"Unlimited".equalsIgnoreCase(apiTier)) {
                    requestKey = str9;
                    z5 = true;
                }
                if (!"Unlimited".equalsIgnoreCase(verbInfoDTO.getThrottling()) || z5) {
                    if ("userLevel".equalsIgnoreCase(verbInfoDTO.getApplicableLevel())) {
                        requestKey = requestKey + "_" + username;
                        z6 = true;
                    }
                    ConditionGroupDTO[] conditionGroups = verbInfoDTO.getConditionGroups();
                    if (conditionGroups.length <= 0) {
                        log.warn("Unable to find throttling information for resource and http verb. Throttling will not apply");
                    } else if (ThrottleDataHolder.getInstance().isAPIThrottled(requestKey)) {
                        if (log.isDebugEnabled()) {
                            log.debug("Evaluating Conditional Groups");
                        }
                        Iterator<ConditionGroupDTO> it = ThrottleConditionEvaluator.getInstance().getApplicableConditions(carbonMessage, authenticationContextDTO, conditionGroups).iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            String str10 = requestKey + it.next().getConditionGroupId();
                            if (log.isDebugEnabled()) {
                                log.debug("Checking condition : " + str10);
                            }
                            if (ThrottleDataHolder.getInstance().isThrottled(str10)) {
                                if (z5) {
                                    z = true;
                                    z4 = true;
                                } else {
                                    z = true;
                                    z2 = true;
                                }
                                carbonMessage.setProperty(APIThrottleConstants.THROTTLED_NEXT_ACCESS_TIMESTAMP, Long.valueOf(ThrottleDataHolder.getInstance().getThrottleNextAccessTimestamp(str10)));
                            }
                        }
                    }
                } else if (log.isDebugEnabled()) {
                    log.debug("Resource level throttling set as unlimited and request will pass resource level");
                }
                if (z4) {
                    if (log.isDebugEnabled()) {
                        log.debug("Request throttled at api level for throttle key" + str9);
                        if (z6) {
                            log.debug("Request has throttled out in the user level for the throttle key" + str9);
                        }
                    }
                    carbonMessage.setProperty("THROTTLED_OUT_REASON", "API_LIMIT_EXCEEDED");
                } else if (z2) {
                    if (log.isDebugEnabled()) {
                        log.debug("Request throttled at resource level for throttle key" + verbInfoDTO.getRequestKey());
                    }
                    carbonMessage.setProperty("THROTTLED_OUT_REASON", "RESOURCE_LIMIT_EXCEEDED");
                } else {
                    String str11 = authenticationContextDTO.getApplicationId() + SecurityConstants.NS_SEPARATOR + str3 + SecurityConstants.NS_SEPARATOR + str4;
                    boolean isThrottled = ThrottleDataHolder.getInstance().isThrottled(str11);
                    if (!isThrottled && authenticationContextDTO.getSpikeArrestLimit() > 0) {
                        z3 = isSubscriptionLevelSpike(carbonMessage, str11);
                    }
                    if (isThrottled || z3) {
                        if (isStopOnQuotaReach) {
                            if (log.isDebugEnabled()) {
                                log.debug("Request throttled at subscription level for throttle key" + str11);
                            }
                            if (!z3) {
                                carbonMessage.setProperty(APIThrottleConstants.THROTTLED_NEXT_ACCESS_TIMESTAMP, Long.valueOf(ThrottleDataHolder.getInstance().getThrottleNextAccessTimestamp(str11)));
                                carbonMessage.setProperty("THROTTLED_OUT_REASON", "API_LIMIT_EXCEEDED");
                                carbonMessage.setProperty("THROTTLED_OUT_REASON", "SUBSCRIPTION_LIMIT_EXCEEDED");
                            }
                            z = true;
                        } else {
                            if (carbonMessage.getProperty("isThrottleOutIgnored") == null) {
                                carbonMessage.setProperty("isThrottleOutIgnored", Boolean.TRUE);
                            }
                            z = false;
                            if (log.isDebugEnabled()) {
                                log.debug("Request throttled at subscription level for throttle key" + str11 + ". But subscription policy " + tier + " allows to continue to serve requests");
                            }
                        }
                    } else if (ThrottleDataHolder.getInstance().isThrottled(str8)) {
                        if (log.isDebugEnabled()) {
                            log.debug("Request throttled at application level for throttle key" + str8);
                        }
                        carbonMessage.setProperty("THROTTLED_OUT_REASON", "APPLICATION_LIMIT_EXCEEDED");
                        carbonMessage.setProperty(APIThrottleConstants.THROTTLED_NEXT_ACCESS_TIMESTAMP, Long.valueOf(ThrottleDataHolder.getInstance().getThrottleNextAccessTimestamp(str8)));
                        z = true;
                    } else if (ThrottleDataHolder.getInstance().isKeyTemplatesPresent() && validateCustomPolicy(username, requestKey, str3, str4, subscriberTenantDomain, "carbon.super", applicationId, ThrottleDataHolder.getInstance().getKeyTemplateMap(), carbonMessage)) {
                        if (log.isDebugEnabled()) {
                            log.debug("Request throttled at custom throttling");
                        }
                        carbonMessage.setProperty("THROTTLED_OUT_REASON", APIThrottleConstants.CUSTOM_POLICY_LIMIT_EXCEED);
                        z = true;
                    } else if (isHardLimitThrottled(carbonMessage, authenticationContextDTO, str3, str4)) {
                        z = true;
                    } else {
                        throttleDataPublisher.publishNonThrottledEvent(str8, applicationTier, str9, apiTier, str11, tier, requestKey, throttling, username, str3, str4, subscriberTenantDomain, "carbon.super", applicationId, carbonMessage, authenticationContextDTO);
                    }
                }
            }
        }
        return z;
    }

    private boolean isHardLimitThrottled(CarbonMessage carbonMessage, AuthenticationContextDTO authenticationContextDTO, String str, String str2) {
        return false;
    }

    public boolean handleResponse(CarbonMessage carbonMessage) {
        return true;
    }

    private boolean doThrottle(CarbonMessage carbonMessage) {
        if (!doRoleBasedAccessThrottlingWithCEP(carbonMessage, AuthenticationContextDTO.getInstance())) {
            return true;
        }
        handleThrottleOut(carbonMessage);
        return false;
    }

    public void setId(String str) {
        this.id = str;
    }

    public String getId() {
        return this.id;
    }

    public void setPolicyKey(String str) {
        this.policyKey = str;
    }

    public String gePolicyKey() {
        return this.policyKey;
    }

    public void setPolicyKeyApplication(String str) {
        this.policyKeyApplication = str;
    }

    public String gePolicyKeyApplication() {
        return this.policyKeyApplication;
    }

    public void setPolicyKeyResource(String str) {
        this.policyKeyResource = str;
    }

    public String gePolicyKeyResource() {
        return this.policyKeyResource;
    }

    private String getClientIp(CarbonMessage carbonMessage) {
        return "10.100.5.192";
    }

    public boolean isSubscriptionLevelSpike(CarbonMessage carbonMessage, String str) {
        return false;
    }

    public boolean validateCustomPolicy(String str, String str2, String str3, String str4, String str5, String str6, String str7, Map<String, String> map, CarbonMessage carbonMessage) {
        if (map == null || map.size() <= 0) {
            return false;
        }
        Iterator<String> it = map.keySet().iterator();
        while (it.hasNext()) {
            String replaceAll = it.next().replaceAll("\\$resourceKey", str2).replaceAll("\\$userId", str).replaceAll("\\$apiContext", str3).replaceAll("\\$apiVersion", str4).replaceAll("\\$appTenant", str5).replaceAll("\\$apiTenant", str6).replaceAll("\\$appId", str7);
            if (ThrottleDataHolder.getInstance().isThrottled(replaceAll)) {
                carbonMessage.setProperty(APIThrottleConstants.THROTTLED_NEXT_ACCESS_TIMESTAMP, Long.valueOf(ThrottleDataHolder.getInstance().getThrottleNextAccessTimestamp(replaceAll)));
                return true;
            }
        }
        return false;
    }

    private static synchronized void initDataPublisher() {
        if (throttleDataPublisher == null) {
            throttleDataPublisher = new ThrottleDataPublisher();
        }
    }

    private void handleThrottleOut(CarbonMessage carbonMessage) {
        int i;
        Object obj;
        int i2;
        String str;
        if ("HARD_LIMIT_EXCEEDED".equals(carbonMessage.getProperty("THROTTLED_OUT_REASON"))) {
            i = 900801;
            obj = "API Limit Reached";
            str = "API not accepting requests";
            i2 = 503;
        } else if (APIThrottleConstants.REQUEST_BLOCKED.equals(carbonMessage.getProperty("THROTTLED_OUT_REASON"))) {
            i = 900805;
            obj = "Message blocked";
            i2 = 403;
            str = "You have been blocked from accessing the resource";
        } else if ("API_LIMIT_EXCEEDED".equals(carbonMessage.getProperty("THROTTLED_OUT_REASON"))) {
            i = 900800;
            obj = "Message throttled out";
            i2 = 429;
            str = "You have exceeded your quota";
        } else if ("RESOURCE_LIMIT_EXCEEDED".equals(carbonMessage.getProperty("THROTTLED_OUT_REASON"))) {
            i = 900802;
            obj = "Message throttled out";
            i2 = 429;
            str = "You have exceeded your quota";
        } else if (APIThrottleConstants.CUSTOM_POLICY_LIMIT_EXCEED.equals(carbonMessage.getProperty("THROTTLED_OUT_REASON"))) {
            i = 900806;
            obj = "Message throttled out";
            i2 = 429;
            str = "You have exceeded your quota";
        } else if ("SUBSCRIPTION_LIMIT_EXCEEDED".equals(carbonMessage.getProperty("THROTTLED_OUT_REASON"))) {
            i = 900804;
            obj = "Message throttled out";
            i2 = 429;
            str = "You have exceeded your quota";
        } else if (APIThrottleConstants.SUBSCRIPTON_BURST_LIMIT_EXCEEDED.equals(carbonMessage.getProperty("THROTTLED_OUT_REASON"))) {
            i = 900807;
            obj = "Message throttled out";
            i2 = 429;
            str = "You have exceeded your quota";
        } else {
            i = 900803;
            obj = "Message throttled out";
            i2 = 429;
            str = "You have exceeded your quota";
        }
        carbonMessage.setProperty("ERROR_CODE", Integer.valueOf(i));
        carbonMessage.setProperty("ERROR_MESSAGE", obj);
        carbonMessage.setProperty("THROTTLE_OUT_MESSAGE", i2 + str + "");
    }

    public String getFaultPayload(int i, String str, String str2, String str3) {
        return str + APIConstants.CONSUMER_KEY_SEGMENT_DELIMITER + str2 + "Error Code" + i + str3;
    }
}
