package org.thingsboard.server.config;

import java.io.IOException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.GenericFilterBean;
import org.thingsboard.server.common.data.EntityType;
import org.thingsboard.server.common.data.id.CustomerId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.common.msg.tools.TbRateLimits;
import org.thingsboard.server.common.msg.tools.TbRateLimitsException;
import org.thingsboard.server.exception.ThingsboardErrorResponseHandler;
import org.thingsboard.server.service.security.model.SecurityUser;

@Component
/* loaded from: input_file:org/thingsboard/server/config/RateLimitProcessingFilter.class */
public class RateLimitProcessingFilter extends GenericFilterBean {

    @Value("${server.rest.limits.tenant.enabled:false}")
    private boolean perTenantLimitsEnabled;

    @Value("${server.rest.limits.tenant.configuration:}")
    private String perTenantLimitsConfiguration;

    @Value("${server.rest.limits.customer.enabled:false}")
    private boolean perCustomerLimitsEnabled;

    @Value("${server.rest.limits.customer.configuration:}")
    private String perCustomerLimitsConfiguration;

    @Autowired
    private ThingsboardErrorResponseHandler errorResponseHandler;
    private ConcurrentMap<TenantId, TbRateLimits> perTenantLimits = new ConcurrentHashMap();
    private ConcurrentMap<CustomerId, TbRateLimits> perCustomerLimits = new ConcurrentHashMap();

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        SecurityUser currentUser = getCurrentUser();
        if (currentUser != null && !currentUser.isSystemAdmin()) {
            if (this.perTenantLimitsEnabled && !this.perTenantLimits.computeIfAbsent(currentUser.getTenantId(), tenantId -> {
                return new TbRateLimits(this.perTenantLimitsConfiguration);
            }).tryConsume()) {
                this.errorResponseHandler.handle(new TbRateLimitsException(EntityType.TENANT), (HttpServletResponse) servletResponse);
                return;
            } else if (this.perCustomerLimitsEnabled && currentUser.isCustomerUser() && !this.perCustomerLimits.computeIfAbsent(currentUser.getCustomerId(), customerId -> {
                return new TbRateLimits(this.perCustomerLimitsConfiguration);
            }).tryConsume()) {
                this.errorResponseHandler.handle(new TbRateLimitsException(EntityType.CUSTOMER), (HttpServletResponse) servletResponse);
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    protected SecurityUser getCurrentUser() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !(authentication.getPrincipal() instanceof SecurityUser)) {
            return null;
        }
        return (SecurityUser) authentication.getPrincipal();
    }
}
