package org.cloudfoundry.multiapps.controller.web.interceptors;

import io.github.resilience4j.ratelimiter.internal.AtomicRateLimiter;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.time.OffsetDateTime;
import java.time.ZoneOffset;
import org.cloudfoundry.multiapps.controller.web.Constants;
import org.cloudfoundry.multiapps.controller.web.util.RateLimiterProvider;
import org.springframework.http.HttpStatus;

@Named
/* loaded from: input_file:org/cloudfoundry/multiapps/controller/web/interceptors/RateLimitingInterceptor.class */
public class RateLimitingInterceptor implements CustomHandlerInterceptor {
    private final RateLimiterProvider rateLimiterProvider;

    @Inject
    public RateLimitingInterceptor(RateLimiterProvider rateLimiterProvider) {
        this.rateLimiterProvider = rateLimiterProvider;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!shouldRateLimit(httpServletRequest)) {
            return true;
        }
        AtomicRateLimiter rateLimiter = this.rateLimiterProvider.getRateLimiter(httpServletRequest.getRemoteAddr());
        boolean acquirePermission = rateLimiter.acquirePermission();
        AtomicRateLimiter.AtomicRateLimiterMetrics detailedMetrics = rateLimiter.getDetailedMetrics();
        httpServletResponse.setHeader(Constants.RATE_LIMIT, Integer.toString(rateLimiter.getRateLimiterConfig().getLimitForPeriod()));
        httpServletResponse.setHeader(Constants.RATE_LIMIT_REMAINING, Integer.toString(detailedMetrics.getAvailablePermissions()));
        if (acquirePermission) {
            return true;
        }
        httpServletResponse.setHeader(Constants.RATE_LIMIT_RESET, Long.toString(getUtcTimeForNextReset(detailedMetrics.getNanosToWait())));
        httpServletResponse.sendError(HttpStatus.TOO_MANY_REQUESTS.value(), HttpStatus.TOO_MANY_REQUESTS.getReasonPhrase());
        return false;
    }

    private static boolean shouldRateLimit(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader("Authorization") == null;
    }

    private static long getUtcTimeForNextReset(long j) {
        return OffsetDateTime.now(ZoneOffset.UTC).plusNanos(j).toEpochSecond();
    }
}
