| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
 | /*
 This file is part of GNU Taler
 (C) 2019 GNUnet e.V.
 GNU Taler is free software; you can redistribute it and/or modify it under the
 terms of the GNU General Public License as published by the Free Software
 Foundation; either version 3, or (at your option) any later version.
 TALER is distributed in the hope that it will be useful, but WITHOUT ANY
 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 You should have received a copy of the GNU General Public License along with
 GNU Taler; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
 */
/**
 * Implementation of token bucket throttling.
 */
/**
 * Imports.
 */
import { getTimestampNow, timestampDifference } from "../util/time";
/**
 * Maximum request per second, per origin.
 */
const MAX_PER_SECOND = 50;
/**
 * Maximum request per minute, per origin.
 */
const MAX_PER_MINUTE = 100;
/**
 * Maximum request per hour, per origin.
 */
const MAX_PER_HOUR = 1000;
/**
 * Throttling state for one origin.
 */
class OriginState {
  private tokensSecond: number = MAX_PER_SECOND;
  private tokensMinute: number = MAX_PER_MINUTE;
  private tokensHour: number = MAX_PER_HOUR;
  private lastUpdate = getTimestampNow();
  private refill(): void {
    const now = getTimestampNow();
    const d = timestampDifference(now, this.lastUpdate);
    if (d.d_ms === "forever") {
      throw Error("assertion failed");
    }
    const d_s = d.d_ms / 1000;
    this.tokensSecond = Math.min(
      MAX_PER_SECOND,
      this.tokensSecond + d_s / 1000,
    );
    this.tokensMinute = Math.min(
      MAX_PER_MINUTE,
      this.tokensMinute + (d_s / 1000) * 60,
    );
    this.tokensHour = Math.min(
      MAX_PER_HOUR,
      this.tokensHour + (d_s / 1000) * 60 * 60,
    );
    this.lastUpdate = now;
  }
  /**
   * Return true if the request for this origin should be throttled.
   * Otherwise, take a token out of the respective buckets.
   */
  applyThrottle(): boolean {
    this.refill();
    if (this.tokensSecond < 1) {
      console.log("request throttled (per second limit exceeded)");
      return true;
    }
    if (this.tokensMinute < 1) {
      console.log("request throttled (per minute limit exceeded)");
      return true;
    }
    if (this.tokensHour < 1) {
      console.log("request throttled (per hour limit exceeded)");
      return true;
    }
    this.tokensSecond--;
    this.tokensMinute--;
    this.tokensHour--;
    return false;
  }
}
/**
 * Request throttler, used as a "last layer of defense" when some
 * other part of the re-try logic is broken and we're sending too
 * many requests to the same exchange/bank/merchant.
 */
export class RequestThrottler {
  private perOriginInfo: { [origin: string]: OriginState } = {};
  /**
   * Get the throttling state for an origin, or
   * initialize if no state is associated with the
   * origin yet.
   */
  private getState(origin: string): OriginState {
    const s = this.perOriginInfo[origin];
    if (s) {
      return s;
    }
    const ns = (this.perOriginInfo[origin] = new OriginState());
    return ns;
  }
  /**
   * Apply throttling to a request.
   *
   * @returns whether the request should be throttled.
   */
  applyThrottle(requestUrl: string): boolean {
    const origin = new URL(requestUrl).origin;
    return this.getState(origin).applyThrottle();
  }
}
 |