| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
 | /*
 This file is part of GNU Taler
 (C) 2019 GNUnet e.V.
 GNU Taler is free software; you can redistribute it and/or modify it under the
 terms of the GNU General Public License as published by the Free Software
 Foundation; either version 3, or (at your option) any later version.
 TALER is distributed in the hope that it will be useful, but WITHOUT ANY
 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 You should have received a copy of the GNU General Public License along with
 GNU Taler; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
 */
/**
 * Implementation of token bucket throttling.
 */
/**
 * Imports.
 */
import {
  getTimestampNow,
  Timestamp,
  timestampSubtractDuraction,
  timestampDifference,
} from "../util/time";
/**
 * Maximum request per second, per origin.
 */
const MAX_PER_SECOND = 50;
/**
 * Maximum request per minute, per origin.
 */
const MAX_PER_MINUTE = 100;
/**
 * Maximum request per hour, per origin.
 */
const MAX_PER_HOUR = 1000;
/**
 * Throttling state for one origin.
 */
class OriginState {
  private tokensSecond: number = MAX_PER_SECOND;
  private tokensMinute: number = MAX_PER_MINUTE;
  private tokensHour: number = MAX_PER_HOUR;
  private lastUpdate = getTimestampNow();
  private refill(): void {
    const now = getTimestampNow();
    const d = timestampDifference(now, this.lastUpdate);
    if (d.d_ms === "forever") {
      throw Error("assertion failed");
    }
    const d_s = d.d_ms / 1000;
    this.tokensSecond = Math.min(
      MAX_PER_SECOND,
      this.tokensSecond + d_s / 1000,
    );
    this.tokensMinute = Math.min(
      MAX_PER_MINUTE,
      this.tokensMinute + (d_s / 1000) * 60,
    );
    this.tokensHour = Math.min(
      MAX_PER_HOUR,
      this.tokensHour + (d_s / 1000) * 60 * 60,
    );
    this.lastUpdate = now;
  }
  /**
   * Return true if the request for this origin should be throttled.
   * Otherwise, take a token out of the respective buckets.
   */
  applyThrottle(): boolean {
    this.refill();
    if (this.tokensSecond < 1) {
      console.log("request throttled (per second limit exceeded)");
      return true;
    }
    if (this.tokensMinute < 1) {
      console.log("request throttled (per minute limit exceeded)");
      return true;
    }
    if (this.tokensHour < 1) {
      console.log("request throttled (per hour limit exceeded)");
      return true;
    }
    this.tokensSecond--;
    this.tokensMinute--;
    this.tokensHour--;
    return false;
  }
}
/**
 * Request throttler, used as a "last layer of defense" when some
 * other part of the re-try logic is broken and we're sending too
 * many requests to the same exchange/bank/merchant.
 */
export class RequestThrottler {
  private perOriginInfo: { [origin: string]: OriginState } = {};
  /**
   * Get the throttling state for an origin, or
   * initialize if no state is associated with the
   * origin yet.
   */
  private getState(origin: string): OriginState {
    const s = this.perOriginInfo[origin];
    if (s) {
      return s;
    }
    const ns = (this.perOriginInfo[origin] = new OriginState());
    return ns;
  }
  /**
   * Apply throttling to a request.
   *
   * @returns whether the request should be throttled.
   */
  applyThrottle(requestUrl: string): boolean {
    const origin = new URL(requestUrl).origin;
    return this.getState(origin).applyThrottle();
  }
}
 |