package org.apache.shiro.biz.web.filter;

import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.google.common.util.concurrent.RateLimiter;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.biz.authc.AuthcResponse;
import org.apache.shiro.biz.utils.WebUtils;
import org.apache.shiro.biz.web.servlet.http.HttpStatus;
import org.apache.shiro.web.filter.AccessControlFilter;

/* loaded from: input_file:org/apache/shiro/biz/web/filter/HttpServletRequestLimitFilter.class */
public class HttpServletRequestLimitFilter extends AccessControlFilter {
    protected RateLimiter rateLimiter;
    protected boolean requestWaitCompleted = false;
    protected double permitsPerSecond = 500.0d;

    protected void onFilterConfigSet() throws Exception {
        super.onFilterConfigSet();
        if (this.rateLimiter != null) {
            this.rateLimiter = RateLimiter.create(this.permitsPerSecond);
        }
    }

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        return true;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return true;
    }

    public void doFilterInternal(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (isRequestWaitCompleted()) {
            this.rateLimiter.acquire();
            super.doFilterInternal(servletRequest, servletResponse, filterChain);
        } else {
            if (this.rateLimiter.tryAcquire()) {
                super.doFilterInternal(servletRequest, servletResponse, filterChain);
                return;
            }
            String format = String.format("Request Forbidden! Requests per second exceeds %s limit.", Double.valueOf(this.permitsPerSecond));
            if (!WebUtils.isAjaxResponse(servletRequest)) {
                WebUtils.toHttp(servletResponse).sendError(HttpStatus.SC_FORBIDDEN, format);
                return;
            }
            WebUtils.toHttp(servletResponse).setStatus(HttpStatus.SC_FORBIDDEN);
            servletResponse.setContentType("application/json;charset=UTF-8");
            JSONObject.writeJSONString(servletResponse.getWriter(), AuthcResponse.error(format), new SerializerFeature[0]);
        }
    }

    public RateLimiter getRateLimiter() {
        return this.rateLimiter;
    }

    public void setRateLimiter(RateLimiter rateLimiter) {
        this.rateLimiter = rateLimiter;
    }

    public boolean isRequestWaitCompleted() {
        return this.requestWaitCompleted;
    }

    public void setRequestWaitCompleted(boolean z) {
        this.requestWaitCompleted = z;
    }

    public double getPermitsPerSecond() {
        return this.permitsPerSecond;
    }

    public void setPermitsPerSecond(double d) {
        this.permitsPerSecond = d;
    }
}
