|
| 1 | +[[ratelimiter-filter]] |
| 2 | += RateLimiter Filter |
| 3 | + |
| 4 | +The RateLimiter Filter use https://bucket4j.com/[Bucket4j] to determine if the current request is allowed to proceed. If it is not, a status of `HTTP 429 - Too Many Requests` (by default) is returned. |
| 5 | + |
| 6 | +Please review https://bucket4j.com/8.7.0/toc.html#concepts[Bucket4j Concepts] prior to reading this documentation. |
| 7 | + |
| 8 | +The algorithm used by Bucket4j is the https://en.wikipedia.org/wiki/Token_bucket[Token Bucket Algorithm]. |
| 9 | + |
| 10 | +The filter takes a `keyResolver` parameter and other Bucket4j configuration parameters. The key resolver is a `java.util.Function<ServerRequest, String>`. This allows the user to extract any information out of the request to use as a key in the configured https://github.com/bucket4j/bucket4j#bucket4j-distributed-features[Bucket4j distribution] mechanism. A common key would be the `Principal` retrieved from the `ServerRequest`. |
| 11 | + |
| 12 | +By default, if the key resolver does not find a key, requests are denied with the `FORBIDDEN` status. |
| 13 | + |
| 14 | +NOTE: Currently, the only way to configure key resolvers is through the Java DSL and not through external properties. |
| 15 | + |
| 16 | +== Bucket4j Distributed Configuration |
| 17 | + |
| 18 | +A bean of type `io.github.bucket4j.distributed.proxy.AsyncProxyManager`. To do this, use the `ProxyManager.asAsync()` method. |
| 19 | + |
| 20 | +.RateLimiterConfiguration.java |
| 21 | +[source,java] |
| 22 | +---- |
| 23 | +import com.github.benmanes.caffeine.cache.Caffeine; |
| 24 | +import io.github.bucket4j.caffeine.CaffeineProxyManager; |
| 25 | +
|
| 26 | +@Configuration |
| 27 | +class RateLimiterConfiguration { |
| 28 | +
|
| 29 | + @Bean |
| 30 | + public AsyncProxyManager<String> caffeineProxyManager() { |
| 31 | + Caffeine<String, RemoteBucketState> builder = (Caffeine) Caffeine.newBuilder().maximumSize(100); |
| 32 | + return new CaffeineProxyManager<>(builder, Duration.ofMinutes(1)).asAsync(); |
| 33 | + } |
| 34 | +} |
| 35 | +---- |
| 36 | + |
| 37 | +The above configures an `AsyncProxyManager` using `Caffeine`, a local in-memory cache, useful for testing. |
| 38 | + |
| 39 | +== Configuring Buckets |
| 40 | + |
| 41 | +By default, the Bucket is configured using a configured `capacity` and `period`. Capacity is how many tokens the bucket has. The period is a `java.util.Duration` that defines how long for the tokens available in the bucket to be regenerated. |
| 42 | + |
| 43 | +Other configuration items are the `statusCode` returned when the request is denied. By default it is 429, TO_MANY_REQUESTS. The `tokens` item defines how many tokens are used for each request and defaults to 1. The `headerName` item is the name of the header that contains the number of remaining tokens, this defaults to `X-RateLimit-Remaining`. The `timeout` option defines a `Duration` for the distributed bucket to return an answer and is not set by default. |
| 44 | + |
| 45 | +The following is an example of configuring a route with rate limiting: |
| 46 | + |
| 47 | +.RouteConfiguration.java |
| 48 | +[source,java] |
| 49 | +---- |
| 50 | +import static org.springframework.cloud.gateway.server.mvc.filter.Bucket4jFilterFunctions.rateLimit; |
| 51 | +import static org.springframework.cloud.gateway.server.mvc.handler.GatewayRouterFunctions.route; |
| 52 | +import static org.springframework.cloud.gateway.server.mvc.handler.HandlerFunctions.http; |
| 53 | +
|
| 54 | +@Configuration |
| 55 | +class RouteConfiguration { |
| 56 | +
|
| 57 | + @Bean |
| 58 | + public RouterFunction<ServerResponse> gatewayRouterFunctionsRateLimited() { |
| 59 | + return route("rate_limited_route") |
| 60 | + .GET("/api/**", http("https://example.org")) |
| 61 | + .filter(rateLimit(c -> c.setCapacity(100) |
| 62 | + .setPeriod(Duration.ofMinutes(1)) |
| 63 | + .setKeyResolver(request -> request.servletRequest().getUserPrincipal().getName()))) |
| 64 | + .build(); |
| 65 | + } |
| 66 | +} |
| 67 | +---- |
| 68 | + |
| 69 | +This configures the rate limiting with a bucket capacity of 100 tokens per minute. The key resolver gets the principle name from the Servlet request. |
0 commit comments