GraphQL APIs getting rate limited early for App and Subscription level rate limits

[renuka-fernando]

Description

Application level and subscription level rate limit policies (for eg: 10 requests per min) is early rate limited for graphQL APIs.

Steps to Reproduce

1. Create a GraphQL API (Sample StarWars API in docs)
2. Deploy and publish
3. Subscribe to an App which has an app-level rate limit policy 10PerMin
4. Invoke the GraphQL API with a request which contains multiple operations. Eg:

   {
   human(id: 1000) {
   id
   name
   }
   droid(id: 2000) {
   name
   friends {
     name
     appearsIn
   }
   }
   }

5. Since there are two operations (human and droid) in the request, it is rate limited with 5 req per min.

Here it looks like APIM publishes events to TM for each operation contained in the graphQL request body.

https://github.com/wso2/carbon-apimgt/blob/2c7788e5914c457e55a251aa4d6cd20c30b401ef/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/throttling/ThrottleHandler.java#L403-L411

Affected Component

APIM

Version

4.2.0-alpha

Environment Details (with versions)

Java version: 11.0.16.1, vendor: Eclipse Adoptium OS name: "mac os x", version: "12.6", arch: "aarch64", family: "mac"

Relevant Log Output

No response

Related Issues

https://github.com/wso2/product-microgateway/issues/3227

Suggested Labels

No response

[HiranyaKavishani]

Since we have operational level rate limiting separately, here we have to avoid publishing events for each operations. For that we have to remove the [1] loop and handle operational level events separatly.

[1] https://github.com/wso2/carbon-apimgt/blob/2c7788e5914c457e55a251aa4d6cd20c30b401ef/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/throttling/ThrottleHandler.java#L386