AspNetCoreRateLimit endpoint wild-card does not work

Question

I am trying to implement a rate limit using the AspNetCoreRateLimit package. I would like to limit the rate on only one endpoint This one:

https://[removed for privacy]/v/1/product_provisioning/user_has_signatures?phoneNumber=070930900

When I use this config with the * wildcard i get the correct rate limiting for all endpoints, but I would like to implement it only for the endpoint I mentioned above:

"IpRateLimiting": {
    "EnableEndpointRateLimiting": false,
    "StackBlockedRequests": false,
    "RealIpHeader": "X-Real-IP",
    "ClientIdHeader": "X-ClientId",
    "HttpStatusCode": 429,
    "GeneralRules": [
        {
            "Endpoint": "*",
            "Period": "60s",
            "Limit": 1
        }
    ]
}   

I tried the following wildcard combinations and none worked:

"Endpoint": "*:/v/1/product_provisioning/*",

"Endpoint": "GET:/v/1/product_provisioning/*",

"Endpoint": "*:/v/1/product_provisioning/user_has_signatures/*",

"Endpoint": "*:/v/1/product_provisioning/user_has_signatures?phoneNumber=*",

Answer 1

Because your phoneNumber is a query string,

options.EnableEndpointRateLimiting = true;
options.StackBlockedRequests = false;
options.HttpStatusCode = 429;
options.RealIpHeader = "X-Real-IP";
options.ClientIdHeader = "X-ClientId";
options.GeneralRules = new List<RateLimitRule>
    {
        new RateLimitRule
        {
            Endpoint = "GET:/v/1/product_provisioning/user_has_signatures",
            Period = "60s",
            Limit = 1,
        }
    };

In the above code, the option EnableEndpointRateLimiting is set as true to ensure that limit is applied to specific endpoints rather than all endpoints. If EnableEndpointRateLimiting is set to false then the limits will apply globally and only rules that have as endpoint * will apply.