Question: Handling rate limits

[Ronnie-J]

Hi.

As I can tell using the library there is no real way of handling the rate limits from the Management and Authentication API.

An exception is thrown but I have no way of telling what the headers are from the response or even handle the situation in advance by taking actions accordingly.

X-RateLimit-Limit: The maximum number of requests available in the current time frame.
X-RateLimit-Remaining: The number of remaining requests in the current time frame.
X-RateLimit-Reset: A UNIX timestamp of the expected time when the rate limit will reset.

Any thoughts?

[joshcanhelp]

@Ronnie-J - Thanks for the report here. We use the Guzzle HTTP library for our requests and that handles the exceptions, including the 429 rate limit response. Here's a quick sample of how you can handle that on your end:

try {
        // Rate limit triggering code
} catch ( ClientException $e ) {
    // Will contain the API token used, which is very sentitive.
    echo GuzzleHttp\Psr7\str( $e->getRequest() ) . '<br>';
    // This is the response which contains the headers you're looking for ... outputting as a string here but you probably want to parse this differently.
    echo GuzzleHttp\Psr7\str( $e->getResponse() ). '<br>';
    // Actual response from the server
    echo $e->getMessage() . '<br>';
    // Error code for a rate limit, 429
    echo $e->getCode() . '<br>';
}

Request:

GET /api/v2/logs?fields=log_id,date,description&include_fields=true&page=0&per_page=30 HTTP/1.1
User-Agent: GuzzleHttp/6.3.3 curl/7.54.0 PHP/7.2.4
Host: joshc-test.auth0.com
Authorization: Bearer API_TOKEN_USED
Auth0-Client: eyJuYW1lIjoiYXV0aDAtcGhwIiwidmVyc2lvbiI6IjUuMC40IiwiZW52aXJvbm1lbnQiOlt7Im5hbWUiOiJQSFAiLCJ2ZXJzaW9uIjoiNy4yLjQifV19

Response:

HTTP/1.1 429 Too Many Requests
Date: Mon, 23 Jul 2018 17:11:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 46
Connection: keep-alive
X-RateLimit-Limit: 10
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1532365909
vary: origin,accept-encoding
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0

{"statusCode":429,"error":"Too Many Requests"}

Message:

Client error: `GET https://joshc-test.auth0.com/api/v2/logs?fields=log_id,date,description&include_fields=true&page=0&per_page=30` resulted in a `429 Too Many Requests` response:
{"statusCode":429,"error":"Too Many Requests"}

Code:

429

Refer to Guzzle docs on Exceptions.

[Ronnie-J]

Makes sense @joshcanhelp but I would still like to handle stuff in advance. The X-RateLimit-Remaining is an indication that I might be about to hit the ratelimit and therefor I want to take action. I cannot do that with the returned value from using the library - only the exception as you mention can be used but then it will be to late.

Or am I missing something obvious?

[Ronnie-J]

@joshcanhelp I think it would be a great contribution to the library if you were able to work with the rate-limits before the line is crossed and it's going to be an exception.

[joshcanhelp]

@Ronnie-J - Absolutely. I'll do a little leg work this week and see how big of a job this will be.

[joshcanhelp]

I did a little research here and I don't think this will be too big of a job. I'd like to add this without cluttering up the interface too much but it can be done without breaking changes and I think it will be an useful feature. Re-opening now and will get it into an upcoming sprint for completion.

Thanks again for the report @Ronnie-J

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.