Skip Menu |
 

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the Net-Twitter CPAN distribution.

Report information
The Basics
Id: 61026
Status: resolved
Priority: 0/
Queue: Net-Twitter

People
Owner: Nobody in particular
Requestors: psmitty5 [...] gmail.com
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: 3.13008
Fixed in: (no value)



Subject: API rate limit missing
Download (untitled) / with headers
text/plain 364b
Hello Marc, Thanks for a great module! In the past several days I've noticed my API limit not decreasing but now this morning I see it's at 150. I tried it with another account and I see the same thing. After a data dump I no longer see the rate_limit_status value. Has something changed with the Twitter API? Is there a work around? Thanks again, -Paul
Subject: Re: [rt.cpan.org #61026] API rate limit missing
Date: Fri, 3 Sep 2010 08:05:37 -0700
To: Paul Smith via RT <bug-Net-Twitter [...] rt.cpan.org>
From: Marc Mims <marc [...] questright.com>
* Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 06:22]: Show quoted text
> Thanks for a great module! In the past several days I've noticed my > API limit not decreasing but now this morning I see it's at 150. I > tried it with another account and I see the same thing. After a data > dump I no longer see the rate_limit_status value. Has something > changed with the Twitter API? > > Is there a work around?
Are you using OAuth? Twitter turned off Basic Auth support, permanently, on August 31st. http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c03fa2b1ae90d2a9 What you're seeing is a combination of errors and changes in the way the Twitter API works, now. <sigh/> Rather than sending a 401 response to inform you you cannot authenticate with Basic Auth, Twitter is sending a 200 response with this payload: {"errors":[{"code":32,"message":"Could not authenticate you"}]} That error format is something that leaked into the wild in a recent upgrade. Twitter acknowledged it as a bug and said they were going to revert the change: http://is.gd/eTiwv It seems they are not actually going to revert. There is a developer release of Net::Twitter that handles this new error format (at least when stringifying Net::Twitter::Error objects): http://search.cpan.org/~mmims/Net-Twitter-3.13008_01/ I'm working on a release to better address the multiple, inconsistent, error formats Twitter now sends. It also appears there's a bug in Net::Twitter. You should be able to do: $nt->rate_limit_status({ authenticate => 0 }) to suppress the authentication header and get a response for your IP address, rather than for a specific user. However, NT is adding the authentication header anyway when username/password exists. If you use a completely unauthenticated NT object, you'll get a response for your IP address. The default rate limit IP addresses that have not been white-listed is still 150: $nt = Net::Twitter->new; my $r = $nt->rate_limit_status; printf "limit: %s, remaining %s\n", @{$r}{qw/hourly_limit remaining_hits/}; # limit: 150, remaining 150 Hope that helps. -Marc
Subject: Re: [rt.cpan.org #61026] API rate limit missing
Date: Fri, 3 Sep 2010 11:17:20 -0400
To: bug-Net-Twitter [...] rt.cpan.org
From: Paul Smith <thetoolsmith [...] gmail.com>
Download (untitled) / with headers
text/plain 2.9k
Thanks Marc, I guess my biggest issue is I'm still using basic auth. I avoided using oauth because it looked intimidating. If I were to change my script I assume I need to register for an oauth ID and then once that's done do I simply include my crdentials in the oauth call like so: my $key = 'wHc9CLGppMbIzQ1J4PACw'; my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; $twit = Net::Twitter::OAuth->new( consumer_key => $key, consumer_secret => $secret, username => $username, password => $password ); Thanks again for the quick response, -Paul On Fri, Sep 3, 2010 at 11:05 AM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 06:22]:
> > Thanks for a great module! In the past several days I've noticed my > > API limit not decreasing but now this morning I see it's at 150. I > > tried it with another account and I see the same thing. After a data > > dump I no longer see the rate_limit_status value. Has something > > changed with the Twitter API? > > > > Is there a work around?
> > Are you using OAuth? Twitter turned off Basic Auth support, > permanently, on August 31st. > > http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c03fa2b1ae90d2a9 > > What you're seeing is a combination of errors and changes in the way the > Twitter API works, now. <sigh/> > > Rather than sending a 401 response to inform you you cannot authenticate > with Basic Auth, Twitter is sending a 200 response with this payload: > > {"errors":[{"code":32,"message":"Could not authenticate you"}]} > > That error format is something that leaked into the wild in a recent > upgrade. Twitter acknowledged it as a bug and said they were going to > revert the change: > http://is.gd/eTiwv > > It seems they are not actually going to revert. There is a developer > release of Net::Twitter that handles this new error format (at least > when stringifying Net::Twitter::Error objects): > http://search.cpan.org/~mmims/Net-Twitter-3.13008_01/ > > I'm working on a release to better address the multiple, inconsistent, > error formats Twitter now sends. > > It also appears there's a bug in Net::Twitter. You should be able to > do: > > $nt->rate_limit_status({ authenticate => 0 }) > > to suppress the authentication header and get a response for your IP > address, rather than for a specific user. However, NT is adding the > authentication header anyway when username/password exists. > > If you use a completely unauthenticated NT object, you'll get a response > for your IP address. The default rate limit IP addresses that have not > been white-listed is still 150: > > $nt = Net::Twitter->new; > my $r = $nt->rate_limit_status; > printf "limit: %s, remaining %s\n", @{$r}{qw/hourly_limit > remaining_hits/}; > # limit: 150, remaining 150 > > Hope that helps. > > -Marc > >
Subject: Re: [rt.cpan.org #61026] API rate limit missing
Date: Fri, 3 Sep 2010 08:43:52 -0700
To: Paul Smith via RT <bug-Net-Twitter [...] rt.cpan.org>
From: Marc Mims <marc [...] questright.com>
Download (untitled) / with headers
text/plain 1.3k
* Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 08:17]: Show quoted text
> I guess my biggest issue is I'm still using basic auth. I avoided using > oauth because it looked intimidating. If I were to change my script I > assume I need to register for an oauth ID and then once that's done do I > simply include my crdentials in the oauth call like so: > > my $key = 'wHc9CLGppMbIzQ1J4PACw'; > my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; > $twit = Net::Twitter::OAuth->new( > consumer_key => $key, > consumer_secret => $secret, > username => $username, > password => $password > > );
Not quite. Net::Twitter::OAuth is deprecated. It's a backwards compatible stub a prior version of that module before OAuth was integrated directly into Net::Twitter. my $nt = Net::Twitter->new( traits => [qw/OAuth API::REST/], consumer_key => $key, consumer_secret => $secret, access_token => $token, access_token_secret => $token_secret, ); You do not expose your username and password to an OAuth app. When you register an application with Twitter, they will provide the consumer key/secret and access token/secret for the owner of the app. If your app needs to support multiple users (not just the app owner), you need to obtain access tokens for each user. See the examples in the Net::Twitter distribution. -Marc
Subject: Re: [rt.cpan.org #61026] API rate limit missing
Date: Fri, 3 Sep 2010 12:01:29 -0400
To: bug-Net-Twitter [...] rt.cpan.org
From: Paul Smith <thetoolsmith [...] gmail.com>
Download (untitled) / with headers
text/plain 1.6k
perfect, that makes much more sense. Thanks again, -Paul On Fri, Sep 3, 2010 at 11:44 AM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 08:17]:
> > I guess my biggest issue is I'm still using basic auth. I avoided using > > oauth because it looked intimidating. If I were to change my script I > > assume I need to register for an oauth ID and then once that's done do I > > simply include my crdentials in the oauth call like so: > > > > my $key = 'wHc9CLGppMbIzQ1J4PACw'; > > my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; > > $twit = Net::Twitter::OAuth->new( > > consumer_key => $key, > > consumer_secret => $secret, > > username => $username, > > password => $password > > > > );
> > Not quite. Net::Twitter::OAuth is deprecated. It's a backwards > compatible stub a prior version of that module before OAuth was > integrated directly into Net::Twitter. > > my $nt = Net::Twitter->new( > traits => [qw/OAuth API::REST/], > consumer_key => $key, > consumer_secret => $secret, > access_token => $token, > access_token_secret => $token_secret, > ); > > You do not expose your username and password to an OAuth app. When you > register an application with Twitter, they will provide the consumer > key/secret and access token/secret for the owner of the app. > > If your app needs to support multiple users (not just the app owner), > you need to obtain access tokens for each user. See the examples in the > Net::Twitter distribution. > > -Marc > >
Subject: Re: [rt.cpan.org #61026] API rate limit missing
Date: Fri, 3 Sep 2010 16:51:12 -0400
To: bug-Net-Twitter [...] rt.cpan.org
From: Paul Smith <thetoolsmith [...] gmail.com>
Marc, I had one last question that relates to OAuth. I'm using ActiveStates PDK to compile my script into an exe. The script runs fine on my local machine but complains when I launch the executable created with PDK. The error is: *Unable to load HMAC_SHA1 plugin at ... Net/Twitter/Role/OAuth.pm line 93* I'm assuming this is a missing module from my script but can't seem to track it down. I've tried adding Digest::SHA1 but still the same. Any thoughts? Thanks, -Paul On Fri, Sep 3, 2010 at 11:44 AM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 08:17]:
> > I guess my biggest issue is I'm still using basic auth. I avoided using > > oauth because it looked intimidating. If I were to change my script I > > assume I need to register for an oauth ID and then once that's done do I > > simply include my crdentials in the oauth call like so: > > > > my $key = 'wHc9CLGppMbIzQ1J4PACw'; > > my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; > > $twit = Net::Twitter::OAuth->new( > > consumer_key => $key, > > consumer_secret => $secret, > > username => $username, > > password => $password > > > > );
> > Not quite. Net::Twitter::OAuth is deprecated. It's a backwards > compatible stub a prior version of that module before OAuth was > integrated directly into Net::Twitter. > > my $nt = Net::Twitter->new( > traits => [qw/OAuth API::REST/], > consumer_key => $key, > consumer_secret => $secret, > access_token => $token, > access_token_secret => $token_secret, > ); > > You do not expose your username and password to an OAuth app. When you > register an application with Twitter, they will provide the consumer > key/secret and access token/secret for the owner of the app. > > If your app needs to support multiple users (not just the app owner), > you need to obtain access tokens for each user. See the examples in the > Net::Twitter distribution. > > -Marc > >
Subject: Re: [rt.cpan.org #61026] API rate limit missing
Date: Fri, 3 Sep 2010 13:55:52 -0700
To: Paul Smith via RT <bug-Net-Twitter [...] rt.cpan.org>
From: Marc Mims <marc [...] questright.com>
Download (untitled) / with headers
text/plain 647b
* Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 13:51]: Show quoted text
> I had one last question that relates to OAuth. I'm using ActiveStates PDK > to compile my script into an exe. The script runs fine on my local machine > but complains when I launch the executable created with PDK. The error is: > > *Unable to load HMAC_SHA1 plugin at ... Net/Twitter/Role/OAuth.pm line 93* > > I'm assuming this is a missing module from my script but can't seem to > track it down. > > I've tried adding Digest::SHA1 but still the same.
It's probably looking for Net::OAuth::SignatureMethod::HMAC_SHA1 which gets required by Net::OAuth when needed. -Marc
Subject: Re: [rt.cpan.org #61026] API rate limit missing
Date: Fri, 3 Sep 2010 17:21:21 -0400
To: bug-Net-Twitter [...] rt.cpan.org
From: Paul Smith <thetoolsmith [...] gmail.com>
Download (untitled) / with headers
text/plain 900b
that was it...your a life saver! Thanks, -Paul On Fri, Sep 3, 2010 at 4:56 PM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 13:51]:
> > I had one last question that relates to OAuth. I'm using ActiveStates
> PDK
> > to compile my script into an exe. The script runs fine on my local
> machine
> > but complains when I launch the executable created with PDK. The error
> is:
> > > > *Unable to load HMAC_SHA1 plugin at ... Net/Twitter/Role/OAuth.pm line
> 93*
> > > > I'm assuming this is a missing module from my script but can't seem to > > track it down. > > > > I've tried adding Digest::SHA1 but still the same.
> > It's probably looking for Net::OAuth::SignatureMethod::HMAC_SHA1 which > gets required by Net::OAuth when needed. > > -Marc > >
I added Digest::HMAC_SHA1 as a requirement in 3.14003, so we shouldn't see this issue again. -Marc


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.