Bug #61026 for Net-Twitter: API rate limit missing

Fri Sep 03 09:22:30 2010 psmitty5 [...] gmail.com - Ticket created

Subject:

API rate limit missing

Hello Marc, Thanks for a great module! In the past several days I've noticed my API limit not decreasing but now this morning I see it's at 150. I tried it with another account and I see the same thing. After a data dump I no longer see the rate_limit_status value. Has something changed with the Twitter API? Is there a work around? Thanks again, -Paul

Fri Sep 03 11:05:58 2010 marc [...] questright.com - Correspondence added

Subject:	Re: [rt.cpan.org #61026] API rate limit missing
Date:	Fri, 3 Sep 2010 08:05:37 -0700
To:	Paul Smith via RT <bug-Net-Twitter [...] rt.cpan.org>
From:	Marc Mims <marc [...] questright.com>

* Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 06:22]: Show quoted text

> Thanks for a great module! In the past several days I've noticed my > API limit not decreasing but now this morning I see it's at 150. I > tried it with another account and I see the same thing. After a data > dump I no longer see the rate_limit_status value. Has something > changed with the Twitter API? > > Is there a work around?

Are you using OAuth? Twitter turned off Basic Auth support, permanently, on August 31st. http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c03fa2b1ae90d2a9 What you're seeing is a combination of errors and changes in the way the Twitter API works, now. <sigh/> Rather than sending a 401 response to inform you you cannot authenticate with Basic Auth, Twitter is sending a 200 response with this payload: {"errors":[{"code":32,"message":"Could not authenticate you"}]} That error format is something that leaked into the wild in a recent upgrade. Twitter acknowledged it as a bug and said they were going to revert the change: http://is.gd/eTiwv It seems they are not actually going to revert. There is a developer release of Net::Twitter that handles this new error format (at least when stringifying Net::Twitter::Error objects): http://search.cpan.org/~mmims/Net-Twitter-3.13008_01/ I'm working on a release to better address the multiple, inconsistent, error formats Twitter now sends. It also appears there's a bug in Net::Twitter. You should be able to do: $nt->rate_limit_status({ authenticate => 0 }) to suppress the authentication header and get a response for your IP address, rather than for a specific user. However, NT is adding the authentication header anyway when username/password exists. If you use a completely unauthenticated NT object, you'll get a response for your IP address. The default rate limit IP addresses that have not been white-listed is still 150: $nt = Net::Twitter->new; my $r = $nt->rate_limit_status; printf "limit: %s, remaining %s\n", @{$r}{qw/hourly_limit remaining_hits/}; # limit: 150, remaining 150 Hope that helps. -Marc

Fri Sep 03 11:05:59 2010 The RT System itself - Status changed from 'new' to 'open'

Fri Sep 03 11:17:39 2010 thetoolsmith [...] gmail.com - Correspondence added

Subject:	Re: [rt.cpan.org #61026] API rate limit missing
Date:	Fri, 3 Sep 2010 11:17:20 -0400
To:	bug-Net-Twitter [...] rt.cpan.org
From:	Paul Smith <thetoolsmith [...] gmail.com>

Thanks Marc, I guess my biggest issue is I'm still using basic auth. I avoided using oauth because it looked intimidating. If I were to change my script I assume I need to register for an oauth ID and then once that's done do I simply include my crdentials in the oauth call like so: my $key = 'wHc9CLGppMbIzQ1J4PACw'; my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; $twit = Net::Twitter::OAuth->new( consumer_key => $key, consumer_secret => $secret, username => $username, password => $password ); Thanks again for the quick response, -Paul On Fri, Sep 3, 2010 at 11:05 AM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text

> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 06:22]:

> > Thanks for a great module! In the past several days I've noticed my > > API limit not decreasing but now this morning I see it's at 150. I > > tried it with another account and I see the same thing. After a data > > dump I no longer see the rate_limit_status value. Has something > > changed with the Twitter API? > > > > Is there a work around?

> > Are you using OAuth? Twitter turned off Basic Auth support, > permanently, on August 31st. > > http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c03fa2b1ae90d2a9 > > What you're seeing is a combination of errors and changes in the way the > Twitter API works, now. <sigh/> > > Rather than sending a 401 response to inform you you cannot authenticate > with Basic Auth, Twitter is sending a 200 response with this payload: > > {"errors":[{"code":32,"message":"Could not authenticate you"}]} > > That error format is something that leaked into the wild in a recent > upgrade. Twitter acknowledged it as a bug and said they were going to > revert the change: > http://is.gd/eTiwv > > It seems they are not actually going to revert. There is a developer > release of Net::Twitter that handles this new error format (at least > when stringifying Net::Twitter::Error objects): > http://search.cpan.org/~mmims/Net-Twitter-3.13008_01/ > > I'm working on a release to better address the multiple, inconsistent, > error formats Twitter now sends. > > It also appears there's a bug in Net::Twitter. You should be able to > do: > > $nt->rate_limit_status({ authenticate => 0 }) > > to suppress the authentication header and get a response for your IP > address, rather than for a specific user. However, NT is adding the > authentication header anyway when username/password exists. > > If you use a completely unauthenticated NT object, you'll get a response > for your IP address. The default rate limit IP addresses that have not > been white-listed is still 150: > > $nt = Net::Twitter->new; > my $r = $nt->rate_limit_status; > printf "limit: %s, remaining %s\n", @{$r}{qw/hourly_limit > remaining_hits/}; > # limit: 150, remaining 150 > > Hope that helps. > > -Marc > >

Fri Sep 03 11:44:17 2010 marc [...] questright.com - Correspondence added

Subject:	Re: [rt.cpan.org #61026] API rate limit missing
Date:	Fri, 3 Sep 2010 08:43:52 -0700
To:	Paul Smith via RT <bug-Net-Twitter [...] rt.cpan.org>
From:	Marc Mims <marc [...] questright.com>

* Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 08:17]: Show quoted text

> I guess my biggest issue is I'm still using basic auth. I avoided using > oauth because it looked intimidating. If I were to change my script I > assume I need to register for an oauth ID and then once that's done do I > simply include my crdentials in the oauth call like so: > > my $key = 'wHc9CLGppMbIzQ1J4PACw'; > my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; > $twit = Net::Twitter::OAuth->new( > consumer_key => $key, > consumer_secret => $secret, > username => $username, > password => $password > > );

Not quite. Net::Twitter::OAuth is deprecated. It's a backwards compatible stub a prior version of that module before OAuth was integrated directly into Net::Twitter. my $nt = Net::Twitter->new( traits => [qw/OAuth API::REST/], consumer_key => $key, consumer_secret => $secret, access_token => $token, access_token_secret => $token_secret, ); You do not expose your username and password to an OAuth app. When you register an application with Twitter, they will provide the consumer key/secret and access token/secret for the owner of the app. If your app needs to support multiple users (not just the app owner), you need to obtain access tokens for each user. See the examples in the Net::Twitter distribution. -Marc

Fri Sep 03 12:01:39 2010 thetoolsmith [...] gmail.com - Correspondence added

Subject:	Re: [rt.cpan.org #61026] API rate limit missing
Date:	Fri, 3 Sep 2010 12:01:29 -0400
To:	bug-Net-Twitter [...] rt.cpan.org
From:	Paul Smith <thetoolsmith [...] gmail.com>

perfect, that makes much more sense. Thanks again, -Paul On Fri, Sep 3, 2010 at 11:44 AM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text

> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 08:17]:

> > I guess my biggest issue is I'm still using basic auth. I avoided using > > oauth because it looked intimidating. If I were to change my script I > > assume I need to register for an oauth ID and then once that's done do I > > simply include my crdentials in the oauth call like so: > > > > my $key = 'wHc9CLGppMbIzQ1J4PACw'; > > my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; > > $twit = Net::Twitter::OAuth->new( > > consumer_key => $key, > > consumer_secret => $secret, > > username => $username, > > password => $password > > > > );

> > Not quite. Net::Twitter::OAuth is deprecated. It's a backwards > compatible stub a prior version of that module before OAuth was > integrated directly into Net::Twitter. > > my $nt = Net::Twitter->new( > traits => [qw/OAuth API::REST/], > consumer_key => $key, > consumer_secret => $secret, > access_token => $token, > access_token_secret => $token_secret, > ); > > You do not expose your username and password to an OAuth app. When you > register an application with Twitter, they will provide the consumer > key/secret and access token/secret for the owner of the app. > > If your app needs to support multiple users (not just the app owner), > you need to obtain access tokens for each user. See the examples in the > Net::Twitter distribution. > > -Marc > >

Fri Sep 03 16:51:22 2010 thetoolsmith [...] gmail.com - Correspondence added

Subject:	Re: [rt.cpan.org #61026] API rate limit missing
Date:	Fri, 3 Sep 2010 16:51:12 -0400
To:	bug-Net-Twitter [...] rt.cpan.org
From:	Paul Smith <thetoolsmith [...] gmail.com>

Marc, I had one last question that relates to OAuth. I'm using ActiveStates PDK to compile my script into an exe. The script runs fine on my local machine but complains when I launch the executable created with PDK. The error is: *Unable to load HMAC_SHA1 plugin at ... Net/Twitter/Role/OAuth.pm line 93* I'm assuming this is a missing module from my script but can't seem to track it down. I've tried adding Digest::SHA1 but still the same. Any thoughts? Thanks, -Paul On Fri, Sep 3, 2010 at 11:44 AM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text

> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 08:17]:

> > I guess my biggest issue is I'm still using basic auth. I avoided using > > oauth because it looked intimidating. If I were to change my script I > > assume I need to register for an oauth ID and then once that's done do I > > simply include my crdentials in the oauth call like so: > > > > my $key = 'wHc9CLGppMbIzQ1J4PACw'; > > my $secret = 'yJDhWG6JEavMkPl1FHFeG7aQUumijY6sQuRMaZCmvh'; > > $twit = Net::Twitter::OAuth->new( > > consumer_key => $key, > > consumer_secret => $secret, > > username => $username, > > password => $password > > > > );

> > Not quite. Net::Twitter::OAuth is deprecated. It's a backwards > compatible stub a prior version of that module before OAuth was > integrated directly into Net::Twitter. > > my $nt = Net::Twitter->new( > traits => [qw/OAuth API::REST/], > consumer_key => $key, > consumer_secret => $secret, > access_token => $token, > access_token_secret => $token_secret, > ); > > You do not expose your username and password to an OAuth app. When you > register an application with Twitter, they will provide the consumer > key/secret and access token/secret for the owner of the app. > > If your app needs to support multiple users (not just the app owner), > you need to obtain access tokens for each user. See the examples in the > Net::Twitter distribution. > > -Marc > >

Fri Sep 03 16:56:06 2010 marc [...] questright.com - Correspondence added

Subject:	Re: [rt.cpan.org #61026] API rate limit missing
Date:	Fri, 3 Sep 2010 13:55:52 -0700
To:	Paul Smith via RT <bug-Net-Twitter [...] rt.cpan.org>
From:	Marc Mims <marc [...] questright.com>

* Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 13:51]: Show quoted text

> I had one last question that relates to OAuth. I'm using ActiveStates PDK > to compile my script into an exe. The script runs fine on my local machine > but complains when I launch the executable created with PDK. The error is: > > *Unable to load HMAC_SHA1 plugin at ... Net/Twitter/Role/OAuth.pm line 93* > > I'm assuming this is a missing module from my script but can't seem to > track it down. > > I've tried adding Digest::SHA1 but still the same.

It's probably looking for Net::OAuth::SignatureMethod::HMAC_SHA1 which gets required by Net::OAuth when needed. -Marc

Fri Sep 03 17:21:31 2010 thetoolsmith [...] gmail.com - Correspondence added

Subject:	Re: [rt.cpan.org #61026] API rate limit missing
Date:	Fri, 3 Sep 2010 17:21:21 -0400
To:	bug-Net-Twitter [...] rt.cpan.org
From:	Paul Smith <thetoolsmith [...] gmail.com>

that was it...your a life saver! Thanks, -Paul On Fri, Sep 3, 2010 at 4:56 PM, marc@questright.com via RT < bug-Net-Twitter@rt.cpan.org> wrote: Show quoted text

> <URL: https://rt.cpan.org/Ticket/Display.html?id=61026 > > > * Paul Smith via RT <bug-Net-Twitter@rt.cpan.org> [100903 13:51]:

> > I had one last question that relates to OAuth. I'm using ActiveStates

> PDK

> > to compile my script into an exe. The script runs fine on my local

> machine

> > but complains when I launch the executable created with PDK. The error

> is:

> > > > *Unable to load HMAC_SHA1 plugin at ... Net/Twitter/Role/OAuth.pm line

> 93*

> > > > I'm assuming this is a missing module from my script but can't seem to > > track it down. > > > > I've tried adding Digest::SHA1 but still the same.

> > It's probably looking for Net::OAuth::SignatureMethod::HMAC_SHA1 which > gets required by Net::OAuth when needed. > > -Marc > >

Mon Feb 07 14:02:41 2011 MMIMS [...] cpan.org - Correspondence added

I added Digest::HMAC_SHA1 as a requirement in 3.14003, so we shouldn't see this issue again. -Marc

Mon Feb 07 14:02:41 2011 MMIMS [...] cpan.org - Status changed from 'open' to 'resolved'

Bug #61026 for Net-Twitter: API rate limit missing

Preferred bug tracker