share
Stack AppsAuthorized requests: auth parameter seems broken
[+2] [1] systempuntoout
[2011-03-04 22:53:01]
[ bug status-completed stackauth ]
[ https://stackapps.com/questions/2164/authorized-requests-auth-parameter-seems-broken ]

I'm having problem with authorized requests [1].
Every requests with a valid auth token get:

error: {
    code: 4009
    message: "The 'auth' query parameter is not a valid auth token."
}

Renewing the token with /auth route does not fix the problem.

You can test it calling this:

http://www.stackprinter.com/export?format=HTML&service=stackapps&question=2164 [2]

or this:

http://www.stackprinter.com/topvoted?service=stackoverflow&tagged=python&page=1&pagesize=30 [3]

The returned headers are these:

* via - HTTP/1.1 GWA
* x-aspnet-version - 4.0.30319
* content-type - application/json; charset=utf-8
* x-google-cache-control - remote-fetch
* x-ratelimit-current - 0  <====== that was fixed long time ago
* cache-control - private
* date - Sat, 05 Mar 2011 08:30:52 GMT
* x-aspnetmvc-version - 3.0
* x-ratelimit-max - 0

EDIT:
still choking on several endpoints :(

[+2] [2011-03-05 01:47:56] Kevin Montrose [ACCEPTED]

I've dug through the code (and recent networking changes) and found what I think is the issue.

A fix has been deployed, but I'll need you to test on your end to confirm.


@Kevin uhm, it's still not working; I've added a test link to my question - systempuntoout
@systempuntoout - think I knocked it out (bad API cache, probably due to some networking issues earlier this week). Clicking around everything seems to work on StackPrinter. Can you test from your end? - Kevin Montrose
@Kevin it's failing on several endpoints..try with stackprinter.com/topvoted without insert any tags and changing different sites. - systempuntoout
@systempuntoout - hmm, no repro. However, looking at the build logs the times this started (and stopped) manifesting kind of match. I've tweaked some more caching code, under the assumption that the API is getting out of sync with stackauth w.r.t. auth parameters. - Kevin Montrose
@Kevin it seems fixed but not for the new routes like fitness or skeptics for example; is it possible? - systempuntoout
@Kevin forgot to say that the auth error is gone; right now GAE calls to your end randomly go in timeout. - systempuntoout
@Kevin stackprinter.com/…; try to change the page parameter from 1 to 5; it randomly fails. - systempuntoout
@systempuntoout - looks like a routing problem from GAE -> us. All those entries are wildcards, so I'd guess the problem is on the GAE side (the problem going away with time would support that). This is assuming its all routes, but only on newer sites of course. Worth noting that all API endpoints are served by the same code, same servers, and same load balancers; there's no meaningful distinction between SO and fitness.SE from the API's point of view. - Kevin Montrose
@Kevin I will re-check tomorrow morning; thanks for the support. - systempuntoout
(1) I don't know if it's related, but with se-flair (which also runs on GAE), I've been seeing timeouts (URL fetch didn't complete within 5 seconds) on maybe around 10% of API calls, seemingly at random. (I'd been assuming it was either rate-limiting-related or just that API calls sometimes took longer than 5 seconds.) - Isaac
(1) @Isaac - like I said, I strongly suspect this is a problem on Google's end; but we're going to look into the network aspect of it anyway to be sure. Also, when we rate-limit we cut you off hard (actual error message returned immediately), we don't slow requests down intentionally ever. - Kevin Montrose
@Kevin: From the earlier discussion in the comments, I'd think it's on Google's end, too; I was just not entirely sure that what I was seeing with se-flair matched up to what you and @systempuntoout were talking about. Also, it's good to know that the rate-limiting is always a quick cutoff and never a slow-down. - Isaac
@Isaac @Kevin still getting timeout; I don't even bother to ask for support to Google App Engine because I already done this in the past on the same topic without any help. (Although in that specific episode, the problem was in the SE side) - systempuntoout
@Kevin @systempuntoout: It just occurred to me that despite the number of timeouts I'm seeing on API calls to specific SE sites, I don't think I've ever seen a StackAuth API call timeout. I have no idea if this means anything, though. - Isaac
1