nitter/src/tokens.nim

# SPDX-License-Identifier: AGPL-3.0-only
import asyncdispatch, httpclient, times, sequtils, json, random
import strutils, tables
import types, consts

const
  maxConcurrentReqs = 5  # max requests at a time per token, to avoid race conditions
  maxLastUse = 1.hours   # if a token is unused for 60 minutes, it expires
  maxAge = 2.hours + 55.minutes  # tokens expire after 3 hours
  failDelay = initDuration(minutes=30)

var
  tokenPool: seq[Token]
  lastFailed: Time
  enableLogging = false

let headers = newHttpHeaders({"authorization": auth})

template log(str) =
  if enableLogging: echo "[tokens] ", str

proc getPoolJson*(): JsonNode =
  var
    list = newJObject()
    totalReqs = 0
    totalPending = 0
    reqsPerApi: Table[string, int]

  for token in tokenPool:
    totalPending.inc(token.pending)
    list[token.tok] = %*{
      "apis": newJObject(),
      "pending": token.pending,
      "init": $token.init,
      "lastUse": $token.lastUse
    }

    for api in token.apis.keys:
      list[token.tok]["apis"][$api] = %token.apis[api]

      let
        maxReqs =
          case api
          of Api.search: 100000
          of Api.photoRail: 180
          of Api.timeline: 187
          of Api.userTweets, Api.userTimeline: 300
          of Api.userTweetsAndReplies, Api.userRestId,
             Api.userScreenName, Api.tweetDetail, Api.tweetResult,
             Api.list, Api.listTweets, Api.listMembers, Api.listBySlug, Api.userMedia: 500
          of Api.userSearch: 900
        reqs = maxReqs - token.apis[api].remaining

      reqsPerApi[$api] = reqsPerApi.getOrDefault($api, 0) + reqs
      totalReqs.inc(reqs)

  return %*{
    "amount": tokenPool.len,
    "requests": totalReqs,
    "pending": totalPending,
    "apis": reqsPerApi,
    "tokens": list
  }

proc rateLimitError*(): ref RateLimitError =
  newException(RateLimitError, "rate limited")

proc fetchToken(): Future[Token] {.async.} =
  if getTime() - lastFailed < failDelay:
    raise rateLimitError()

  let client = newAsyncHttpClient(headers=headers)

  try:
    let
      resp = await client.postContent(activate)
      tokNode = parseJson(resp)["guest_token"]
      tok = tokNode.getStr($(tokNode.getInt))
      time = getTime()

    return Token(tok: tok, init: time, lastUse: time)
  except Exception as e:
    echo "[tokens] fetching token failed: ", e.msg
    if "Try again" notin e.msg:
      echo "[tokens] fetching tokens paused, resuming in 30 minutes"
      lastFailed = getTime()
  finally:
    client.close()

proc expired(token: Token): bool =
  let time = getTime()
  token.init < time - maxAge or token.lastUse < time - maxLastUse

proc isLimited(token: Token; api: Api): bool =
  if token.isNil or token.expired:
    return true

  if api in token.apis:
    let limit = token.apis[api]
    return (limit.remaining <= 10 and limit.reset > epochTime().int)
  else:
    return false

proc isReady(token: Token; api: Api): bool =
  not (token.isNil or token.pending > maxConcurrentReqs or token.isLimited(api))

proc release*(token: Token; used=false; invalid=false) =
  if token.isNil: return
  if invalid or token.expired:
    if invalid: log "discarding invalid token"
    elif token.expired: log "discarding expired token"

    let idx = tokenPool.find(token)
    if idx > -1: tokenPool.delete(idx)
  elif used:
    dec token.pending
    token.lastUse = getTime()

proc getToken*(api: Api): Future[Token] {.async.} =
  for i in 0 ..< tokenPool.len:
    if result.isReady(api): break
    release(result)
    result = tokenPool.sample()

  if not result.isReady(api):
    release(result)
    result = await fetchToken()
    log "added new token to pool"
    tokenPool.add result

  if not result.isNil:
    inc result.pending
  else:
    raise rateLimitError()

proc setRateLimit*(token: Token; api: Api; remaining, reset: int) =
  # avoid undefined behavior in race conditions
  if api in token.apis:
    let limit = token.apis[api]
    if limit.reset >= reset and limit.remaining < remaining:
      return

  token.apis[api] = RateLimit(remaining: remaining, reset: reset)

proc poolTokens*(amount: int) {.async.} =
  var futs: seq[Future[Token]]
  for i in 0 ..< amount:
    futs.add fetchToken()

  for token in futs:
    var newToken: Token

    try: newToken = await token
    except: discard

    if not newToken.isNil:
      log "added new token to pool"
      tokenPool.add newToken

proc initTokenPool*(cfg: Config) {.async.} =
  enableLogging = cfg.enableDebug

  while true:
    if tokenPool.countIt(not it.isLimited(Api.userTimeline)) < cfg.minTokens:
      await poolTokens(min(4, cfg.minTokens - tokenPool.len))
    await sleepAsync(2000)
Add license headers Closes #413 2021-12-27 02:37:38 +01:00			`# SPDX-License-Identifier: AGPL-3.0-only`
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`import asyncdispatch, httpclient, times, sequtils, json, random`
			`import strutils, tables`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 14:41:30 +02:00			`import types, consts`
In with the new 2020-06-01 02:16:24 +02:00
Temporary (?) fix for false rate limits 2021-01-18 07:47:51 +01:00			`const`
Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`maxConcurrentReqs = 5 # max requests at a time per token, to avoid race conditions`
			`maxLastUse = 1.hours # if a token is unused for 60 minutes, it expires`
Set tokens to expire 5 minutes early Prevents occasional usage of tokens the very second they expire 2022-01-16 17:56:45 +01:00			`maxAge = 2.hours + 55.minutes # tokens expire after 3 hours`
Temporary (?) fix for false rate limits 2021-01-18 07:47:51 +01:00			`failDelay = initDuration(minutes=30)`

Add temporary token fail safe 2020-07-09 09:18:14 +02:00			`var`
More cleanup 2022-01-02 11:21:03 +01:00			`tokenPool: seq[Token]`
Add temporary token fail safe 2020-07-09 09:18:14 +02:00			`lastFailed: Time`
Add more logging to the token pool 2022-06-05 21:47:25 +02:00			`enableLogging = false`

GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 14:41:30 +02:00			`let headers = newHttpHeaders({"authorization": auth})`

Add more logging to the token pool 2022-06-05 21:47:25 +02:00			`template log(str) =`
			`if enableLogging: echo "[tokens] ", str`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00
Add more info to /.tokens endpoint 2022-01-06 00:42:18 +01:00			`proc getPoolJson*(): JsonNode =`
			`var`
			`list = newJObject()`
			`totalReqs = 0`
			`totalPending = 0`
			`reqsPerApi: Table[string, int]`

Add /.tokens debug endpoint to see token pool 2022-01-05 22:49:16 +01:00			`for token in tokenPool:`
Add more info to /.tokens endpoint 2022-01-06 00:42:18 +01:00			`totalPending.inc(token.pending)`
Add /.tokens debug endpoint to see token pool 2022-01-05 22:49:16 +01:00			`list[token.tok] = %*{`
			`"apis": newJObject(),`
Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`"pending": token.pending,`
Add /.tokens debug endpoint to see token pool 2022-01-05 22:49:16 +01:00			`"init": $token.init,`
			`"lastUse": $token.lastUse`
			`}`

			`for api in token.apis.keys:`
Use int for token reset instead of Time 2022-01-06 00:19:09 +01:00			`list[token.tok]["apis"][$api] = %token.apis[api]`
Add more info to /.tokens endpoint 2022-01-06 00:42:18 +01:00
			`let`
			`maxReqs =`
			`case api`
Search isn't rate limited 2023-07-22 04:06:04 +02:00			`of Api.search: 100000`
			`of Api.photoRail: 180`
Use old timeline endpoint 2023-07-21 18:56:39 +02:00			`of Api.timeline: 187`
Use legacy timeline/user endpoint for Tweets tab 2023-08-08 02:09:56 +02:00			`of Api.userTweets, Api.userTimeline: 300`
Use old timeline endpoint 2023-07-21 18:56:39 +02:00			`of Api.userTweetsAndReplies, Api.userRestId,`
Use legacy timeline/user endpoint for Tweets tab 2023-08-08 02:09:56 +02:00			`Api.userScreenName, Api.tweetDetail, Api.tweetResult,`
			`Api.list, Api.listTweets, Api.listMembers, Api.listBySlug, Api.userMedia: 500`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 14:41:30 +02:00			`of Api.userSearch: 900`
Add more info to /.tokens endpoint 2022-01-06 00:42:18 +01:00			`reqs = maxReqs - token.apis[api].remaining`

			`reqsPerApi[$api] = reqsPerApi.getOrDefault($api, 0) + reqs`
			`totalReqs.inc(reqs)`

			`return %*{`
			`"amount": tokenPool.len,`
			`"requests": totalReqs,`
			`"pending": totalPending,`
			`"apis": reqsPerApi,`
			`"tokens": list`
			`}`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00
			`proc rateLimitError*(): ref RateLimitError =`
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`newException(RateLimitError, "rate limited")`
In with the new 2020-06-01 02:16:24 +02:00
			`proc fetchToken(): Future[Token] {.async.} =`
Temporary (?) fix for false rate limits 2021-01-18 07:47:51 +01:00			`if getTime() - lastFailed < failDelay:`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00			`raise rateLimitError()`
Add temporary token fail safe 2020-07-09 09:18:14 +02:00
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 14:41:30 +02:00			`let client = newAsyncHttpClient(headers=headers)`
In with the new 2020-06-01 02:16:24 +02:00
Fix crash on token fetch failure 2020-06-02 20:37:55 +02:00			`try:`
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`let`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 14:41:30 +02:00			`resp = await client.postContent(activate)`
			`tokNode = parseJson(resp)["guest_token"]`
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`tok = tokNode.getStr($(tokNode.getInt))`
			`time = getTime()`
In with the new 2020-06-01 02:16:24 +02:00
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`return Token(tok: tok, init: time, lastUse: time)`
Use old API endpoint to fetch tokens 2020-06-24 15:02:34 +02:00			`except Exception as e:`
Add more logging to the token pool 2022-06-05 21:47:25 +02:00			`echo "[tokens] fetching token failed: ", e.msg`
			`if "Try again" notin e.msg:`
			`echo "[tokens] fetching tokens paused, resuming in 30 minutes"`
			`lastFailed = getTime()`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 14:41:30 +02:00			`finally:`
			`client.close()`
In with the new 2020-06-01 02:16:24 +02:00
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`proc expired(token: Token): bool =`
Temporary fix to prevent early token expiry 2020-06-19 09:45:24 +02:00			`let time = getTime()`
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`token.init < time - maxAge or token.lastUse < time - maxLastUse`
In with the new 2020-06-01 02:16:24 +02:00
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`proc isLimited(token: Token; api: Api): bool =`
			`if token.isNil or token.expired:`
			`return true`

			`if api in token.apis:`
			`let limit = token.apis[api]`
Use int for token reset instead of Time 2022-01-06 00:19:09 +01:00			`return (limit.remaining <= 10 and limit.reset > epochTime().int)`
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`else:`
			`return false`
In with the new 2020-06-01 02:16:24 +02:00
Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`proc isReady(token: Token; api: Api): bool =`
			`not (token.isNil or token.pending > maxConcurrentReqs or token.isLimited(api))`

			`proc release*(token: Token; used=false; invalid=false) =`
			`if token.isNil: return`
			`if invalid or token.expired:`
Add more logging to the token pool 2022-06-05 21:47:25 +02:00			`if invalid: log "discarding invalid token"`
			`elif token.expired: log "discarding expired token"`

Temporary (?) fix for false rate limits 2021-01-18 07:47:51 +01:00			`let idx = tokenPool.find(token)`
			`if idx > -1: tokenPool.delete(idx)`
Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`elif used:`
			`dec token.pending`
			`token.lastUse = getTime()`
In with the new 2020-06-01 02:16:24 +02:00
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`proc getToken*(api: Api): Future[Token] {.async.} =`
In with the new 2020-06-01 02:16:24 +02:00			`for i in 0 ..< tokenPool.len:`
Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`if result.isReady(api): break`
Temporary (?) fix for false rate limits 2021-01-18 07:47:51 +01:00			`release(result)`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00			`result = tokenPool.sample()`
In with the new 2020-06-01 02:16:24 +02:00
Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`if not result.isReady(api):`
Temporary (?) fix for false rate limits 2021-01-18 07:47:51 +01:00			`release(result)`
In with the new 2020-06-01 02:16:24 +02:00			`result = await fetchToken()`
Add more logging to the token pool 2022-06-05 21:47:25 +02:00			`log "added new token to pool"`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00			`tokenPool.add result`

Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`if not result.isNil:`
			`inc result.pending`
			`else:`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00			`raise rateLimitError()`

Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`proc setRateLimit*(token: Token; api: Api; remaining, reset: int) =`
Track pending token requests to limit concurrency 2022-01-05 23:38:46 +01:00			`# avoid undefined behavior in race conditions`
			`if api in token.apis:`
			`let limit = token.apis[api]`
			`if limit.reset >= reset and limit.remaining < remaining:`
			`return`

			`token.apis[api] = RateLimit(remaining: remaining, reset: reset)`
Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00
In with the new 2020-06-01 02:16:24 +02:00			`proc poolTokens*(amount: int) {.async.} =`
			`var futs: seq[Future[Token]]`
			`for i in 0 ..< amount:`
			`futs.add fetchToken()`

			`for token in futs:`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00			`var newToken: Token`

			`try: newToken = await token`
			`except: discard`

Track token rate limits per endpoint 2022-01-05 22:48:45 +01:00			`if not newToken.isNil:`
Add more logging to the token pool 2022-06-05 21:47:25 +02:00			`log "added new token to pool"`
Improve token pool to prevent rate limits 2021-01-13 14:32:26 +01:00			`tokenPool.add newToken`
In with the new 2020-06-01 02:16:24 +02:00
			`proc initTokenPool*(cfg: Config) {.async.} =`
Add more logging to the token pool 2022-06-05 21:47:25 +02:00			`enableLogging = cfg.enableDebug`
Add http pool to reduce connection overhead 2020-11-07 21:31:03 +01:00
In with the new 2020-06-01 02:16:24 +02:00			`while true:`
Use legacy timeline/user endpoint for Tweets tab 2023-08-08 02:09:56 +02:00			`if tokenPool.countIt(not it.isLimited(Api.userTimeline)) < cfg.minTokens:`
More aggressive token strategy to combat bursts 2020-06-01 13:54:45 +02:00			`await poolTokens(min(4, cfg.minTokens - tokenPool.len))`
			`await sleepAsync(2000)`