Can't log in: code 429 "Too many requests"

hwine commented 4 years ago
Continually getting this for https://sql.telemetry.mozilla.org/login Network trace in Firefox doesn't show any looping.
Request:
{
  "log": {
    "version": "1.2",
    "creator": {
      "name": "Firefox",
      "version": "74.0a1"
    },
    "browser": {
      "name": "Firefox",
      "version": "74.0a1"
    },
    "pages": [
      {
        "startedDateTime": "2020-02-03T08:52:57.445-08:00",
        "id": "page_1",
        "pageTimings": {
          "onContentLoad": 245,
          "onLoad": 276
        }
      }
    ],
    "entries": [
      {
        "pageref": "page_1",
        "startedDateTime": "2020-02-03T08:52:57.445-08:00",
        "request": {
          "bodySize": 0,
          "method": "GET",
          "url": "https://sql.telemetry.mozilla.org/login",
          "httpVersion": "HTTP/2",
          "headers": [
            {
              "name": "Host",
              "value": "sql.telemetry.mozilla.org"
            },
            {
              "name": "User-Agent",
              "value": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0"
            },
            {
              "name": "Accept",
              "value": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
            },
            {
              "name": "Accept-Language",
              "value": "en-US,en;q=0.5"
            },
            {
              "name": "Accept-Encoding",
              "value": "gzip, deflate, br"
            },
            {
              "name": "DNT",
              "value": "1"
            },
            {
              "name": "Connection",
              "value": "keep-alive"
            },
            {
              "name": "Upgrade-Insecure-Requests",
              "value": "1"
            }
          ],
          "cookies": [],
          "queryString": [],
          "headersSize": 363
        },
        "response": {
          "status": 429,
          "statusText": "No Reason Phrase",
          "httpVersion": "HTTP/2",
          "headers": [
            {
              "name": "server",
              "value": "openresty/1.15.8.1"
            },
            {
              "name": "date",
              "value": "Mon, 03 Feb 2020 16:52:57 GMT"
            },
            {
              "name": "content-type",
              "value": "text/html"
            },
            {
              "name": "content-length",
              "value": "141"
            },
            {
              "name": "x-frame-options",
              "value": "deny"
            },
            {
              "name": "x-xss-protection",
              "value": "1; mode=block"
            },
            {
              "name": "x-content-type-options",
              "value": "nosniff"
            },
            {
              "name": "x-download-options",
              "value": "noopen"
            },
            {
              "name": "content-security-policy",
              "value": "; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; default-src 'self'; frame-src redash.io; img-src 'self' http: https: data:; object-src 'none'; font-src 'self' data:"
            },
            {
              "name": "x-content-security-policy",
              "value": "; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; default-src 'self'; frame-src redash.io; img-src 'self' http: https: data:; object-src 'none'; font-src 'self' data:"
            },
            {
              "name": "referrer-policy",
              "value": "strict-origin-when-cross-origin"
            },
            {
              "name": "strict-transport-security",
              "value": "max-age=31536000"
            },
            {
              "name": "via",
              "value": "1.1 google"
            },
            {
              "name": "alt-svc",
              "value": "clear"
            },
            {
              "name": "X-Firefox-Spdy",
              "value": "h2"
            }
          ],
          "cookies": [],
          "content": {
            "mimeType": "text/html",
            "size": 141,
            "text": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>429 Too Many Requests</title>\n<h1>Too Many Requests</h1>\n<p>50 per 1 hour</p>\n"
          },
          "redirectURL": "",
          "headersSize": 881,
          "bodySize": 1022
        },
        "cache": {},
        "timings": {
          "blocked": 63,
          "dns": 30,
          "connect": 14,
          "ssl": 18,
          "send": 0,
          "wait": 46,
          "receive": 0
        },
        "time": 171,
        "_securityState": "secure",
        "serverIPAddress": "34.95.121.147",
        "connection": "443"
      },
      {
        "pageref": "page_1",
        "startedDateTime": "2020-02-03T08:52:57.834-08:00",
        "request": {
          "bodySize": 0,
          "method": "GET",
          "url": "https://sql.telemetry.mozilla.org/favicon.ico",
          "httpVersion": "HTTP/2.0",
          "headers": [
            {
              "name": "Host",
              "value": "sql.telemetry.mozilla.org"
            },
            {
              "name": "User-Agent",
              "value": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0"
            },
            {
              "name": "Accept",
              "value": "image/webp,*/*"
            },
            {
              "name": "Accept-Language",
              "value": "en-US,en;q=0.5"
            },
            {
              "name": "Accept-Encoding",
              "value": "gzip, deflate, br"
            },
            {
              "name": "DNT",
              "value": "1"
            },
            {
              "name": "Connection",
              "value": "keep-alive"
            }
          ],
          "cookies": [],
          "queryString": [],
          "headersSize": 0
        },
        "response": {
          "status": 302,
          "statusText": "Found",
          "httpVersion": "HTTP/2.0",
          "headers": [
            {
              "name": "server",
              "value": "openresty/1.15.8.1"
            },
            {
              "name": "date",
              "value": "Mon, 03 Feb 2020 16:00:18 GMT"
            },
            {
              "name": "content-type",
              "value": "text/html; charset=utf-8"
            },
            {
              "name": "content-length",
              "value": "337"
            },
            {
              "name": "location",
              "value": "https://sql.telemetry.mozilla.org/login?next=https%3A%2F%2Fsql.telemetry.mozilla.org%2Ffavicon.ico"
            },
            {
              "name": "x-frame-options",
              "value": "deny"
            },
            {
              "name": "x-xss-protection",
              "value": "1; mode=block"
            },
            {
              "name": "x-content-type-options",
              "value": "nosniff"
            },
            {
              "name": "x-download-options",
              "value": "noopen"
            },
            {
              "name": "content-security-policy",
              "value": "; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; default-src 'self'; frame-src redash.io; img-src 'self' http: https: data:; object-src 'none'; font-src 'self' data:"
            },
            {
              "name": "x-content-security-policy",
              "value": "; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; default-src 'self'; frame-src redash.io; img-src 'self' http: https: data:; object-src 'none'; font-src 'self' data:"
            },
            {
              "name": "referrer-policy",
              "value": "strict-origin-when-cross-origin"
            },
            {
              "name": "strict-transport-security",
              "value": "max-age=31536000"
            },
            {
              "name": "via",
              "value": "1.1 google"
            },
            {
              "name": "alt-svc",
              "value": "clear"
            },
            {
              "name": "X-Firefox-Spdy",
              "value": "h2"
            }
          ],
          "cookies": [],
          "content": {
            "mimeType": "text/html",
            "size": 141,
            "text": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>429 Too Many Requests</title>\n<h1>Too Many Requests</h1>\n<p>50 per 1 hour</p>\n"
          },
          "redirectURL": "https://sql.telemetry.mozilla.org/login?next=https%3A%2F%2Fsql.telemetry.mozilla.org%2Ffavicon.ico",
          "headersSize": 0,
          "bodySize": 141
        },
        "cache": {},
        "timings": {
          "blocked": 0,
          "dns": 0,
          "ssl": 0,
          "connect": 0,
          "send": 0,
          "wait": 0,
          "receive": 0
        },
        "time": 0,
        "_securityState": "secure"
      },
      {
        "pageref": "page_1",
        "startedDateTime": "2020-02-03T08:52:57.846-08:00",
        "request": {
          "bodySize": 0,
          "method": "GET",
          "url": "https://sql.telemetry.mozilla.org/login?next=https%3A%2F%2Fsql.telemetry.mozilla.org%2Ffavicon.ico",
          "httpVersion": "HTTP/2",
          "headers": [
            {
              "name": "Host",
              "value": "sql.telemetry.mozilla.org"
            },
            {
              "name": "User-Agent",
              "value": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0"
            },
            {
              "name": "Accept",
              "value": "image/webp,*/*"
            },
            {
              "name": "Accept-Language",
              "value": "en-US,en;q=0.5"
            },
            {
              "name": "Accept-Encoding",
              "value": "gzip, deflate, br"
            },
            {
              "name": "DNT",
              "value": "1"
            },
            {
              "name": "Connection",
              "value": "keep-alive"
            },
            {
              "name": "TE",
              "value": "Trailers"
            }
          ],
          "cookies": [],
          "queryString": [
            {
              "name": "next",
              "value": "https://sql.telemetry.mozilla.org/favicon.ico"
            }
          ],
          "headersSize": 332
        },
        "response": {
          "status": 429,
          "statusText": "No Reason Phrase",
          "httpVersion": "HTTP/2",
          "headers": [
            {
              "name": "server",
              "value": "openresty/1.15.8.1"
            },
            {
              "name": "date",
              "value": "Mon, 03 Feb 2020 16:52:57 GMT"
            },
            {
              "name": "content-type",
              "value": "text/html"
            },
            {
              "name": "content-length",
              "value": "141"
            },
            {
              "name": "x-frame-options",
              "value": "deny"
            },
            {
              "name": "x-xss-protection",
              "value": "1; mode=block"
            },
            {
              "name": "x-content-type-options",
              "value": "nosniff"
            },
            {
              "name": "x-download-options",
              "value": "noopen"
            },
            {
              "name": "content-security-policy",
              "value": "; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; default-src 'self'; frame-src redash.io; img-src 'self' http: https: data:; object-src 'none'; font-src 'self' data:"
            },
            {
              "name": "x-content-security-policy",
              "value": "; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; default-src 'self'; frame-src redash.io; img-src 'self' http: https: data:; object-src 'none'; font-src 'self' data:"
            },
            {
              "name": "referrer-policy",
              "value": "strict-origin-when-cross-origin"
            },
            {
              "name": "strict-transport-security",
              "value": "max-age=31536000"
            },
            {
              "name": "via",
              "value": "1.1 google"
            },
            {
              "name": "alt-svc",
              "value": "clear"
            },
            {
              "name": "X-Firefox-Spdy",
              "value": "h2"
            }
          ],
          "cookies": [],
          "content": {
            "mimeType": "text/html",
            "size": 141,
            "text": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n<title>429 Too Many Requests</title>\n<h1>Too Many Requests</h1>\n<p>50 per 1 hour</p>\n"
          },
          "redirectURL": "",
          "headersSize": 881,
          "bodySize": 1022
        },
        "cache": {},
        "timings": {
          "blocked": 0,
          "dns": 0,
          "connect": 0,
          "ssl": 0,
          "send": 0,
          "wait": 46,
          "receive": 0
        },
        "time": 46,
        "_securityState": "secure",
        "serverIPAddress": "34.95.121.147",
        "connection": "443"
      }
    ]
  }
}
jezdez commented 4 years ago
Thanks for raising this, I can't reproduce this locally either in normal or private mode, so I'm gonna have to ping @jasonthomas to check if anything changed on the Auth0 side of things?
hwine commented 4 years ago
can't repro via curl, and now works from browser as well.
jezdez commented 4 years ago
Closing as.. heisenbug.
hwine commented 4 years ago
based on deeper log analysis by @jasonthomas, it looks like this was caused by an open redash query I had in another window/tab. The 'autorefresh' on that tab continually failed auth, leading to consumption of all 50/hour allotments.
Separately from digging into this issue, I had closed that tab, and eventually the hour expired.
hwine commented 4 years ago
It seemed odd that Firefox followed a redirect from a 429 response, so filed a bug
mozilla / redash

Can't log in: code 429 "Too many requests" #999
