nanos
commented
4 months ago Did you generate your api key through the Development section of your Mastodon dashboard, or through some other way?
Closed colinstu12 closed 3 months ago
nanos
commented
4 months ago Did you generate your api key through the Development section of your Mastodon dashboard, or through some other way?
colinstu12
commented
4 months ago via https://
nanos
commented
4 months ago Can you open the FediFetcher application and click ‘Regenerate access token’ please. Then provide that new access token to your FediFetcher configuration.
colinstu12
commented
4 months ago Regenerated the access token, plugged that into the config, re-ran it, unfortunately this same error has come up again still.
2024-02-25 18:24:29.157945 UTC: Error adding url https://birdbutt.com/api/v2/search?q=https://mastodon.social/@the_other_jon/111989424779963125&resolve=true&limit=1 to server birdbutt.com. Status code: 403. Make sure you have the read:search scope enabled for your access token.
2024-02-25 18:25:24.737169 UTC: Error adding url https://birdbutt.com/api/v2/search?q=https://mastodon.social/@the_other_jon/111992167983915056&resolve=true&limit=1 to server birdbutt.com. Status code: 403. Make sure you have the read:search scope enabled for your access token.
2024-02-25 18:26:18.158032 UTC: Error adding url https://birdbutt.com/api/v2/search?q=https://furs.social/@gothodile/111989398219128953&resolve=true&limit=1 to server birdbutt.com. Status code: 403. Make sure you have the read:search scope enabled for your access token.
I am really sorry, but I'm not sure what else to suggest:
If you are getting back a 403 from the server, then the server thinks that your access token doesn't have permission for this action.
You could try to give your token simple read access (don't forget to re-generate the token after every change you make), or to simply make a completely new one.
The only other thing that could cause a 403 error if your token does have the correct permissions (and you've regenerated the token after you made the last change) is that there might be a proxy server in between that might be generating the error, but that would be weird, to put it mildly.
colinstu12
commented
4 months ago It already has read access (the one with caption "read all your account's data") as well. I do have haproxy between the masto instance and router, so I can serve up more than one application to different domains, and cloudflare CDN in front of the router as well. These have been the only Status 403 errors I've seen logged. The only other status code errors I see logged sometimes are for 404 (and when I navigate to those URLs, those toots are indeed deleted, or domain not accessible at all) and rarely a 503 (and when I navigate to that one, their application is indeed down).
Unfortunately not sure if I'm able to further test this right now, after 2024-02-26 03:02:35 there were no more hits in log for the "gothodile" entry, after 2024-02-26 13:02:27 one of the two "the_other_jon" hits stopped being logged, and then a few hours after that they've fallen off entirely.
What would a successful log entry look like when "read:search scope" is used? Perhaps I can see if it's ever successful and compare / see what's different between successful and unsuccessful attempts?
nanos
commented
4 months ago These have been the only Status 403 errors I've seen logged.
Sorry, are you saying that FediFetcher otherwise backfills fine, and it's just those three URLs where it fails with 403?
What would a successful log entry look like when "read:search scope" is used?
The read:search scope is used for literally every single status that is back-filled into your instance. It's the mechanism through which FediFetcher works: by searching for the remote status forcing your instance to get it, if it doesn't already have it. Which would make this so unusual.
A normal log line that successfully adds a status would look like this:
Added context url https://mstdn.ca/@Jgmeadows/111997970142019866Every time FediFetcher 'adds' a status, it uses search.
nanos
commented
3 months ago @colinstu12 have you ever managed to resolve this? Is this still happening?
colinstu12
commented
3 months ago @nanos Crazily enough, every time it runs it still reports the same error with the same three toots listed in the first post. It indeed has those permissions, I've completely regenerated the tokens, it successfully processes and updates stuff just like expected. I don't know what it is about these three particular entries that seem to be causing a problem.
Edit: I just tried manually going into the masto interface and loading that URL, getting a 403 as well even from there. Even though I can manually navigate to that url. Welp I don't think it's a fedifetcher issue anymore!
nanos
commented
3 months ago Thanks for the feedback @colinstu12 !
Very strange. I wonder whether the specific user(s) has/have you blocked? Though I didn't think that mastodon would respond with a 403 in that case...
colinstu12
commented
3 months ago I'm able to retrieve in other posts from the specific account(s) and from that instance(s).
nanos
commented
3 months ago In that case I have absolutely 0 idea. Have you checked your mastodon instance logs? They might be able to tell you something.
colinstu12
commented
3 months ago Actually I take that back, I was checking the profiles/posts under the admin panel and other accounts, they would load. But they must be blocking the account however. Is there any way to ignore these posts by accounts that have blocked me? Or for it to check if I've been blocked by them and then avoid trying to process those?
nanos
commented
3 months ago Is there any way to ignore these posts by accounts that have blocked me? Or for it to check if I've been blocked by them and then avoid trying to process those?
Not at the moment. Honestly, I'd just ignore those errors. Now you know what's causing them ...
Getting these errors but the read:search scope is indeed enabled for this access token.
These posts do indeed exist / load (at least when I try manually navigating to them).
Ideas?