API rate limit - Githubissues

slapperwan / gh4a

Github client for Android

Apache License 2.0

1.71k stars 220 forks source link

API rate limit #717

Closed MattiaPrimavera closed 1 year ago

MattiaPrimavera commented 7 years ago

I get the following often pretty soon when developing ...

API rate limit exceeded for IP_ADDRESS. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.) (403)
                                                org.eclipse.egit.github.core.client.RequestException: API rate limit exceeded for IP_ADDRESS. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.) (403)

The documentation reports the following:

Increasing the unauthenticated rate limit for OAuth applications If your OAuth application needs to make unauthenticated calls with a higher rate limit, you can pass your app's client ID and secret as part of the query string.

curl -i 'https://api.github.com/users/whatever?client_id=xxxx&client_secret=yyyy'
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2013 17:27:06 GMT
Status: 200 OK
X-RateLimit-Limit: 5000 # Instead of 60
X-RateLimit-Remaining: 4966
X-RateLimit-Reset: 1372700873

Did i miss anything ?

Tunous commented 7 years ago

Are you logged in?

maniac103 commented 7 years ago

Probably not. His point likely is that we should amend client ID and secret to the API calls if we're not logged in ... I'm not sure whether I'm a fan of that :-/

MattiaPrimavera commented 7 years ago

Well that could help testing the app without login if not needed ... the real problem here is I get redirected to the browser github authorization page, but the green button to authorize Octodroid_dev access to my account is disabled ... Sorry for the question, but should I need special rights for it ?

Tunous commented 7 years ago

Did you register application correctly as described in readme?

MattiaPrimavera commented 7 years ago

apparently the issue is occurring within the emulator only :S, works on real device ...

smichel17 commented 7 years ago

@MattiaPrimavera I had the same issue and it's a problem with the webview. Download firefox and it'll work fine. (Note: firefox klar will not work since it renders the page with the system webview)

notramo commented 7 years ago

On the oauth page, the green button is enabled only if you have read all things that the app will have access to. But the categories can't be expanded, because webview has a bug. I havent got firefox installed, so here's my solution:

i logged in with the browser on the phone, it saved cookies
sent the uri to my desktop
logged in on desktop, expanded the categories of permissions, accepted them
went back to the phone, and authorized again

A notification should be added to this app that informs the user about the webiew bug, and gives him possible solutions.

Fs00 commented 1 year ago

To get a higher rate limit for unauthenticated requests, nowadays the client ID and client secret need to be passed via basic authentication header (and not via query parameters anymore). Since that doesn't seem to be an insecure way to send those credentials, would you accept a PR to implement it @maniac103?

maniac103 commented 1 year ago

Sure, it's not exactly secure, but not any more than using query parameters.