I am getting this error in response when calling amazon product advertising api from nodejs sdk.
Error calling PA-API 5.0!
Printing Full Error Object:
{
"status": 429,
"response": {
"req": {
"method": "POST",
"url": "https://webservices.amazon.com/paapi5/getitems",
"data": {
"ItemIds": [
"B075LRK2QK"
],
"PartnerTag": "raassnabct-21",
"PartnerType": "Associates",
"Condition": "New",
"Resources": [
"Images.Primary.Medium"
]
},
"headers": {
"user-agent": "paapi5-nodejs-sdk/1.0.0",
"authorization": "AWS4-HMAC-SHA256 Credential=MY_KEY/20191215/us-east-1/ProductAdvertisingAPI/aws4_request, SignedHeaders=content-encoding;content-type;host;x-amz-date;x-amz-target, Signature=030b9f07a2336302a6d8855e216e602589960bf919dc9e700daac6155dcce1a2",
"content-encoding": "amz-1.0",
"content-type": "application/json; charset=utf-8",
"host": "webservices.amazon.com",
"x-amz-target": "com.amazon.paapi5.v1.ProductAdvertisingAPIv1.GetItems",
"x-amz-date": "20191215T111055Z",
"accept": "application/json"
}
},
"header": {
"server": "Server",
"date": "Sun, 15 Dec 2019 11:10:54 GMT",
"content-type": "application/json",
"content-length": "193",
"connection": "close",
"x-amzn-requestid": "0ada8ea0-944f-47a2-bbef-acc0f5d984a9",
"vary": "Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent",
"content-encoding": "gzip",
"x-amz-rid": "JTD0DAVWEB1CMXK1F5BW"
},
"status": 429,
"text": "{\"__type\":\"com.amazon.paapi5#TooManyRequestsException\",\"Errors\":[{\"Code\":\"TooManyRequests\",\"Message\":\"The request was denied due to request throttling. Please verify the number of requests made per second to the Amazon Product Advertising API.\"}]}"
}
}
Status Code: 429
Error Object: "{\"__type\":\"com.amazon.paapi5#TooManyRequestsException\",\"Errors\":[{\"Code\":\"TooManyRequests\",\"Message\":\"The request was denied due to request throttling. Please verify the number of requests made per second to the Amazon Product Advertising API.\"}]}"
And the code is
var ProductAdvertisingAPIv1 = require('./src/index');
var defaultClient = ProductAdvertisingAPIv1.ApiClient.instance;
defaultClient.accessKey = 'accessKey';
defaultClient.secretKey = 'secretKey';
defaultClient.host = 'webservices.amazon.com';
defaultClient.region = 'us-east-1';
var api = new ProductAdvertisingAPIv1.DefaultApi();
var getItemsRequest = new ProductAdvertisingAPIv1.GetItemsRequest();
getItemsRequest['PartnerTag'] = 'raassnacbt-21';
getItemsRequest['PartnerType'] = 'Associates';
getItemsRequest['ItemIds'] = ['B075LRK2QK'];
getItemsRequest['Condition'] = 'New';
getItemsRequest['Resources'] = ['Images.Primary.Medium', 'ItemInfo.Title', 'Offers.Listings.Price'];
function parseResponse(itemsResponseList) {
var mappedResponse = {};
for (var i in itemsResponseList) {
mappedResponse[itemsResponseList[i]['ASIN']] = itemsResponseList[i];
}
return mappedResponse;
}
try {
api.getItems(getItemsRequest, callback);
} catch (ex) {
console.log("Exception: " + ex);
}
I am getting "too many requests" error even when making just one. also tried to run this on server just in case it had something to do with localhost. there is no manual modification, it is just the sdk code with my credentials. any idea what might be the issue?
This is a very common problem people face while using Amazon product API. Amazon works on a very different algorithm. It allocates API threshold/ usage limit based on the commission you have earned through amazon. Once your allocated limit is exhausted, you will receive such errors.
To fix this, ask your friend to buy through your affiliate link. You will get some threshold.
Old topic, but maybe can be useful. I realized this error is also shown when authentication failed. So it is necessary to take into account that associate IDs are only active in a concrete region and also that new generated API Keys can take until 72h to be really active, so check these points if necessary apart from the quota stuff the other users mentioned.
Related
I am developing a JAMStack project using keystonejs 6 and nuxtjs. As we know, keystonejs uses prisma and graphql (I guess apollo) to serve CRUD (generic) actions on our data model. So it makes the apis (even graphql or rest) and the errors generated are also generated by keystonejs. Now the problem is when the client send a wrong request to keystonjs, then it will help the client to correct the query and gives hints on it. For example if I query the next request:
await fetch("https://host:port/api/graphql", {
"credentials": "include",
"headers": {
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0",
"Accept": "*/*",
"Accept-Language": "en-US,en;q=0.5",
"Content-Type": "application/json",
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "same-site"
},
"referrer": "https://host:port/",
"body": "{\"operationName\":null,\"variables\":{},\"query\":\"{\\n navigationMenus(where: {status: {not: {equals: \\\"invisible\\\"}}}) {\\n ida\\n title\\n pageURL\\n childrenCount\\n parent {\\n id\\n pageURL\\n __typename\\n }\\n __typename\\n }\\n}\\n\"}",
"method": "POST",
"mode": "cors"
});
as the field ida is not valid, is returns a bad request error with status code 400 (which is ok) and also helps the client with the following response:
errors [ {…} ]
0 Object { message: "Cannot query field \"ida\" on type \"NavigationMenu\". Did you mean \"id\"?", locations: […], extensions: {…} }
message "Cannot query field \"ida\" on type \"NavigationMenu\". Did you mean \"id\"?"
locations [ {…} ]
0 Object { line: 3, column: 5 }
line 3
column 5
extensions Object { code: "GRAPHQL_VALIDATION_FAILED" }
code "GRAPHQL_VALIDATION_FAILED"
So this will lead to some vulnerabilities since if I forget to make currect access controls on some fields, attacker may find field names with some tries and access to those data.
Although I can understand that this is not a very big issue, but is there a way to turn graphql hints off on production?
Keystone is build on top of Apollo and lets you pass additional config though to the Apollo server on start via the graphql.apolloConfig config option:
graphql.apolloConfig (default: undefined): Allows you to pass extra options into the ApolloServer constructor.
– Keystone 6: System Configuration API docs
This can be used to modify the Apollo error handling behaviour and replace it with your own. A simple example may look like this:
import { config } from '#keystone-next/keystone';
import { lists } from './schema';
import { ValidationError } from 'apollo-server-express';
import { GraphQLError } from 'graphql';
export default config({
db: {
provider: 'sqlite',
url: process.env.DATABASE_URL,
},
lists,
graphql: {
apolloConfig: {
formatError: (error: GraphQLError): any => {
if (error instanceof ValidationError) {
return new ValidationError('Invalid request.');
}
}
}
}
});
Any GraphQL queries that attempt to access non-existent field will then receive the response:
{
"errors": [
{
"message": "Invalid request.",
"extensions": {
"code": "GRAPHQL_VALIDATION_FAILED"
}
}
],
"data": null
}
The general problem of Apollo leaking data in this way is being tracked in the Apollo repo, eg: Validation errors can be used to get schema details #2247. It sounds like progress is being made.
So I have an Azure Function that calls Microsoft Maps API and it works (sometimes). However at times it throws this error during the request. Please advise.
My Code:
const options =
{
host: 'atlas.microsoft.com', //added this later
headers: { 'x-ms-client-id': client_id }
}
//url to get lat/long
let url = 'https://atlas.microsoft.com/search/fuzzy/json?api-version=1.0&subscription-key=' + subscription_key + '&query=' + address + ' USA'
//make req
let res = await axios.get(url, options)
Response/Error:
{
"error": {
"message": "connect ETIMEDOUT XX.XXX.XX.XX:XXX",
"name": "Error",
"stack": "Error: connect ETIMEDOUT XX.XXX.XX.XX:XXX\n at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1141:16)",
"config": {
"url": "https://atlas.microsoft.com/search/fuzzy/json?api-version=1.0&subscription-key=myKey&query=myQuery",
"method": "get",
"headers": {
"Accept": "application/json, text/plain, */*",
"x-ms-client-id": myClientID,
"User-Agent": "axios/0.19.2"
},
"transformRequest": [
null
],
"transformResponse": [
null
],
"timeout": 0,
"xsrfCookieName": "XSRF-TOKEN",
"xsrfHeaderName": "X-XSRF-TOKEN",
"maxContentLength": -1,
"host": "atlas.microsoft.com"
},
"code": "ETIMEDOUT"
}
}
The solution to my timeout problem was adding
host:'atlas.microsoft.com
into my headers for all of my calls. 99% of the connection errors went away. I also reached out to Mircosoft support and they said it doesn't matter if you're using S0 or S1 there is no throttling so that shouldn't make a difference. Currently support is investigating why adding the host part into request headers made such a difference. Will update later with their response.
I asked a similar question and figured out here some additional details.
I saw your request url has subscription-key, and I think you don't need options any more.
According to my test, your problem is not reproduced. The pricing tiers of my Azure Maps service is S1. So I guess the possible reason for your problem.
1. pricing tiers.
Suggest: You can change your pricing tiers.
2. The service of Azure Map is abnormal.
Suggest: It is recommended to raise a support ticket in portal, ask if there is any abnormal service in this area, and check your service log.
Below are my test results.
I tested it and my test url like https://atlas.microsoft.com/search/fuzzy/json?api-version=1.0&query=seattle&subscription-key=WCzM8k*******nnSYn4. I just request via chrome browser and get response.
And I also test by axios and it works fine.
I've got a really simple Logic app:
HTTP request (works as end-point web hook for Slack)
Send request from Slack (URI) to Service Bus queue
I haven't made any changes in Logic App but Send message action suddenly started reporting this error:
Decoding as string is not supported for content envelope of type
'application/x-www-form-urlencoded'.
Send message is defined like that:
"Send_message": {
"inputs": {
"body": {
"Label": "#{triggerBody()}"
},
...
I see only difference in request outputs:
BEFORE
Headers
{
"Accept": "*/*",
"User-Agent": "Slackbot,1.0,(+https://api.slack.com/robots)",
"Content-Type": "application/x-www-form-urlencoded"
...
}
Body
{
"$content-type": "application/x-www-form-urlencoded",
"$content": "dG9r..."
}
NOW
Headers
{
"Accept": "*/*",
"User-Agent": "Slackbot,1.0,(+https://api.slack.com/robots)",
"Content-Type": "application/x-www-form-urlencoded"
...
}
Body
{
"$content-type": "application/x-www-form-urlencoded",
"$content": "dG9r...",
"$formdata": [
{
"key": "token",
"value": "..."
},
{
"key": "team_id",
"value": "..."
},
{
"key": "trigger_word",
"value": "!"
},
...
]
}
$formdata is now a part of the output of Request as JSON array consisting of all query parameters.
Does anyone have any ideas? I would greatly appreciate any help to make it work again.
Edit: West Europe fixed and working
Yes, in the effort to have native support for x-www-form-urlencoded data in the runtime there was a bug that was recently released. We are rolling back and patching now. Can you send me an email so we can target your region for a fix, and share a workaround? Apologies in advance - as a general rule we never want to ship anything that will break existing logic apps. In this case adding some new metadata around form-data no longer allowed people to stringify x-www-form-urlencoded data (which is what you are doing here).
I have a small logic app which is meant to fetch data from somewhere and store it on blob. I then would like to send the URL to all devices via push notification. I wish to send the URL as a raw notification, so on the app/background task, i can do some processiong.
The problem is when i use logic app to create a http POST request to send a notification, i get a 400 error. The same header with authentication and etc, with the payload and URL works fine on a POSTMAN or REST API CLIENT. THe following are the inputs and outputs. Please help. Brain dead already.
This is the input.
{
"uri": "https://xxoppoc.servicebus.windows.net/xxopPOC/messages/?api-version=2015-01",
"method": "POST",
"headers": {
"Authorization": "SharedAccessSignature sr=sb%3a%2f%2fxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxt%2f&sig=qEnxxxxxxxxxxxx&skn=DefaultFullSharedAccessSignature",
"Content-Type": "application/octet-stream",
"ServiceBusNotification-Format": "windows",
"ServiceBusNotification-Tags": "MyTag",
"X-WNS-Type": "wns/raw"
},
"body": "Some Raw Information. Hello World"
}
This is the output:
{
"statusCode": 400,
"headers": {
"transfer-Encoding": "chunked",
"date": "Wed, 30 Mar 2016 14:10:41 GMT",
"server": "Microsoft-HTTPAPI/2.0"
},
"body": {
"$content-type": "application/xml; charset=utf-8",
"$content": "PEVycm9yPjxDb2RlPjQwMDwvQ29kZT48RGV0YWlsPlRoZSBjb250ZW50IHR5cGUgZm9yIGEgJ3ducy9yYXcnIG5vdGlmaWNhdGlvbiBtdXN0IGJlICdhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0nLlRyYWNraW5nSWQ6NTNmNjhlMGItNDc1MC00ZDRkLWJiNTAtMzJjNTBmOGIyNDk1X0czLFRpbWVTdGFtcDozLzMwLzIwMTYgMjoxMDo0MSBQTTwvRGV0YWlsPjwvRXJyb3I+"
}
}
Let me mention again, I got the authentication correct as it works on Advanced REST Client on chrome and POSTMAN. The above logic app also works if i send a wns/toast notification with xml as its content-type. I however need it to be a wns/raw notification. Please help. Thank you
EDIT/PROGRESS
Thanks to MichaelB, We figured out that the content-type is being modified. I sent the request to a different URL to look at the header. The following was observed:
Content-Type: application/octet-stream; charset=utf-8
If I use the above Content-Type on POSTMAN. It actually fails as well. So this could be 1 step. Why is Azure Logic Apps adding charset-utf-8 to the end of my content type. Can I stop it?
I'm having trouble getting the format right for a chrome extension using the Google Calendar API. I have an OAuth2 access token (which is valid, I can test that with tokenInfo), but am having trouble. I'm using a proprietary framework to build the extension, which complicates things, but maybe you could help me find out what information I'm missing:
var eventParams = e.data,
request = {
'method' : 'POST',
'async' : true,
'url': 'https://www.googleapis.com/calendar/v3/calendars/'+CAL_ID + '/events',
'headers': {
'Authorization' : TOKEN
},
'params': eventParams
};
My token looks like this:
{↵ "issued_to": "831101123055-874tukfvuvkma6s0l7m70iqlc3lirnkc.apps.googleusercontent.com",↵ "audience": "831101123055-874tukfvuvkma6s0l7m70iqlc3lirnkc.apps.googleusercontent.com",↵ "scope": "https://www.googleapis.com/auth/calendar",↵ "expires_in": 3600,↵ "access_type": "offline"↵}
The error I'm getting is:
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
I'm not really sure why that's the case, because my request is authenticated. Am I not passing the token correctly? Someone has suggested that I need to include an API key, but my understanding is that API keys are only for apps requiring public access and don't need access to user data, and that OAuth2 takes the place of an API key.
I'd appreciate any help you guys can offer! Thank you!
Turns out the error was kind of anomalous, the problem turned out to be with the data type. The correct syntax was:
var eventParams = e.data,
request = {
'method' : 'POST',
'async' : true,
'url': 'https://www.googleapis.com/calendar/v3/calendars/' + CAL_ID + '/events',
'headers': {
'Authorization' : TOKEN_TYPE+' '+ TOKEN,
'Content-Type': 'application/json'
},
'contentType': 'json',
'params': JSON.stringify(eventParams)
};
Please make sure that you have calendar API enabled in the developers console:
https://console.developers.google.com