bunq/sdk_php

Rate limiting in API context logic

Opened this issue · 0 comments

So my logic to handle the API context and keep it up-to-date is as follows:

public static function loadApiContext()
{
    $filePath = BUNQ_API_CONTEXT_PATH;
    if (!static::validateExistingContext($filePath))
    {
        $apiContext = ApiContext::createForPsd2(
            BunqEnumApiEnvironmentType::PRODUCTION(),
            SecurityUtil::getCertificateFromFile(PSD2_SIGNING_CERTIFICATE_PATH),
            new PrivateKey(static::getPrivateKey()),
            [SecurityUtil::getCertificateFromFile(PSD2_CA_CHAIN_PATH)],
            DESCRIPTION
        );
        $apiContextJson = $apiContext->toJson();
        Storage::put($filePath, $apiContextJson); // Laravel storage (verified to be working).
        BunqContext::loadApiContext($apiContext);
    }
}

protected static function validateExistingContext($filePath)
{
    if (Storage::exists($filePath))
    {
        $apiContextJson = Storage::get($filePath); // Retrieve existing context from storage.
        $apiContext = ApiContext::fromJson($apiContextJson);

        try
        {
            $currentContext = BunqContext::getApiContext();
            if ($currentContext->getApiKey() === $apiContext->getApiKey())
                return true;
        }
        catch (BunqException $e) { }

        if ($apiContext->ensureSessionActive())
        {
            $apiContextJson = $apiContext->toJson();
            Storage::put($filePath, $apiContextJson);
        }
        BunqContext::loadApiContext($apiContext); // Source of error.

        return true;
    }

    return false;
}

This occasionally leads to a TooManyRequestsException on the final BunqContext::loadApiContext in validateExistingContext. This is due to the User::listing call in UserContext.

Now I'm wondering if there are any flaws in the methods I'm using. This seems to happen sometimes when the context doesn't even need to be refreshed.

We're using the bunq API as an AISP under PSD2. My question on bunq together didn't get any answers from bunq. Please make sure my question gets addressed.

Traceback

SDK version and environment

  • Tested on 0.12.4
  • Sandbox
  • Production

Response id

  • c87a2dae-c1e8-4e01-90f2-c4dff9bfae40
  • f2e94270-2856-4503-8bd3-c7f7836c53c2
  • c196e537-1c28-4831-8daa-599576df8af0
  • e50dd4f2-6a5c-4052-a13a-f96d4b1f8b1d
  • Many more