obtaining the access token fails, normal JSON post works
strikegun opened this issue · 2 comments
For a API access token request I get my token from the homeserver.
But its not working from corporal side. I get following output from the corporal
INFO[0000] Starting HTTP Gateway Server on 0.0.0.0:41080
INFO[0000] Starting HTTP API Server on 0.0.0.0:41081
INFO[0000] Started store-driven reconciler
INFO[0000] Starting policy provider: static_file
INFO[0000] Store-driven reconciler received a new policy from the store
INFO[0000] Reconciling..
INFO[0000] Request user.obtain_access_token hit a rate limit, will retry in 5 seconds
INFO[0005] Request user.obtain_access_token hit a rate limit, will retry in 10 seconds
INFO[0015] Request user.obtain_access_token hit a rate limit, will retry in 15 seconds
INFO[0030] Request user.obtain_access_token hit a rate limit, will retry in 20 seconds
DEBU[0030] HTTP gateway: serving Matrix Corporal info page method=GET uri=/_matrix/client/corporal
INFO[0050] Request user.obtain_access_token hit a rate limit, will retry in 25 seconds
DEBU[0060] HTTP gateway: serving Matrix Corporal info page method=GET uri=/_matrix/client/corporal
ERRO[0075] Request user.obtain_access_token failed after 5 retries: contents=[123 34 101 114 114 99 111 100 101 34 58 34 77 95 76 73 77 73 84 95 69 88 67 69 69 68 69 68 34 44 34 101 114 114 111 114 34 58 34 84 111 111 32 77 97 110 121 32 82 101 113 117 101 115 116 115 34 44 34 114 101 116 114 121 95 97 102 116 101 114 95 109 115 34 58 50 48 49 49 50 50 125] msg=Failed to POST JSON to /_matrix/client/r0/login code=429 wrapped=M_LIMIT_EXCEEDED: Too Many Requests
WARN[0075] Reconciliation failed: Failure determining current state: could not obtain access token for `@waldcorporal:myserver.de`, necessary for obtaining a token for `@tester.mueller:myserver.de`: contents=[123 34 101 114 114 99 111 100 101 34 58 34 77 95 76 73 77 73 84 95 69 88 67 69 69 68 69 68 34 44 34 101 114 114 111 114 34 58 34 84 111 111 32 77 97 110 121 32 82 101 113 117 101 115 116 115 34 44 34 114 101 116 114 121 95 97 102 116 101 114 95 109 115 34 58 50 48 49 49 50 50 125] msg=Failed to POST JSON to /_matrix/client/r0/login code=429 wrapped=M_LIMIT_EXCEEDED: Too Many Requests
INFO[0075] Will retry reconciliation after 3000 ms..
INFO[0078] Retrying reconciliation..
INFO[0078] Request user.obtain_access_token hit a rate limit, will retry in 5 seconds
Any idea what couold cause this?
Thanks
I found in the homeserver logs this
2023-11-21 02:47:03,296 - synapse.http.server - 120 - INFO - POST-334 - <XForwardedForRequest at 0x7f76cc30d120 method='POST' uri='/_matrix/client/r0/login' clientproto='HTTP/1.1' site='8008'> SynapseError: 429 - Too Many Requests
I placed the Corporal UserId into the ratelimit_overwrite to 0, but still I get the "Too Many Requets"
Perhaps you're hitting the rate limit with another user?
matrix-corporal tries to impersonate other users by authenticating via matrix-synapse-shared-secret-auth. It's likely that these login requests are hitting rate limits.
It's probably a good idea to raise the global rate limits somewhat.
A better solution would probably be for us to change the way matrix-corporal works, so that it's an appservice and can impersonate users that way (instead of going through the regular flow and being subjected to rate limits).