nitter/src/apiutils.nim

# SPDX-License-Identifier: AGPL-3.0-only
import httpclient, asyncdispatch, options, strutils, uri, times, math, tables
import jsony, packedjson, zippy, oauth1
import types, tokens, consts, parserutils, http_pool
import experimental/types/common

const
  rlRemaining = "x-rate-limit-remaining"
  rlReset = "x-rate-limit-reset"

var pool: HttpPool

proc genParams*(pars: openArray[(string, string)] = @[]; cursor="";
                count="20"; ext=true): seq[(string, string)] =
  result = timelineParams
  for p in pars:
    result &= p
  if ext:
    result &= ("include_ext_alt_text", "1")
    result &= ("include_ext_media_stats", "1")
    result &= ("include_ext_media_availability", "1")
  if count.len > 0:
    result &= ("count", count)
  if cursor.len > 0:
    # The raw cursor often has plus signs, which sometimes get turned into spaces,
    # so we need to turn them back into a plus
    if " " in cursor:
      result &= ("cursor", cursor.replace(" ", "+"))
    else:
      result &= ("cursor", cursor)

proc getOauthHeader(url, oauthToken, oauthTokenSecret: string): string =
  let
    encodedUrl = url.replace(",", "%2C").replace("+", "%20")
    params = OAuth1Parameters(
      consumerKey: consumerKey,
      signatureMethod: "HMAC-SHA1",
      timestamp: $int(round(epochTime())),
      nonce: "0",
      isIncludeVersionToHeader: true,
      token: oauthToken
    )
    signature = getSignature(HttpGet, encodedUrl, "", params, consumerSecret, oauthTokenSecret)

  params.signature = percentEncode(signature)

  return getOauth1RequestHeader(params)["authorization"]

proc genHeaders*(url, oauthToken, oauthTokenSecret: string): HttpHeaders =
  let header = getOauthHeader(url, oauthToken, oauthTokenSecret)

  result = newHttpHeaders({
    "connection": "keep-alive",
    "authorization": header,
    "content-type": "application/json",
    "x-twitter-active-user": "yes",
    "authority": "api.twitter.com",
    "accept-encoding": "gzip",
    "accept-language": "en-US,en;q=0.9",
    "accept": "*/*",
    "DNT": "1"
  })

template updateAccount() =
  if resp.headers.hasKey(rlRemaining):
    let
      remaining = parseInt(resp.headers[rlRemaining])
      reset = parseInt(resp.headers[rlReset])
    account.setRateLimit(api, remaining, reset)

template fetchImpl(result, fetchBody) {.dirty.} =
  once:
    pool = HttpPool()

  var account = await getGuestAccount(api)
  if account.oauthToken.len == 0:
    raise rateLimitError()

  try:
    var resp: AsyncResponse
    pool.use(genHeaders($url, account.oauthToken, account.oauthSecret)):
      template getContent =
        resp = await c.get($url)
        result = await resp.body

      getContent()

      if resp.status == $Http503:
        badClient = true
        raise newException(BadClientError, "Bad client")

    if result.len > 0:
      if resp.headers.getOrDefault("content-encoding") == "gzip":
        result = uncompress(result, dfGzip)
      else:
        echo "non-gzip body, url: ", url, ", body: ", result

    fetchBody

    release(account, used=true)

    if resp.status == $Http400:
      raise newException(InternalError, $url)
  except InternalError as e:
    raise e
  except BadClientError as e:
    release(account, used=true)
    raise e
  except Exception as e:
    echo "error: ", e.name, ", msg: ", e.msg, ", accountId: ", account.id, ", url: ", url
    if "length" notin e.msg and "descriptor" notin e.msg:
      release(account, invalid=true)
    raise rateLimitError()

proc fetch*(url: Uri; api: Api): Future[JsonNode] {.async.} =
  var body: string
  fetchImpl body:
    if body.startsWith('{') or body.startsWith('['):
      result = parseJson(body)
    else:
      echo resp.status, ": ", body, " --- url: ", url
      result = newJNull()

    updateAccount()

    let error = result.getError
    if error in {invalidToken, badToken}:
      echo "fetch error: ", result.getError
      release(account, invalid=true)
      raise rateLimitError()

    if body.startsWith("{\"errors"):
      let errors = body.fromJson(Errors)
      if errors in {invalidToken, badToken}:
        echo "fetch error: ", errors
        release(account, invalid=true)
        raise rateLimitError()
      elif errors in {rateLimited}:
        account.apis[api].limited = true
        account.apis[api].limitedAt = epochTime().int
        echo "rate limited, api: ", $api, ", reqs left: ", account.apis[api].remaining, ", id: ", account.id

proc fetchRaw*(url: Uri; api: Api): Future[string] {.async.} =
  fetchImpl result:
    if not (result.startsWith('{') or result.startsWith('[')):
      echo resp.status, ": ", result, " --- url: ", url
      result.setLen(0)

    updateAccount()

    if result.startsWith("{\"errors"):
      let errors = result.fromJson(Errors)
      if errors in {invalidToken, badToken}:
        echo "fetch error: ", errors
        release(account, invalid=true)
        raise rateLimitError()
Add license headers Closes #413 2021-12-27 01:37:38 +00:00			`# SPDX-License-Identifier: AGPL-3.0-only`
Track rate limits, reset after 24 hours 2023-08-20 09:56:42 +00:00			`import httpclient, asyncdispatch, options, strutils, uri, times, math, tables`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`import jsony, packedjson, zippy, oauth1`
Add http pool to reduce connection overhead 2020-11-07 20:31:03 +00:00			`import types, tokens, consts, parserutils, http_pool`
Simplify new error handling 2022-01-16 17:28:40 +00:00			`import experimental/types/common`
Refactor fetch helper, fix list pagination 2020-06-15 14:40:27 +00:00
Track token rate limits per endpoint 2022-01-05 21:48:45 +00:00			`const`
			`rlRemaining = "x-rate-limit-remaining"`
			`rlReset = "x-rate-limit-reset"`
In with the new 2020-06-01 00:16:24 +00:00
More cleanup 2022-01-02 10:21:03 +00:00			`var pool: HttpPool`
Add http pool to reduce connection overhead 2020-11-07 20:31:03 +00:00
Style fixes 2022-01-06 02:57:14 +00:00			`proc genParams*(pars: openArray[(string, string)] = @[]; cursor="";`
Use old api to optimize photo rails 2020-06-16 22:20:34 +00:00			`count="20"; ext=true): seq[(string, string)] =`
In with the new 2020-06-01 00:16:24 +00:00			`result = timelineParams`
			`for p in pars:`
			`result &= p`
Use old api to optimize photo rails 2020-06-16 22:20:34 +00:00			`if ext:`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 12:41:30 +00:00			`result &= ("include_ext_alt_text", "1")`
Use legacy timeline/user endpoint for Tweets tab 2023-08-08 00:09:56 +00:00			`result &= ("include_ext_media_stats", "1")`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 12:41:30 +00:00			`result &= ("include_ext_media_availability", "1")`
Use old api to optimize photo rails 2020-06-16 22:20:34 +00:00			`if count.len > 0:`
			`result &= ("count", count)`
Attempt to fix occasional cursor error 2021-12-28 07:07:15 +00:00			`if cursor.len > 0:`
			`# The raw cursor often has plus signs, which sometimes get turned into spaces,`
Only retry on 401 once 2022-12-19 09:07:24 +00:00			`# so we need to turn them back into a plus`
Attempt to fix occasional cursor error 2021-12-28 07:07:15 +00:00			`if " " in cursor:`
			`result &= ("cursor", cursor.replace(" ", "+"))`
			`else:`
			`result &= ("cursor", cursor)`
In with the new 2020-06-01 00:16:24 +00:00
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`proc getOauthHeader(url, oauthToken, oauthTokenSecret: string): string =`
			`let`
			`encodedUrl = url.replace(",", "%2C").replace("+", "%20")`
			`params = OAuth1Parameters(`
			`consumerKey: consumerKey,`
			`signatureMethod: "HMAC-SHA1",`
			`timestamp: $int(round(epochTime())),`
			`nonce: "0",`
			`isIncludeVersionToHeader: true,`
			`token: oauthToken`
			`)`
			`signature = getSignature(HttpGet, encodedUrl, "", params, consumerSecret, oauthTokenSecret)`

			`params.signature = percentEncode(signature)`

			`return getOauth1RequestHeader(params)["authorization"]`

			`proc genHeaders*(url, oauthToken, oauthTokenSecret: string): HttpHeaders =`
			`let header = getOauthHeader(url, oauthToken, oauthTokenSecret)`

In with the new 2020-06-01 00:16:24 +00:00			`result = newHttpHeaders({`
Add http pool to reduce connection overhead 2020-11-07 20:31:03 +00:00			`"connection": "keep-alive",`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`"authorization": header,`
In with the new 2020-06-01 00:16:24 +00:00			`"content-type": "application/json",`
			`"x-twitter-active-user": "yes",`
			`"authority": "api.twitter.com",`
Use gzip for API calls to lower bandwidth and RAM 2021-12-26 05:49:27 +00:00			`"accept-encoding": "gzip",`
In with the new 2020-06-01 00:16:24 +00:00			`"accept-language": "en-US,en;q=0.9",`
			`"accept": "/",`
Refactor fetch helper, fix list pagination 2020-06-15 14:40:27 +00:00			`"DNT": "1"`
In with the new 2020-06-01 00:16:24 +00:00			`})`

Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`template updateAccount() =`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 12:41:30 +00:00			`if resp.headers.hasKey(rlRemaining):`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`let`
			`remaining = parseInt(resp.headers[rlRemaining])`
			`reset = parseInt(resp.headers[rlReset])`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`account.setRateLimit(api, remaining, reset)`
Add experimental user parser 2022-01-16 05:00:11 +00:00
			`template fetchImpl(result, fetchBody) {.dirty.} =`
Add http pool to reduce connection overhead 2020-11-07 20:31:03 +00:00			`once:`
			`pool = HttpPool()`

Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`var account = await getGuestAccount(api)`
			`if account.oauthToken.len == 0:`
Show error page when rate limited 2021-01-07 21:31:29 +00:00			`raise rateLimitError()`
In with the new 2020-06-01 00:16:24 +00:00
			`try:`
Simplify bad http client pruning 2022-01-23 01:29:03 +00:00			`var resp: AsyncResponse`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`pool.use(genHeaders($url, account.oauthToken, account.oauthSecret)):`
Retry intermittent 401 Unauthorized requests 2022-09-21 03:47:16 +00:00			`template getContent =`
			`resp = await c.get($url)`
			`result = await resp.body`
Temporary fix to Twitter's global timeline error 2022-01-21 08:17:18 +00:00
Retry intermittent 401 Unauthorized requests 2022-09-21 03:47:16 +00:00			`getContent()`

GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 12:41:30 +00:00			`if resp.status == $Http503:`
			`badClient = true`
			`raise newException(BadClientError, "Bad client")`
Make gzip handling more robust 2021-12-30 00:39:00 +00:00
Add experimental user parser 2022-01-16 05:00:11 +00:00			`if result.len > 0:`
Make gzip handling more robust 2021-12-30 00:39:00 +00:00			`if resp.headers.getOrDefault("content-encoding") == "gzip":`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`result = uncompress(result, dfGzip)`
Make gzip handling more robust 2021-12-30 00:39:00 +00:00			`else:`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`echo "non-gzip body, url: ", url, ", body: ", result`
Refactor fetch helper, fix list pagination 2020-06-15 14:40:27 +00:00
Add experimental user parser 2022-01-16 05:00:11 +00:00			`fetchBody`
In with the new 2020-06-01 00:16:24 +00:00
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`release(account, used=true)`
Improve API error handling 2021-12-28 04:41:41 +00:00
			`if resp.status == $Http400:`
			`raise newException(InternalError, $url)`
			`except InternalError as e:`
			`raise e`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 12:41:30 +00:00			`except BadClientError as e:`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`release(account, used=true)`
GraphQL timeline (#812) * Update deps * Replace profile timeline with GraphQL endpoint * Update GraphQL endpoint versions * Use GraphQL for profile media tab * Fix UserByRestId request * Improve routing, fixes #814 * Fix token pool JSON * Deduplicate GraphQL timeline endpoints * Update list endpoints * Use GraphQL for list tweets * Remove debug leftover * Replace old pinned tweet endpoint with GraphQL * Validate tweet ID * Minor token handling fix * Hide US-only commerce cards * Update config example * Remove http pool and gzip from token pool * Support tombstoned tweets in threads * Retry GraphQL timeout errors * Remove unnecessary 401 retry * Remove broken timeout retry * Update karax, use new bool attribute feature * Update card test * Fix odd edgecase with broken retweets * Replace search endpoints, switch Bearer token * Only parse user search if it's a list * Fix quoted tweet crash * Fix empty search query handling * Fix invalid user search errors again 2023-04-21 12:41:30 +00:00			`raise e`
Temporary (?) fix for false rate limits 2021-01-18 06:47:51 +00:00			`except Exception as e:`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`echo "error: ", e.name, ", msg: ", e.msg, ", accountId: ", account.id, ", url: ", url`
Fix http pool usage to prevent rate limit error 2021-07-18 01:36:27 +00:00			`if "length" notin e.msg and "descriptor" notin e.msg:`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`release(account, invalid=true)`
Show error page when rate limited 2021-01-07 21:31:29 +00:00			`raise rateLimitError()`
Add experimental user parser 2022-01-16 05:00:11 +00:00
			`proc fetch*(url: Uri; api: Api): Future[JsonNode] {.async.} =`
			`var body: string`
			`fetchImpl body:`
			`if body.startsWith('{') or body.startsWith('['):`
			`result = parseJson(body)`
			`else:`
Add URL to request errors 2022-01-23 07:38:38 +00:00			`echo resp.status, ": ", body, " --- url: ", url`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`result = newJNull()`

Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`updateAccount()`
Add experimental user parser 2022-01-16 05:00:11 +00:00
			`let error = result.getError`
Prevent search endpoint from discarding tokens 2023-04-20 23:01:18 +00:00			`if error in {invalidToken, badToken}:`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`echo "fetch error: ", result.getError`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`release(account, invalid=true)`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`raise rateLimitError()`

Track rate limits, reset after 24 hours 2023-08-20 09:56:42 +00:00			`if body.startsWith("{\"errors"):`
			`let errors = body.fromJson(Errors)`
			`if errors in {invalidToken, badToken}:`
			`echo "fetch error: ", errors`
			`release(account, invalid=true)`
			`raise rateLimitError()`
			`elif errors in {rateLimited}:`
			`account.apis[api].limited = true`
Add missing limitedAt assignment 2023-08-20 10:31:08 +00:00			`account.apis[api].limitedAt = epochTime().int`
Track rate limits, reset after 24 hours 2023-08-20 09:56:42 +00:00			`echo "rate limited, api: ", $api, ", reqs left: ", account.apis[api].remaining, ", id: ", account.id`

Add experimental user parser 2022-01-16 05:00:11 +00:00			`proc fetchRaw*(url: Uri; api: Api): Future[string] {.async.} =`
			`fetchImpl result:`
			`if not (result.startsWith('{') or result.startsWith('[')):`
Add URL to request errors 2022-01-23 07:38:38 +00:00			`echo resp.status, ": ", result, " --- url: ", url`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`result.setLen(0)`

Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`updateAccount()`
Add experimental user parser 2022-01-16 05:00:11 +00:00
			`if result.startsWith("{\"errors"):`
Simplify new error handling 2022-01-16 17:28:40 +00:00			`let errors = result.fromJson(Errors)`
Prevent search endpoint from discarding tokens 2023-04-20 23:01:18 +00:00			`if errors in {invalidToken, badToken}:`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`echo "fetch error: ", errors`
Replace tokens with guest accounts, swap endpoints 2023-08-18 22:25:14 +00:00			`release(account, invalid=true)`
Add experimental user parser 2022-01-16 05:00:11 +00:00			`raise rateLimitError()`