feat: ensure CLI will wait for auth workflow to complete and handle 429 rate limit errors with exponential back-off during polling

leggetter · leggetter · commit c3ff8e5ad200 · 2025-10-30T20:16:41.000Z
- Add SuppressRateLimitErrors flag to Client for configurable error logging
- Implement exponential back-off (1s -&gt; 30s max) when polling encounters 429s
- Log rate limit events at DEBUG level when suppressed, ERROR otherwise
- Fix nil pointer dereference bug when accessing resp.StatusCode on error
- Enable rate limit suppression in login polling where 429s are expected
- Add isRateLimitError() and calculateBackoff() helper functions
diff --git a/pkg/hookdeck/client.go b/pkg/hookdeck/client.go
@@ -47,6 +47,11 @@ type Client struct {
 	// stdout.
 	Verbose bool
 
+	// When this is enabled, HTTP 429 (rate limit) errors will be logged at
+	// DEBUG level instead of ERROR level. Useful for polling scenarios where
+	// rate limiting is expected.
+	SuppressRateLimitErrors bool
+
 	// Cached HTTP client, lazily created the first time the Client is used to
 	// send a request.
 	httpClient *http.Client
@@ -117,20 +122,29 @@ func (c *Client) PerformRequest(ctx context.Context, req *http.Request) (*http.R
 			"method": req.Method,
 			"url":    req.URL.String(),
 			"error":  err.Error(),
-			"status": resp.StatusCode,
 		}).Error("Failed to perform request")
 		return nil, err
 	}
 
 	err = checkAndPrintError(resp)
 	if err != nil {
-		log.WithFields(log.Fields{
-			"prefix": "client.Client.PerformRequest 2",
-			"method": req.Method,
-			"url":    req.URL.String(),
-			"error":  err.Error(),
-			"status": resp.StatusCode,
-		}).Error("Unexpected response")
+		// Allow callers to suppress rate limit error logging for polling scenarios
+		if c.SuppressRateLimitErrors && resp.StatusCode == http.StatusTooManyRequests {
+			log.WithFields(log.Fields{
+				"prefix": "client.Client.PerformRequest",
+				"method": req.Method,
+				"url":    req.URL.String(),
+				"status": resp.StatusCode,
+			}).Debug("Rate limited")
+		} else {
+			log.WithFields(log.Fields{
+				"prefix": "client.Client.PerformRequest 2",
+				"method": req.Method,
+				"url":    req.URL.String(),
+				"error":  err.Error(),
+				"status": resp.StatusCode,
+			}).Error("Unexpected response")
+		}
 		return nil, err
 	}
 
diff --git a/pkg/login/poll.go b/pkg/login/poll.go
@@ -6,13 +6,16 @@ import (
 	"errors"
 	"io/ioutil"
 	"net/url"
+	"strings"
 	"time"
 
 	"github.com/hookdeck/hookdeck-cli/pkg/hookdeck"
+	log "github.com/sirupsen/logrus"
 )
 
 const maxAttemptsDefault = 2 * 60
-const intervalDefault = 1 * time.Second
+const intervalDefault = 2 * time.Second
+const maxBackoffInterval = 30 * time.Second
 
 // PollAPIKeyResponse returns the data of the polling client login
 type PollAPIKeyResponse struct {
@@ -47,12 +50,42 @@ func PollForKey(pollURL string, interval time.Duration, maxAttempts int) (*PollA
 	baseURL := &url.URL{Scheme: parsedURL.Scheme, Host: parsedURL.Host}
 
 	client := &hookdeck.Client{
-		BaseURL: baseURL,
+		BaseURL:                 baseURL,
+		SuppressRateLimitErrors: true, // Rate limiting is expected during polling
 	}
 
 	var count = 0
+	currentInterval := interval
+	consecutiveRateLimits := 0
+
 	for count < maxAttempts {
 		res, err := client.Get(context.TODO(), parsedURL.Path, parsedURL.Query().Encode(), nil)
+
+		// Check if error is due to rate limiting (429)
+		if err != nil && isRateLimitError(err) {
+			consecutiveRateLimits++
+			backoffInterval := calculateBackoff(currentInterval, consecutiveRateLimits)
+
+			log.WithFields(log.Fields{
+				"attempt":          count + 1,
+				"max_attempts":     maxAttempts,
+				"backoff_interval": backoffInterval,
+				"rate_limits":      consecutiveRateLimits,
+			}).Debug("Rate limited while polling, waiting before retry...")
+
+			time.Sleep(backoffInterval)
+			currentInterval = backoffInterval
+			count++
+			continue
+		}
+
+		// Reset back-off on successful request
+		if err == nil {
+			consecutiveRateLimits = 0
+			currentInterval = interval
+		}
+
+		// Handle other errors (non-429)
 		if err != nil {
 			return nil, err
 		}
@@ -74,8 +107,30 @@ func PollForKey(pollURL string, interval time.Duration, maxAttempts int) (*PollA
 		}
 
 		count++
-		time.Sleep(interval)
+		time.Sleep(currentInterval)
 	}
 
 	return nil, errors.New("exceeded max attempts")
 }
+
+// isRateLimitError checks if an error is a 429 rate limit error
+func isRateLimitError(err error) bool {
+	if err == nil {
+		return false
+	}
+	errMsg := err.Error()
+	return strings.Contains(errMsg, "429") || strings.Contains(errMsg, "Too Many Requests")
+}
+
+// calculateBackoff implements exponential back-off with a maximum cap
+func calculateBackoff(baseInterval time.Duration, consecutiveFailures int) time.Duration {
+	// Exponential: baseInterval * 2^consecutiveFailures
+	backoff := baseInterval * time.Duration(1<<uint(consecutiveFailures))
+
+	// Cap at maxBackoffInterval
+	if backoff > maxBackoffInterval {
+		backoff = maxBackoffInterval
+	}
+
+	return backoff
+}
