Skip to content

Commit

Permalink
delete TOKEN_REFRESH_ENABLED judge whether refresh by credentials pro…
Browse files Browse the repository at this point in the history
…vider
  • Loading branch information
jerry-024 committed Dec 9, 2024
1 parent 7498e7e commit 314f965
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 43 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@ public class RESTCatalog implements Catalog {
// a lazy thread pool for token refresh
private final AuthSession catalogAuth;
private volatile ScheduledExecutorService refreshExecutor = null;
private boolean keepTokenRefreshed;

private static final ObjectMapper objectMapper = RESTObjectMapper.create();

Expand All @@ -80,8 +79,7 @@ public RESTCatalog(Options options) {
CredentialsProvider credentialsProvider =
CredentialsProviderFactory.createCredentialsProvider(
options, RESTCatalog.class.getClassLoader());
this.keepTokenRefreshed = options.get(RESTCatalogOptions.TOKEN_REFRESH_ENABLED);
if (keepTokenRefreshed) {
if (credentialsProvider.keepRefreshed()) {
this.catalogAuth =
AuthSession.fromRefreshCredentialsProvider(
tokenRefreshExecutor(), this.baseHeader, credentialsProvider);
Expand Down Expand Up @@ -215,10 +213,6 @@ private Map<String, String> headers() {
}

private ScheduledExecutorService tokenRefreshExecutor() {
if (!keepTokenRefreshed) {
return null;
}

if (refreshExecutor == null) {
synchronized (this) {
if (refreshExecutor == null) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,14 +55,9 @@ public class RESTCatalogOptions {
.durationType()
.defaultValue(Duration.ofHours(1))
.withDescription(
"REST Catalog auth token expires in.The token generates system refresh frequency is t1," +
" the token expires time is t2, we need to guarantee that t2 > t1," +
" the token validity time is [t2 - t1, t2], and the expires time defined here needs to be less than (t2 - t1)");
public static final ConfigOption<Boolean> TOKEN_REFRESH_ENABLED =
ConfigOptions.key("token-refresh-enabled")
.booleanType()
.defaultValue(false)
.withDescription("REST Catalog auth token refresh enable.");
"REST Catalog auth token expires in.The token generates system refresh frequency is t1,"
+ " the token expires time is t2, we need to guarantee that t2 > t1,"
+ " the token validity time is [t2 - t1, t2], and the expires time defined here needs to be less than (t2 - t1)");
public static final ConfigOption<String> TOKEN_PROVIDER_PATH =
ConfigOptions.key("token.provider.path")
.stringType()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
package org.apache.paimon.rest.auth;

import org.apache.paimon.options.Options;
import org.apache.paimon.rest.RESTCatalogOptions;

import static org.apache.paimon.rest.RESTCatalogOptions.TOKEN_EXPIRATION_TIME;
import static org.apache.paimon.rest.RESTCatalogOptions.TOKEN_PROVIDER_PATH;
Expand All @@ -38,12 +37,7 @@ public CredentialsProvider create(Options options) {
throw new IllegalArgumentException(TOKEN_PROVIDER_PATH.key() + " is required");
}
String tokenFilePath = options.get(TOKEN_PROVIDER_PATH);
boolean keepTokenRefreshed = options.get(RESTCatalogOptions.TOKEN_REFRESH_ENABLED);
if (keepTokenRefreshed) {
if (!options.getOptional(TOKEN_EXPIRATION_TIME).isPresent()) {
throw new IllegalArgumentException(
TOKEN_EXPIRATION_TIME.key() + " is required when token refresh enabled");
}
if (options.getOptional(TOKEN_EXPIRATION_TIME).isPresent()) {
long tokenExpireInMills = options.get(TOKEN_EXPIRATION_TIME).toMillis();
return new BearTokenFileCredentialsProvider(tokenFilePath, tokenExpireInMills);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,6 @@ public void testCreateBearTokenFileCredentialsProviderSuccess() throws Exception
String token = UUID.randomUUID().toString();
FileUtils.writeStringToFile(tokenFile, token);
options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath());
options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
BearTokenFileCredentialsProvider credentialsProvider =
(BearTokenFileCredentialsProvider)
CredentialsProviderFactory.createCredentialsProvider(
Expand All @@ -95,9 +94,7 @@ public void testCreateRefreshBearTokenFileCredentialsProviderSuccess() throws Ex
File tokenFile = folder.newFile(fileName);
String token = UUID.randomUUID().toString();
FileUtils.writeStringToFile(tokenFile, token);
options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath());
options.set(RESTCatalogOptions.TOKEN_REFRESH_ENABLED, true);
options.set(RESTCatalogOptions.TOKEN_EXPIRATION_TIME, Duration.ofSeconds(10L));
BearTokenFileCredentialsProvider credentialsProvider =
(BearTokenFileCredentialsProvider)
Expand All @@ -106,24 +103,6 @@ public void testCreateRefreshBearTokenFileCredentialsProviderSuccess() throws Ex
assertEquals(token, credentialsProvider.token());
}

@Test
public void testCreateRefreshBearTokenFileCredentialsProviderFail() throws Exception {
Options options = new Options();
String fileName = "token";
File tokenFile = folder.newFile(fileName);
String token = UUID.randomUUID().toString();
FileUtils.writeStringToFile(tokenFile, token);
options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath());
options.set(RESTCatalogOptions.TOKEN_REFRESH_ENABLED, true);
options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
assertThrows(
IllegalArgumentException.class,
() ->
CredentialsProviderFactory.createCredentialsProvider(
options, this.getClass().getClassLoader()));
}

@Test
public void getCredentialsProviderTypeByConfWhenDefineTokenPath() {
Options options = new Options();
Expand Down

0 comments on commit 314f965

Please sign in to comment.