diff --git a/client/src/main/java/io/pravega/keycloak/client/KeycloakAuthzClient.java b/client/src/main/java/io/pravega/keycloak/client/KeycloakAuthzClient.java index 413dd30..3c9f2ba 100644 --- a/client/src/main/java/io/pravega/keycloak/client/KeycloakAuthzClient.java +++ b/client/src/main/java/io/pravega/keycloak/client/KeycloakAuthzClient.java @@ -29,6 +29,7 @@ import java.io.IOException; import java.net.ConnectException; +import java.net.UnknownHostException; import java.util.List; import java.util.Map; import java.util.Objects; @@ -138,7 +139,7 @@ private static Predicate<Throwable> isRetryable() { LOG.warn("Retryable HttpResponseException with HTTP code: {}", statusCode); return true; } - } else if (rootCause instanceof ConnectException) { + } else if (rootCause instanceof ConnectException || rootCause instanceof UnknownHostException) { LOG.warn("Retryable connection exception", rootCause); return true; } else { diff --git a/client/src/test/java/io/pravega/keycloak/client/KeycloakAuthzClientTest.java b/client/src/test/java/io/pravega/keycloak/client/KeycloakAuthzClientTest.java index f759457..3c79189 100644 --- a/client/src/test/java/io/pravega/keycloak/client/KeycloakAuthzClientTest.java +++ b/client/src/test/java/io/pravega/keycloak/client/KeycloakAuthzClientTest.java @@ -29,6 +29,7 @@ import java.io.File; import java.io.IOException; import java.net.ConnectException; +import java.net.UnknownHostException; import java.nio.file.Files; import java.nio.file.Paths; import java.util.HashMap; @@ -45,7 +46,6 @@ public class KeycloakAuthzClientTest { private static final String SVC_ACCOUNT_JSON_FILE = getResourceFile("service-account.json"); private static final String SVC_ACCOUNT_JSON_STRING = getResourceString(getResourceFile("service-account.json")); - private static final AccessTokenIssuer ISSUER = new AccessTokenIssuer(); @Test public void getRPTCacheHits() { @@ -106,49 +106,22 @@ public void getRPTCannotExchangeAccessTokenForRPT() { @Test public void getRPTWithHttp500Exception() { - AuthzClient client = mock(AuthzClient.class, Mockito.RETURNS_DEEP_STUBS); - TokenCache tokenCache = spy(new TokenCache(0)); - - when(client.obtainAccessToken()).thenThrow(new HttpResponseException("", 500, "", null)); - KeycloakAuthzClient authzClient = new KeycloakAuthzClient(client, tokenCache, 3, 1); - try { - authzClient.getRPT(); - Assert.fail(); - } catch (RetriesExhaustedException e) { - } - verify(client, times(3)).obtainAccessToken(); + assertRetried(new HttpResponseException("", 500, "", null), 3); } @Test public void getRPTWithRuntimeConnectException() { - AuthzClient client = mock(AuthzClient.class, Mockito.RETURNS_DEEP_STUBS); - TokenCache tokenCache = spy(new TokenCache(0)); + assertRetried(new RuntimeException(new ConnectException()), 3); + } - when(client.obtainAccessToken()).thenThrow(new RuntimeException(new ConnectException())); - KeycloakAuthzClient authzClient = new KeycloakAuthzClient(client, tokenCache, 3, 1); - try { - authzClient.getRPT(); - Assert.fail(); - } catch (RetriesExhaustedException e) { - } - verify(client, times(3)).obtainAccessToken(); + @Test + public void getRPTWithRuntimeUnknownHostException() { + assertRetried(new RuntimeException(new UnknownHostException()), 3); } @Test public void getRPTWithRandomRuntimeException() { - AuthzClient client = mock(AuthzClient.class, Mockito.RETURNS_DEEP_STUBS); - TokenCache tokenCache = spy(new TokenCache(0)); - - when(client.obtainAccessToken()).thenThrow(new RuntimeException("bogus")); - KeycloakAuthzClient authzClient = new KeycloakAuthzClient(client, tokenCache, 3, 1); - try { - authzClient.getRPT(); - Assert.fail(); - } catch (RetriesExhaustedException e) { - Assert.fail(); - } catch (RuntimeException e) { - } - verify(client, times(1)).obtainAccessToken(); + assertRetried(new RuntimeException("bogus"), 1); } @Test @@ -242,6 +215,21 @@ public void checkDeserializeToken() { assertEquals(token.getPreferredUsername(), "user-1"); } + private void assertRetried(Exception ex, int retries) { + AuthzClient client = mock(AuthzClient.class, Mockito.RETURNS_DEEP_STUBS); + TokenCache tokenCache = spy(new TokenCache(0)); + + when(client.obtainAccessToken()).thenThrow(ex); + KeycloakAuthzClient authzClient = new KeycloakAuthzClient(client, tokenCache, 3, 1); + try { + authzClient.getRPT(); + Assert.fail(); + } catch (RetriesExhaustedException e) { + } catch (RuntimeException e) { + } + verify(client, times(retries)).obtainAccessToken(); + } + private AccessTokenResponse accessTokenResponse() { AccessTokenResponse acr = new AccessTokenResponse(); acr.setToken("TOKEN");