[GitHub] [iceberg] rdblue commented on a diff in pull request #6489: Core: Improve token exchange handling when token expires

Fri, 23 Dec 2022 08:53:56 -0800 


rdblue commented on code in PR #6489:
URL: https://github.com/apache/iceberg/pull/6489#discussion_r1056495387


##########
core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java:
##########
@@ -376,5 +409,105 @@ public Pair<Integer, TimeUnit> refresh(RESTClient client) 
{
 
       return null;
     }
+
+    @SuppressWarnings("FutureReturnValueIgnored")
+    public static void scheduleTokenRefresh(
+        RESTClient client,
+        ScheduledExecutorService tokenRefreshExecutor,
+        AuthSession session,
+        long startTimeMillis,
+        long expiresIn,
+        TimeUnit unit) {
+      // convert expiration interval to milliseconds
+      long expiresInMillis = unit.toMillis(expiresIn);
+      // how much ahead of time to start the request to allow it to complete
+      long refreshWindowMillis = Math.min(expiresInMillis / 10, 
MAX_REFRESH_WINDOW_MILLIS);
+      // how much time to wait before expiration
+      long waitIntervalMillis = expiresInMillis - refreshWindowMillis;
+      // how much time has already elapsed since the new token was issued
+      long elapsedMillis = System.currentTimeMillis() - startTimeMillis;
+      // how much time to actually wait
+      long timeToWait = Math.max(waitIntervalMillis - elapsedMillis, 
MIN_REFRESH_WAIT_MILLIS);
+
+      tokenRefreshExecutor.schedule(
+          () -> {
+            long refreshStartTime = System.currentTimeMillis();
+            Pair<Integer, TimeUnit> expiration = session.refresh(client);
+            if (expiration != null) {
+              scheduleTokenRefresh(
+                  client,
+                  tokenRefreshExecutor,
+                  session,
+                  refreshStartTime,
+                  expiration.first(),
+                  expiration.second());
+            }
+          },
+          timeToWait,
+          TimeUnit.MILLISECONDS);
+    }
+
+    public static AuthSession sessionFromToken(
+        RESTClient client,
+        ScheduledExecutorService tokenRefreshExecutor,
+        String token,
+        Long expiresIn,

Review Comment:
   Now that this is public, this duration needs to have a specific unit, like 
`expiresInMillis`.
   
   I also think that this should be `defaultExpirationMillis` and that the 
token should be parsed in this method to get its specific expiration, if 
possible. That would avoid leaking the token parsing logic outside of this 
class, I think.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to