kimyoungi99 opened a new pull request, #62431: URL: https://github.com/apache/airflow/pull/62431
Closes #61108 This is a follow-up to #62214 (reverted in #62404). ### Problem Concurrent requests to `/auth/token` cause intermittent 500 errors: ``` AttributeError: 'AirflowAppBuilder' object has no attribute 'sm' ``` `create_auth_manager()` creates a new instance on every call. Under concurrent requests, one thread overwrites `_AuthManagerState.instance` while another's is still initializing. ### Previous approach (#62214) and why it was reverted The previous fix added `purge_cached_app()` in `get_application_builder()`, but that function is called at runtime by FAB FastAPI routes (login, user/role management). Clearing the singleton on every call broke subsequent core API requests with `KeyError: 'AUTH_USER_REGISTRATION'`. ### This fix 1. **`create_auth_manager()`**: Double-checked locking with `isinstance` validation — creates the singleton once, replaces it only when the auth manager class changes (e.g. `SimpleAuthManager` → `FabAuthManager`). 2. **`init_appbuilder.py`**: Clears `security_manager` `@cached_property` when `init_app()` is called with a new Flask app, so `_init_config()` runs against the current app context. No changes to `get_application_builder()` or test fixtures. ### Testing - FAB full suite (`--no-db-cleanup`): 594 passed - Google auth: 8 passed - Keycloak: 188 passed - Core (test_app + test_db): 36 passed - New: `test_create_auth_manager_thread_safety` (10 threads, barrier sync) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
