(gravitino) branch main updated: [#9713][followup] fix(oauth): Remove checkValue for optional serverUri and tokenPath (#9739)

Sat, 17 Jan 2026 20:14:37 -0800 

This is an automated email from the ASF dual-hosted git repository.

roryqi pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/gravitino.git


The following commit(s) were added to refs/heads/main by this push:
     new 7541d25eba [#9713][followup] fix(oauth): Remove checkValue for 
optional serverUri and tokenPath (#9739)
7541d25eba is described below

commit 7541d25eba4d9a774c874199797acbc03a0c63c9
Author: Bharath Krishna <[email protected]>
AuthorDate: Sat Jan 17 20:14:26 2026 -0800

    [#9713][followup] fix(oauth): Remove checkValue for optional serverUri and 
tokenPath (#9739)
    
    ### What changes were proposed in this pull request?
    
    Remove .checkValue() validation from DEFAULT_SERVER_URI and
    DEFAULT_TOKEN_PATH config entries in OAuthConfig.java.
    
    ### Why are the changes needed?
    The original fix [PR
    9717](https://github.com/apache/gravitino/pull/9717) moved validation to
    StaticSignKeyValidator but left .checkValue() in the config definitions.
    This causes ConfigServlet to fail when reading these configs for the Web
    UI, even when using JWKS validators that don't need them.
    
    Fix: #9713
    
    ### Does this PR introduce _any_ user-facing change?
    
    No.
    ### How was this patch tested?
    
    - Existing tests work
    - Tested that Gravitino server loads now without these configs
---
 .../gravitino/server/authentication/OAuthConfig.java   |  2 --
 .../apache/gravitino/server/web/TestConfigServlet.java | 18 ++++++++++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git 
a/server-common/src/main/java/org/apache/gravitino/server/authentication/OAuthConfig.java
 
b/server-common/src/main/java/org/apache/gravitino/server/authentication/OAuthConfig.java
index 5fd3613458..c16b625960 100644
--- 
a/server-common/src/main/java/org/apache/gravitino/server/authentication/OAuthConfig.java
+++ 
b/server-common/src/main/java/org/apache/gravitino/server/authentication/OAuthConfig.java
@@ -65,7 +65,6 @@ public interface OAuthConfig {
               "The uri of the default OAuth server. Required when using 
StaticSignKeyValidator, not required for JWKS-based validators")
           .version(ConfigConstants.VERSION_0_3_0)
           .stringConf()
-          .checkValue(StringUtils::isNotBlank, 
ConfigConstants.NOT_BLANK_ERROR_MSG)
           .create();
 
   ConfigEntry<String> DEFAULT_TOKEN_PATH =
@@ -74,7 +73,6 @@ public interface OAuthConfig {
               "The path for token of the default OAuth server. Required when 
using StaticSignKeyValidator, not required for JWKS-based validators")
           .version(ConfigConstants.VERSION_0_3_0)
           .stringConf()
-          .checkValue(StringUtils::isNotBlank, 
ConfigConstants.NOT_BLANK_ERROR_MSG)
           .create();
 
   // OAuth provider configs
diff --git 
a/server/src/test/java/org/apache/gravitino/server/web/TestConfigServlet.java 
b/server/src/test/java/org/apache/gravitino/server/web/TestConfigServlet.java
index 3a75185845..aab753fac2 100644
--- 
a/server/src/test/java/org/apache/gravitino/server/web/TestConfigServlet.java
+++ 
b/server/src/test/java/org/apache/gravitino/server/web/TestConfigServlet.java
@@ -18,6 +18,7 @@
  */
 package org.apache.gravitino.server.web;
 
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
@@ -26,10 +27,12 @@ import com.google.common.collect.Lists;
 import java.io.PrintWriter;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.gravitino.Configs;
+import org.apache.gravitino.auth.AuthenticatorType;
 import org.apache.gravitino.config.ConfigBuilder;
 import org.apache.gravitino.config.ConfigConstants;
 import org.apache.gravitino.config.ConfigEntry;
 import org.apache.gravitino.server.ServerConfig;
+import org.apache.gravitino.server.authentication.OAuthConfig;
 import org.junit.jupiter.api.Test;
 
 public class TestConfigServlet {
@@ -73,4 +76,19 @@ public class TestConfigServlet {
             
"{\"gravitino.extended.custom.config\":\"test\",\"gravitino.authorization.enable\":false,\"gravitino.authenticators\":[\"simple\"]}");
     configServlet.destroy();
   }
+
+  @Test
+  public void testConfigServletWithOAuthJwksValidator() throws Exception {
+    ServerConfig serverConfig = new ServerConfig();
+
+    serverConfig.set(
+        Configs.AUTHENTICATORS, 
Lists.newArrayList(AuthenticatorType.OAUTH.name().toLowerCase()));
+    serverConfig.set(OAuthConfig.SERVICE_AUDIENCE, "test-service");
+    serverConfig.set(OAuthConfig.JWKS_URI, 
"https://example.com/.well-known/jwks.json";);
+    serverConfig.set(
+        OAuthConfig.TOKEN_VALIDATOR_CLASS,
+        "org.apache.gravitino.server.authentication.JwksTokenValidator");
+
+    assertDoesNotThrow(() -> new ConfigServlet(serverConfig));
+  }
 }

Reply via email to