mukund-thakur commented on code in PR #6787:
URL: https://github.com/apache/hadoop/pull/6787#discussion_r1625073377
##########
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/oauth2/WorkloadIdentityTokenProvider.java:
##########
@@ -63,58 +64,35 @@ protected AzureADToken refreshToken() throws IOException {
return token;
}
- /**
- * Gets the Azure AD token from a client assertion in JWT format.
- * This method exists to make unit testing possible.
- *
- * @param clientAssertion the client assertion.
- * @return the Azure AD token.
- * @throws IOException if there is a failure in connecting to Azure AD.
- */
- @VisibleForTesting
- AzureADToken getTokenUsingJWTAssertion(String clientAssertion) throws
IOException {
- return AzureADAuthenticator
- .getTokenUsingJWTAssertion(authEndpoint, clientId, clientAssertion);
- }
-
/**
* Checks if the token is about to expire as per base expiry logic.
- * Otherwise, try to expire if enough time has elapsed since the last
refresh.
+ * Otherwise, expire if there is a clock skew issue in the system.
*
* @return true if the token is expiring in next 1 hour or if a token has
* never been fetched
*/
@Override
protected boolean isTokenAboutToExpire() {
- return super.isTokenAboutToExpire() ||
hasEnoughTimeElapsedSinceLastRefresh();
- }
-
- /**
- * Checks to see if enough time has elapsed since the last token refresh.
- *
- * @return true if the token was last refreshed more than an hour ago.
- */
- protected boolean hasEnoughTimeElapsedSinceLastRefresh() {
- if (getTokenFetchTime() == -1) {
+ if (tokenFetchTime == -1 || super.isTokenAboutToExpire()) {
return true;
}
- boolean expiring = false;
+
+ // In case of, any clock skew issues, refresh token.
long elapsedTimeSinceLastTokenRefreshInMillis =
- System.currentTimeMillis() - getTokenFetchTime();
- // In case token is not refreshed for 1 hr or any clock skew issues,
- // refresh token.
- expiring = elapsedTimeSinceLastTokenRefreshInMillis >= ONE_HOUR
- || elapsedTimeSinceLastTokenRefreshInMillis < 0;
+ System.currentTimeMillis() - tokenFetchTime;
+ boolean expiring = elapsedTimeSinceLastTokenRefreshInMillis < 0;
Review Comment:
do we need this expiring variable now?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
