[
https://issues.apache.org/jira/browse/SLING-8869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16987619#comment-16987619
]
Ashish Chopra commented on SLING-8869:
--------------------------------------
hi [~bdelacretaz], thanks for your comments!
bq. If it's a standard Java Executor that you're using you'd need an instanceof
+ cast to your expanded Executor to run the check, but that's a small price to
pay vs not caching at all.
This is a HTTP Components' Fluent API executor [0].
Per the documentation, the benefit for {{Executor}} is to retain authorization
information associated with it via the {{.auth}} invocations.
I see no other benefit of {{Executor}} from [0] - notably [1] doesn't invoke
{{.auth}}, but sets an HTTP header directly.
Perhaps we should be OK invoking the {{Request.}} directly (after all, that
_is_ the purported benefit of the Fluent API [0]) - but if you see merit in
reusing the {{Executor}} (and the {{HttpClient}} it backs) still, maybe we can
consider adding the {{Authorization}} header in the POST request itself [2]
instead of adding it as a default-header in the HttpClient that backs the
{{Executor}} in question.
Does above seem like a reasonable approach to you?
[0] https://hc.apache.org/httpcomponents-client-ga/tutorial/html/fluent.html
[1]
https://github.com/apache/sling-org-apache-sling-distribution-core/blob/deb3d2ae33c4f4678c8503091a9fffdbb141e569/src/main/java/org/apache/sling/distribution/transport/impl/SimpleHttpDistributionTransport.java#L228
[2]
https://hc.apache.org/httpcomponents-client-ga/fluent-hc/apidocs/org/apache/http/client/fluent/Request.html#addHeader(org.apache.http.Header)
> SimpleHttpDistributionTransport does not refresh the secret for token based
> implementations.
> --------------------------------------------------------------------------------------------
>
> Key: SLING-8869
> URL: https://issues.apache.org/jira/browse/SLING-8869
> Project: Sling
> Issue Type: Bug
> Components: Content Distribution
> Reporter: Mohit Arora
> Priority: Critical
> Fix For: Content Distribution Core 0.4.2
>
> Attachments: SLING-8869.patch
>
>
> While saving the {{contextKeyExecutor}} in {{DistributionTransportContext}}
> map, it is not expected that the secret associated with the executor could be
> expired. This can happen in case of access token based implementations where
> the token is expired after a certain period of time and has to be refreshed.
> The code to refresh the token is written in the secret provider but since the
> executor is [cached in the
> map|https://github.com/apache/sling-org-apache-sling-distribution-core/blob/master/src/main/java/org/apache/sling/distribution/transport/impl/SimpleHttpDistributionTransport.java#L208]
> the secrets are not refreshed. It works fine for credentials based secret
> provider but not for access token based.
> cc - [~marett]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
