Copilot commented on code in PR #6589:
URL: https://github.com/apache/hive/pull/6589#discussion_r3594131941


##########
druid-handler/src/java/org/apache/hadoop/hive/druid/DruidStorageHandlerUtils.java:
##########
@@ -311,44 +307,30 @@ public static Request createSmileRequest(String address, 
org.apache.druid.query.
    * @return response object.
    * @throws IOException in case of request IO error.
    */
-  public static InputStream submitRequest(HttpClient client, Request request) 
throws IOException {
-    try {
-      return client.go(request, new InputStreamResponseHandler()).get();
-    } catch (ExecutionException | InterruptedException e) {
-      throw new IOException(e.getCause());
-    }
-
+  public static InputStream submitRequest(HiveDruidHttpClient client, 
HiveDruidHttpRequest request)
+      throws IOException {
+    return client.executeStream(request);
   }
 
-  static StringFullResponseHolder getResponseFromCurrentLeader(HttpClient 
client, Request request,
-      StringFullResponseHandler fullResponseHandler) throws 
ExecutionException, InterruptedException {
-    StringFullResponseHolder responseHolder = client.go(request, 
fullResponseHandler).get();
-    if 
(HttpResponseStatus.TEMPORARY_REDIRECT.equals(responseHolder.getStatus())) {
-      String redirectUrlStr = 
responseHolder.getResponse().headers().get("Location");
-      LOG.debug("Request[%s] received redirect response to location [%s].", 
request.getUrl(), redirectUrlStr);
+  static HiveDruidHttpResponse 
getResponseFromCurrentLeader(HiveDruidHttpClient client,
+      HiveDruidHttpRequest request) throws IOException {
+    HiveDruidHttpResponse responseHolder = client.execute(request);
+    if (responseHolder.getStatusCode() == 
HiveDruidHttpResponse.SC_TEMPORARY_REDIRECT) {
+      String redirectUrlStr = responseHolder.getHeader("Location");
+      LOG.debug("Request[{}] received redirect response to location [{}].", 
request.getUrl(), redirectUrlStr);
       final URL redirectUrl;
       try {
         redirectUrl = new URL(redirectUrlStr);

Review Comment:
   If Druid returns a 307 without a Location header, `new URL(redirectUrlStr)` 
will throw a NullPointerException. This makes redirect handling fail with an 
unclear error; it should surface a clear IOException when the Location header 
is missing/blank.



##########
druid-handler/src/java/org/apache/hadoop/hive/druid/DruidStorageHandlerUtils.java:
##########
@@ -289,10 +284,11 @@ private DruidStorageHandlerUtils() {
    * @param query   druid query.
    * @return Request object to be submitted.
    */

Review Comment:
   The Javadoc still says this method returns a `Request` even though it now 
returns `HiveDruidHttpRequest`, which can mislead future maintainers.



##########
druid-handler/src/java/org/apache/hadoop/hive/druid/http/HiveDruidHttpClient.java:
##########
@@ -0,0 +1,286 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hadoop.hive.druid.http;
+
+import org.apache.hadoop.hive.druid.security.DruidKerberosUtil;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.http.client.config.RequestConfig;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.client.methods.HttpRequestBase;
+import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.entity.ByteArrayEntity;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
+import org.apache.http.util.EntityUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.Closeable;
+import java.io.FilterInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.CookieManager;
+import java.net.URI;
+import java.security.PrivilegedExceptionAction;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+
+/**
+ * Apache HttpClient based HTTP client for Druid REST calls.
+ * Replaces Druid's Netty 3 HttpClientInit/KerberosHttpClient stack 
(HIVE-25013).
+ */
+public class HiveDruidHttpClient implements Closeable {
+  private static final Logger LOG = 
LoggerFactory.getLogger(HiveDruidHttpClient.class);
+
+  private final CloseableHttpClient httpClient;
+  private final PoolingHttpClientConnectionManager connectionManager;
+  private final CookieManager cookieManager;
+  private final boolean kerberosEnabled;
+  private final ExecutorService executor;
+
+  public HiveDruidHttpClient(int readTimeoutMs, int maxConnections, boolean 
kerberosEnabled) {
+    this.kerberosEnabled = kerberosEnabled && 
UserGroupInformation.isSecurityEnabled();
+    this.cookieManager = new CookieManager();
+    int connections = maxConnections > 0 ? maxConnections : 20;
+    this.connectionManager = new PoolingHttpClientConnectionManager();
+    this.connectionManager.setMaxTotal(connections);
+    this.connectionManager.setDefaultMaxPerRoute(connections);
+    this.httpClient = HttpClients.custom()
+        .setConnectionManager(connectionManager)
+        .setDefaultRequestConfig(RequestConfig.custom()
+            .setConnectTimeout(readTimeoutMs)
+            .setSocketTimeout(readTimeoutMs)
+            .setConnectionRequestTimeout(readTimeoutMs)
+            .build())
+        .disableCookieManagement()
+        .build();
+    this.executor = Executors.newFixedThreadPool(connections, r -> {
+      Thread t = new Thread(r, "HiveDruidHttpClient");
+      t.setDaemon(true);
+      return t;
+    });
+    if (this.kerberosEnabled) {
+      LOG.info("HiveDruidHttpClient Kerberos authentication enabled");
+    }
+  }
+
+  public HiveDruidHttpResponse execute(HiveDruidHttpRequest request) throws 
IOException {
+    return innerExecute(request);
+  }
+
+  public InputStream executeStream(HiveDruidHttpRequest request) throws 
IOException {
+    return innerExecuteStream(request);
+  }
+
+  public Future<InputStream> executeStreamAsync(HiveDruidHttpRequest request) {
+    return executor.submit(() -> executeStream(request));
+  }
+
+  private HiveDruidHttpResponse innerExecute(HiveDruidHttpRequest request) 
throws IOException {
+    HiveDruidHttpRequest current = request.copy();
+    boolean shouldRetryOnUnauthorized = prepareKerberosAuth(current);
+
+    while (true) {

Review Comment:
   This new HTTP client introduces non-trivial behavior (Kerberos cookie 
handling + 401 retry loops in both buffered and streaming paths), but the 
existing unit tests only mock `HiveDruidHttpClient` and don’t exercise these 
code paths. Adding focused unit tests (e.g., using a local in-JVM HTTP server 
or by refactoring to allow injecting a mock `CloseableHttpClient`) would help 
prevent regressions in auth/redirect handling.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to