ProfileTokenProvider Reload ProfileFile #3608
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dave-fn
force-pushed
the
davidfn/credentials-reload
branch
from
495181a to
9db71b4
Compare
L-Applin
reviewed
Dec 13, 2022
core/auth/src/main/java/software/amazon/awssdk/auth/token/credentials/ProfileTokenProvider.java
Show resolved
Hide resolved
| } | ||
|
|
||
| private void handleProfileFileReload(ProfileFile profileFile) { | ||
| tokenProvider = createTokenProvider(profileFile, profileName); |
There was a problem hiding this comment.
Does this need to be synchronized?
There was a problem hiding this comment.
@zoewangg? If needed, will have to make same change to ProfileCredentialsProvider.
|
|
||
| ProfileFile cachedOrRefreshedProfileFile = refreshProfileFile(); | ||
| if (isNewProfileFile(cachedOrRefreshedProfileFile)) { | ||
| currentProfileFile = cachedOrRefreshedProfileFile; |
There was a problem hiding this comment.
Does this need to be synchronized?
There was a problem hiding this comment.
@zoewangg? If needed, will have to make same change to ProfileCredentialsProvider.
There was a problem hiding this comment.
Hmm, could (update: resolveToken is invoked per request)resolveToken() be invoked by different threads at the same time? I'd assume no.
There was a problem hiding this comment.
Yeah, not sure what the exact use case is. I'd assume a main thread would be resolving?
There was a problem hiding this comment.
Took another look and I think we should use some locking mechanism. Here is an example of how it could be done: https://github.com/aws/aws-sdk-java-v2/blob/master/utils/src/main/java/software/amazon/awssdk/utils/cache/CachedSupplier.java#L185
There was a problem hiding this comment.
After offline discussion, decided to use CAS
zoewangg
reviewed
Dec 13, 2022
...th/src/test/java/software/amazon/awssdk/auth/token/credentials/ProfileTokenProviderTest.java
Outdated
Show resolved
Hide resolved
|
|
||
| ProfileFile cachedOrRefreshedProfileFile = refreshProfileFile(); | ||
| if (isNewProfileFile(cachedOrRefreshedProfileFile)) { | ||
| currentProfileFile = cachedOrRefreshedProfileFile; |
There was a problem hiding this comment.
Hmm, could (update: resolveToken is invoked per request)resolveToken() be invoked by different threads at the same time? I'd assume no.
dave-fn
force-pushed
the
davidfn/credentials-reload
branch
from
ceeef19 to
82f045e
Compare
dave-fn
force-pushed
the
davidfn/credentials-reload
branch
from
1091e59 to
c594e62
Compare
dave-fn
force-pushed
the
davidfn/credentials-reload
branch
from
c594e62 to
deff952
Compare
|
SonarCloud Quality Gate failed.
|
zoewangg
approved these changes
Dec 20, 2022
12 tasks
dave-fn
added a commit
that referenced
this pull request
Feb 6, 2023
* ProfileCredentialsProvider can now reload credentials when profile files change (#3487) * ProfileFile can update if disk changed, reload as new instance * ProfileCredentialsProvider reloads credentials if profile file has changes * Created class ProfileFileRefresher * Created ReloadingProfileCredentialsProvider; moved new logic in ProfileFile to ProfileFileRefresher * Fix ReloadingProfileCredentialsBehavior when missing ProfileFile Supplier or Predicate, and dealing with defaults * Consolidated ReloadingProfileCredentialsProvider functionality into ProfileCredentialsProvider * Fix behavior when dealing with defaults * Created ProfileFileSupplier interface; refactored * Misc fixes * Created package-private ProfileFileSupplierBuilder; ProfileFileSupplier now extends Supplier; Fixed Javadoc * Fixed unit tests for default credentials file * Removed ProfileFileSupplier.Builder interface * Code cleanup * ProfileFileSupplier API changes, aggregating (#3558) * Added methods for aggregating ProfileFile objects * Removed redundant logic, changelog entry * Removed redundant methods * Use compare and set to make thread safe * DefaultCredentialsProvider reload profile (#3580) * Misc fixes * Reload credentials by DefaultCredentialsProvider; pass supplier to InstanceProfileCredentialsProvider * Fix code alignment * Update public APIs to Supplier<ProfileFile> instead of ProfileFileSupplier (#3607) * ProfileTokenProvider Reload ProfileFile (#3608) * Updated ProfileTokenProvider * Updated tests, do not explicitly swallow exceptions * ProfileTokenProviderLoader can use Supplier<Profilefile> internally * Simplified ProfileTokenProviderLoader API; implemented synchronized block * Use synchronized block (#3646) * S3 support classes take Supplier<ProfileFile> (#3653) * S3 support classes take Supplier<ProfileFile> * Review comments * Presigners, other Support classes take Supplier<ProfileFile> (#3677) * Presigners, other Support classes take Supplier<ProfileFile> * Split new ProfileFile tests from existing parameterized tests * Improved tests readability * ProfileFile updates to BaseClientBuilderClass, other S3 classes (#3685) * Leverage SdkClientOption and SdkExecutionAttributes; fallback to simp… (#3692) * Leverage SdkClientOption and SdkExecutionAttributes; fallback to simple ProfileFile * Addressed review comments * Updated changelog entry (#3699) * Fixed review comments * Removed unnecessary logic * Deprecated SdkClientOption PROFILE_FILE * Deprecated SdkExecutionAttribute PROFILE_FILE * Updated changelog entry
aws-sdk-java-automation
added a commit
that referenced
this pull request
Jan 29, 2025
…8861fe626 Pull request: release <- staging/a7fc70f6-4e18-45a1-9d53-0b18861fe626
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation and Context
Update
ProfileTokenProviderso that the generated token uses the current contents of aProfileFileif desired. This change mimics what was done with PR 3487.Modifications
Mirrored new behavior of
ProfileCredentialsProvider.Testing
Added single test case.
Screenshots (if appropriate)
Types of changes
Checklist
mvn installsucceedsscripts/new-changescript and following the instructions. Commit the new file created by the script in.changes/next-releasewith your changes.License