connection: refetch token if invalid.#241
Conversation
|
So we attempted to do a similar thing in the google-apis-nodejs-client library and always had issues reattaching the media body.We ended up removing refresh functionality on 401 and instead will refresh the token when the expiry_date in the token has past or there's no access_token available but there is a refresh_token available. We do this before the request is attempted for the first time. Not sure how we can support this and piping from streams too. We would have to cache the pipe data to replay it, which is just non-sensical. |
|
We also do the same validation against our local token, but in the event the token passes our tests, but is somehow deemed invalid upstream, this will force a token re-fetch. The only reasons I can think of that it could be invalid upstream but not locally:
|
|
Notes: add a max retry limit of 1 |
|
Various closed issues filed from the other API client project on a similar effect of a change like this: googleapis/google-api-nodejs-client#139 My "fix" provided to remove refresh functionality: googleapis/google-api-nodejs-client#235 Currently open issues related to this refresh functionality: |
|
👍 thanks. In our case, we're only using streams in In the case of the stream problem, to solve this just use Duplexify: https://github.com/GoogleCloudPlatform/gcloud-node/blob/master/lib/storage/index.js#L421 - we're using it for the same reason here, which is to control manually when a stream is readable and writable, usually after something asynchronous occurs - for us, after we have a token. |
|
Hmm seems reasonable. I say 🚢 it and see what happens. Might actually work out better than expected. Would be nice to port some of this over to the other library too instead of using the poorly implemented sandwich stream. |
|
Fixing up some last features, adding some tests, and then I will ping for a quick look :) |
stephenplusplus
force-pushed
the
spp--token-retry
branch
from
6e5a560 to
a8f31ff
Compare
|
Updated! |
|
Can we make MAX_ATTEMPTS not in terms of the number of times to retry an API request, but in terms of the number of times we will attempt to refresh the token given a 401 Unauthorized error (because that's more specifically what we are doing). In this case, MAX_REFRESH_ATTEMPTS = 1 would be the equivalent with a little tweak to the increment & check logic. |
lib/common/connection.js
Outdated
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
stephenplusplus
force-pushed
the
spp--token-retry
branch
from
a8f31ff to
6ff71ae
Compare
|
Updated with renamed attempt stuff. |
stephenplusplus
force-pushed
the
spp--token-retry
branch
2 times, most recently
from
d9115ec to
2b1246e
Compare
test/common/connection.js
Outdated
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
stephenplusplus
force-pushed
the
spp--token-retry
branch
from
2b1246e to
c2408be
Compare
lib/common/connection.js
Outdated
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
stephenplusplus
force-pushed
the
spp--token-retry
branch
from
c2408be to
797ca1b
Compare
|
LGTM, @ryanseys ? |
|
Yep LGTM. |
connection: refetch token if invalid.
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@types/sinon](https://togithub.com/DefinitelyTyped/DefinitelyTyped) | [`^9.0.0` -> `^10.0.0`](https://renovatebot.com/diffs/npm/@types%2fsinon/9.0.11/10.0.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration :date: **Schedule**: "after 9am and before 3pm" (UTC). :vertical_traffic_light: **Automerge**: Disabled by config. Please merge this manually once you are satisfied. :recycle: **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. :no_bell: **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box. --- This PR has been generated by [WhiteSource Renovate](https://renovate.whitesourcesoftware.com). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/nodejs-datacatalog).
* chore(package): update gts to version 0.7.1 Closes #241 * update package-lock
* chore(package): update gts to version 0.7.1 Closes #241 * update package-lock
This PR was generated using Autosynth. 🌈 Synth log will be available here: https://source.cloud.google.com/results/invocations/933ad2fd-a72d-472d-91bb-4b474e01ed77/targets - [ ] To automatically regenerate this PR, check this box. Source-Link: googleapis/synthtool@ba9918c
4 participants
https://developers.google.com/drive/web/handle-errors#401_invalid_credentials
If the API returns a 401, this will nullify the token we have and fetch a new one before trying the request again.