Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BearerTokenAuthenticationPolicy to use shared_lock in case no refresh is needed #5188

Merged
merged 6 commits into from
Nov 28, 2023
Merged

BearerTokenAuthenticationPolicy to use shared_lock in case no refresh is needed #5188

merged 6 commits into from
Nov 28, 2023

Conversation

antkmsft
Copy link
Member

@antkmsft antkmsft commented Nov 26, 2023
edited
Loading

Closes #4756.

--
UWP CI is currently blocked until microsoft/vcpkg#35279 is fixed / microsoft/vcpkg#35116 is merged (#5181 would unblock)

@antkmsft antkmsft marked this pull request as ready for review November 26, 2023 15:01
@antkmsft antkmsft added the MQ This issue is part of a "milestone of quality" initiative. label Nov 27, 2023
@antkmsft antkmsft self-assigned this Nov 27, 2023
LarryOsterman
LarryOsterman approved these changes Nov 28, 2023
View reviewed changes
Copy link
Member

@LarryOsterman LarryOsterman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My only concern is the 1970 year bias when creating the Azure::DateTime object, otherwise it looks fine.

sdk/core/azure-core/inc/azure/core/http/policies/policy.hpp Show resolved Hide resolved
sdk/core/azure-core/src/http/bearer_token_authentication_policy.cpp Show resolved Hide resolved
sdk/core/azure-core/src/http/bearer_token_authentication_policy.cpp Outdated Show resolved Hide resolved
@antkmsft antkmsft enabled auto-merge (squash) November 28, 2023 20:23
@antkmsft antkmsft merged commit 135e746 into Azure:main Nov 28, 2023
40 checks passed
ahsonkhan
ahsonkhan reviewed Nov 29, 2023
View reviewed changes
sdk/core/azure-core/src/http/bearer_token_authentication_policy.cpp
Comment on lines +65 to +74
bool TokenNeedsRefresh(
Azure::Core::Credentials::AccessToken const& cachedToken,
Azure::Core::Credentials::TokenRequestContext const& cachedTokenRequestContext,
Azure::DateTime const& currentTime,
Azure::Core::Credentials::TokenRequestContext const& newTokenRequestContext)
{
return newTokenRequestContext.TenantId != cachedTokenRequestContext.TenantId
|| newTokenRequestContext.Scopes != cachedTokenRequestContext.Scopes
|| currentTime > (cachedToken.ExpiresOn - newTokenRequestContext.MinimumExpiration);
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic could benefit from a comment. For example, I understand that we need a token refresh if the tenant id and scope don't match, but why are we using current token's and cached token's expirations together like this: cachedToken.ExpiresOn - newTokenRequestContext.MinimumExpiration?

@antkmsft antkmsft deleted the auth-use-shared-lock branch November 29, 2023 08:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ahsonkhan ahsonkhan ahsonkhan left review comments

@LarryOsterman LarryOsterman LarryOsterman approved these changes

@RickWinter RickWinter Awaiting requested review from RickWinter RickWinter is a code owner

@vhvb1989 vhvb1989 Awaiting requested review from vhvb1989

@gearama gearama Awaiting requested review from gearama gearama is a code owner

Assignees

@antkmsft antkmsft

Labels
Azure.Core Azure.Identity MQ This issue is part of a "milestone of quality" initiative.
Projects
Azure Identity SDK Improvements
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

BearerTokenAuthenticationPolicy can be more efficient by utilizing shared/unique token locking
3 participants
@antkmsft @ahsonkhan @LarryOsterman