From 0ba5cebf9e24f753bcb36810b87045aea6917c58 Mon Sep 17 00:00:00 2001 From: Santhosh Gandhe <1909520+san81@users.noreply.github.com> Date: Tue, 21 Jan 2025 11:47:35 -0800 Subject: [PATCH] refreshing only for the forbidden or unauthorized error casea and additional test cases to cover those scenarios Signed-off-by: Santhosh Gandhe <1909520+san81@users.noreply.github.com> --- .../jira/rest/auth/JiraOauthConfig.java | 14 ++++++---- .../jira/rest/auth/JiraOauthConfigTest.java | 27 ++++++++++++++++++- 2 files changed, 35 insertions(+), 6 deletions(-) diff --git a/data-prepper-plugins/saas-source-plugins/jira-source/src/main/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfig.java b/data-prepper-plugins/saas-source-plugins/jira-source/src/main/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfig.java index f111010284..9228fa82df 100644 --- a/data-prepper-plugins/saas-source-plugins/jira-source/src/main/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfig.java +++ b/data-prepper-plugins/saas-source-plugins/jira-source/src/main/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfig.java @@ -142,12 +142,16 @@ public void renewCredentials() { } catch (HttpClientErrorException ex) { this.expireTime = Instant.ofEpochMilli(0); this.expiresInSeconds = 0; - // Try refreshing the secrets and see if that helps - // Refreshing one of the secret refreshes the entire store so we are good to trigger refresh on just one - jiraSourceConfig.getAuthenticationConfig().getOauth2Config().getAccessToken().refresh(); + HttpStatus statusCode = ex.getStatusCode(); log.error("Failed to renew access token. Status code: {}, Error Message: {}", - ex.getRawStatusCode(), ex.getMessage()); - throw new RuntimeException("Failed to renew access token" + ex.getMessage(), ex); + statusCode, ex.getMessage()); + if (statusCode == HttpStatus.FORBIDDEN || statusCode == HttpStatus.UNAUTHORIZED) { + log.info("Trying to refresh the secrets"); + // Try refreshing the secrets and see if that helps + // Refreshing one of the secret refreshes the entire store so we are good to trigger refresh on just one + jiraSourceConfig.getAuthenticationConfig().getOauth2Config().getAccessToken().refresh(); + } + throw new RuntimeException("Failed to renew access token message:" + ex.getMessage(), ex); } } } diff --git a/data-prepper-plugins/saas-source-plugins/jira-source/src/test/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfigTest.java b/data-prepper-plugins/saas-source-plugins/jira-source/src/test/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfigTest.java index bafe995801..746dd41dff 100644 --- a/data-prepper-plugins/saas-source-plugins/jira-source/src/test/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfigTest.java +++ b/data-prepper-plugins/saas-source-plugins/jira-source/src/test/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfigTest.java @@ -15,8 +15,11 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.Mock; import org.mockito.junit.jupiter.MockitoExtension; +import org.opensearch.dataprepper.model.plugin.PluginConfigVariable; import org.opensearch.dataprepper.plugins.source.jira.JiraSourceConfig; +import org.opensearch.dataprepper.plugins.source.jira.configuration.Oauth2Config; import org.opensearch.dataprepper.plugins.source.jira.exception.UnAuthorizedException; +import org.opensearch.dataprepper.test.helper.ReflectivelySetField; import org.springframework.http.HttpEntity; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; @@ -52,6 +55,9 @@ public class JiraOauthConfigTest { JiraSourceConfig jiraSourceConfig; + @Mock + PluginConfigVariable accessTokenVariable; + @BeforeEach void setUp() { jiraSourceConfig = createJiraConfigurationFromYaml("oauth2-auth-jira-pipeline.yaml"); @@ -89,12 +95,31 @@ void testRenewToken() throws InterruptedException { } @Test - void testFailedToRenewAccessToken() { + void testFailedToRenewAccessToken() throws NoSuchFieldException, IllegalAccessException { JiraOauthConfig jiraOauthConfig = new JiraOauthConfig(jiraSourceConfig); + Oauth2Config oauth2Config = jiraSourceConfig.getAuthenticationConfig().getOauth2Config(); + ReflectivelySetField.setField(Oauth2Config.class, oauth2Config, "accessToken", accessTokenVariable); when(restTemplateMock.postForEntity(any(String.class), any(HttpEntity.class), any(Class.class))) .thenThrow(HttpClientErrorException.class); jiraOauthConfig.restTemplate = restTemplateMock; assertThrows(RuntimeException.class, jiraOauthConfig::renewCredentials); + verify(oauth2Config.getAccessToken(), times(0)) + .refresh(); + } + + @Test + void testFailedToRenewAccessToken_with_unauthorized_and_trigger_secrets_refresh() + throws NoSuchFieldException, IllegalAccessException { + JiraOauthConfig jiraOauthConfig = new JiraOauthConfig(jiraSourceConfig); + Oauth2Config oauth2Config = jiraSourceConfig.getAuthenticationConfig().getOauth2Config(); + ReflectivelySetField.setField(Oauth2Config.class, oauth2Config, "accessToken", accessTokenVariable); + HttpClientErrorException unAuthorizedException = new HttpClientErrorException(HttpStatus.UNAUTHORIZED); + when(restTemplateMock.postForEntity(any(String.class), any(HttpEntity.class), any(Class.class))) + .thenThrow(unAuthorizedException); + jiraOauthConfig.restTemplate = restTemplateMock; + assertThrows(RuntimeException.class, jiraOauthConfig::renewCredentials); + verify(oauth2Config.getAccessToken(), times(1)) + .refresh(); }