-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: use original API request context for auth token requests #847
base: main
Are you sure you want to change the base?
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #847 +/- ##
===========================================
+ Coverage 34.52% 65.74% +31.21%
===========================================
Files 192 194 +2
Lines 25208 25293 +85
===========================================
+ Hits 8704 16628 +7924
+ Misses 16357 7837 -8520
- Partials 147 828 +681 ☔ View full report in Codecov by Sentry. |
f78ef0c
to
2e16ea4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, @ctreatma !
I'm still working through the lower level details but your implementation looks solid from a decent high level understanding.
I'm curious if this removes the API Request/Response from the log output though with a different round tripper. If it does then I'll add it back in with a follow up after looking into it.
Answered my own question. It doesn't because we still wrap this in |
@displague also interested to get your take on this one. |
872cb80
to
748452f
Compare
@@ -0,0 +1,96 @@ | |||
package authtoken |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This context-aware tokensource stuff should probably be moved to the Go SDK as well so that any tooling based on the Go SDK can easily implement correct auth logic.
That could also include logic to read from and write to standard env vars and/or a standard config file location (similar to how AWS/Azure/Google Cloud tools work)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Copilot reviewed 4 out of 5 changed files in this pull request and generated 1 comment.
Files not reviewed (1)
- go.mod: Language not supported
Comments suppressed due to low confidence (2)
internal/authtoken/oauth2.go:90
- The error message 'oauth2: server response missing access token' could be more descriptive. Consider including additional context about the server response.
return nil, fmt.Errorf("oauth2: server response missing access token")
internal/config/config.go:83
- The new behavior introduced in 'newAuthClient' function is not covered by tests. Ensure that this function is properly tested.
c.authClient = c.newAuthClient()
|
||
token, err := t.Source.TokenWithContext(req.Context()) | ||
if err != nil { | ||
fmt.Println("error: ", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using fmt.Println for logging errors is not ideal. Consider using a proper logging library instead.
fmt.Println("error: ", err) | |
log.Println("error: ", err) |
Copilot is powered by AI, so mistakes are possible. Review output carefully before use.
@@ -3,7 +3,7 @@ module github.com/equinix/terraform-provider-equinix | |||
go 1.23 | |||
|
|||
require ( | |||
github.com/equinix/equinix-sdk-go v0.48.0 | |||
github.com/equinix/equinix-sdk-go v0.48.1-0.20250130155308-f4934ab22f00 | |||
github.com/equinix/ne-go v1.19.0 | |||
github.com/equinix/oauth2-go v1.0.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can oauth2-go
be removed in this PR?
@@ -0,0 +1,93 @@ | |||
// Copyright 2014 The Go Authors. All rights reserved. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where is this sourced? (oauth2-go or upstream?)
#844 updated the
Config
object to create a new auth client every time a new Fabric API client was created for SDK resources. If we stuck with this pattern, we would have to duplicate that behavior for every Equinix API client except for Metal. In addition, this pattern means that the provider will make a separate auth token request per resource rather than reusing valid tokens across all resources that use the same provider (and therefor auth) config.This reverts the auth client change by introducing a custom HTTP transport and OAuth token source that enables passing the original request context for an API request to the auth token client.
This change requires these customizations be made here (or potentially in a non-generated section of
equinix-sdk-go
) because theoauth2
library does not accept a context at the time a token is obtained; the context can only be specified when a token source is instantiated. This change also relies on a branch ofequinix-sdk-go
that supports the Equinix access token API. As a result, we no longer need to useequinix/oauth2-go
.