Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oauth2: NewClient should copy settings from the context client #368

Open
abeltay opened this issue Feb 1, 2019 · 4 comments
Open

oauth2: NewClient should copy settings from the context client #368

abeltay opened this issue Feb 1, 2019 · 4 comments

Comments

@abeltay
Copy link

abeltay commented Feb 1, 2019

OAuth2 client creation currently doesn't faithfully reuse the client passed into the context.

Instead, it simply takes the Transport of the context client and puts it into a DefaultClient. This causes config settings such as timeout to be set to Default and we know default timeouts are bad #24138. This may end up to be a gotcha for anyone who sends in a context client with timeout set assuming that the timeout will be copied to the new client.

Propose to update the NewClient code as follows:

 func NewClient(ctx context.Context, src TokenSource) *http.Client {
        if src == nil {
                return internal.ContextClient(ctx)
        }
+       cc := internal.ContextClient(ctx)
        return &http.Client{
                Transport: &Transport{
-                       Base:   internal.ContextClient(ctx).Transport,
+                       Base:   cc.Transport,
                        Source: ReuseTokenSource(nil, src),
                },
+               CheckRedirect: cc.CheckRedirect,
+               Jar:           cc.Jar,
+               Timeout:       cc.Timeout,
        }
 }

References:
#321
@amuttsch
Copy link

As a workaround you can do the following:

    // get client
    token, err := oauth.PasswordCredentialsToken(ctx, user, pass)
    oauthClient2 := oauth.Client(ctx, token)
    if err != nil {
        return nil, err
    }

    client := &http.Client{
        Transport: oauthClient.Transport,
        Timeout: 15 * time.Second,
    }

But I support the change suggested by @abeltay for the NewClient to reuse configurations from the httpClient provided by the context.

@mszostok mszostok mentioned this issue Apr 23, 2020
Merged
ferdypruis pushed a commit to ferdypruis/oauth2 that referenced this issue Nov 30, 2020
golang#368 NewClient copies all settings from the context client
34851a6
camilaac pushed a commit to camilaac/oauth2 that referenced this issue May 24, 2021
golang#368 NewClient copies all settings from the context client
cf5ee2d 
(cherry picked from commit 34851a6)
ferdypruis pushed a commit to ferdypruis/oauth2 that referenced this issue Oct 1, 2021
golang#368 NewClient copies all settings from the context client
a1a5bef
@jens1205 jens1205 mentioned this issue Jun 21, 2022
Open
@DRK3
Copy link

DRK3 commented Apr 26, 2023

+1 for this change too!

@DRK3
Copy link

DRK3 commented Apr 28, 2023

I've also noticed that the docs on the Client method state that:

// The returned client and its Transport should not be modified.

Is there a reason that the client's fields shouldn't be modified? Specifically, I want to set the client timeout field which doesn't get copied over from the context client (see the OP's post regarding this).

@phil-f
Copy link

phil-f commented May 10, 2023

I've also noticed that the docs on the Client method state that:

// The returned client and its Transport should not be modified.

Is there a reason that the client's fields shouldn't be modified? Specifically, I want to set the client timeout field which doesn't get copied over from the context client (see the OP's post regarding this).

+1 on this, would be great to get some clarification.

ferdypruis pushed a commit to ferdypruis/oauth2 that referenced this issue Jul 14, 2023
golang#368 NewClient copies all settings from the context client
8bad8e9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@amuttsch @DRK3 @abeltay @phil-f