-
Notifications
You must be signed in to change notification settings - Fork 131
/
Copy pathLoginClient.java
118 lines (104 loc) · 3.73 KB
/
LoginClient.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/*
* Copyright 2017 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.google.cloud;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import spanner.experimental.AccessToken;
public class LoginClient {
private final String username;
private final String password;
private final String endpoint;
private volatile AccessToken accessToken;
private final ScheduledExecutorService scheduler = Executors.newSingleThreadScheduledExecutor();
private final ReentrantLock refreshLock = new ReentrantLock();
private ScheduledFuture<?> scheduledTask; // Holds the scheduled task
private String clientCertificate = null;
private String clientCertificateKey = null;
private static final long TOKEN_REFRESH_THRESHOLD_SECONDS = 300; // Refresh 5 minutes before expiry
public LoginClient(String username, String password, String endpoint) throws Exception {
this(username, password, endpoint, null, null);
}
public LoginClient(
String username,
String password,
String endpoint,
String clientCertificate,
String clientCertificateKey) {
this.username = username;
this.password = password;
this.endpoint = endpoint;
if (clientCertificate != null && clientCertificateKey != null) {
this.clientCertificate = clientCertificate;
this.clientCertificateKey = clientCertificateKey;
}
login();
scheduleNextTokenRefresh();
}
private void login() {
try {
Scram scram =
new Scram(
this.username,
this.password,
new GrpcClient(this.endpoint, this.clientCertificate, this.clientCertificateKey));
this.accessToken = scram.login();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public AccessToken getAccessToken() {
return accessToken;
}
private void scheduleNextTokenRefresh() {
if (accessToken == null) return;
long delay =
(accessToken.getExpirationTime().getSeconds() - System.currentTimeMillis() / 1000)
- TOKEN_REFRESH_THRESHOLD_SECONDS;
if (delay <= 0) {
refreshToken();
return;
}
if (scheduledTask != null) {
scheduledTask.cancel(false);
}
// Schedule a new token refresh exactly when needed
scheduledTask = scheduler.schedule(this::refreshToken, delay, TimeUnit.SECONDS);
System.out.println("Next token refresh scheduled in " + delay + " seconds.");
}
private void refreshToken() {
if (!refreshLock.tryLock()) return; // Prevent multiple simultaneous refreshes
try {
System.out.println("Refreshing access token...");
login();
System.out.println("New token acquired.\n" + getAccessToken());
scheduleNextTokenRefresh();
} catch (Exception e) {
System.err.println("Token refresh failed: " + e.getMessage());
} finally {
refreshLock.unlock();
}
}
public void shutdown() {
System.out.println("Shutting down LoginClient...");
if (scheduledTask != null) {
scheduledTask.cancel(false); // Cancel any pending token refresh task
}
scheduler.shutdown();
}
}