You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2022/03/16 18:46:12 UTC

[GitHub] [nifi] tpalfy opened a new pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

tpalfy opened a new pull request #5872:
URL: https://github.com/apache/nifi/pull/5872


   <!--
     Licensed to the Apache Software Foundation (ASF) under one or more
     contributor license agreements.  See the NOTICE file distributed with
     this work for additional information regarding copyright ownership.
     The ASF licenses this file to You under the Apache License, Version 2.0
     (the "License"); you may not use this file except in compliance with
     the License.  You may obtain a copy of the License at
         http://www.apache.org/licenses/LICENSE-2.0
     Unless required by applicable law or agreed to in writing, software
     distributed under the License is distributed on an "AS IS" BASIS,
     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     See the License for the specific language governing permissions and
     limitations under the License.
   -->
   In order to streamline the review of the contribution we ask you
   to ensure the following steps have been taken:
   
   ### For all changes:
   - [x] Is there a JIRA ticket associated with this PR? Is it referenced 
        in the commit message?
   
   - [x] Does your PR title start with **NIFI-XXXX** where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.
   
   - [x] Has your PR been rebased against the latest commit within the target branch (typically `main`)?
   
   - [x] Is your initial contribution a single, squashed commit? _Additional commits in response to PR reviewer feedback should be made on this branch and pushed to allow change tracking. Do not `squash` or use `--force` when pushing to allow for clean monitoring of changes._
   
   ### For code changes:
   - [ ] Have you ensured that the full suite of tests is executed via `mvn -Pcontrib-check clean install` at the root `nifi` folder?
   - [ ] Have you written or updated unit tests to verify your changes?
   - [ ] Have you verified that the full build is successful on JDK 8?
   - [ ] Have you verified that the full build is successful on JDK 11?
   - [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)?
   - [ ] If applicable, have you updated the `LICENSE` file, including the main `LICENSE` file under `nifi-assembly`?
   - [ ] If applicable, have you updated the `NOTICE` file, including the main `NOTICE` file found under `nifi-assembly`?
   - [ ] If adding new Properties, have you added `.displayName` in addition to .name (programmatic access) for each of the new properties?
   
   ### For documentation related changes:
   - [ ] Have you ensured that format looks appropriate for the output in which it is rendered?
   
   ### Note:
   Please ensure that once the PR is submitted, you check GitHub Actions CI for build issues and submit an update to your PR as soon as possible.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] exceptionfactory commented on pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

exceptionfactory commented on pull request #5872:
URL: https://github.com/apache/nifi/pull/5872#issuecomment-1069673096


   Thanks @MikeThomsen, I agree that making the margin a configurable property on `StandardOauth2AccessTokenProvider` would provide the greatest amount of flexibility, and also address the issue at hand.
   
   @tpalfy, realizing that this changes the scope of the initial issue, what do you think about making the new property part of this PR?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] exceptionfactory commented on pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

exceptionfactory commented on pull request #5872:
URL: https://github.com/apache/nifi/pull/5872#issuecomment-1070989776


   Submitted PR #5876 for NIFI-9807 to implement a configurable service property and remove the hard-coded expiry margin in AccessToken.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] asfgit closed pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

asfgit closed pull request #5872:
URL: https://github.com/apache/nifi/pull/5872


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] exceptionfactory commented on pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

exceptionfactory commented on pull request #5872:
URL: https://github.com/apache/nifi/pull/5872#issuecomment-1069619987


   Thanks for the feedback @MikeThomsen.  Are you suggesting that this should be a new property on the StandardOauth2Provider service?  Given that the initial version did not have this margin feature, it seems like the options are either introducing a configurable property, or reverting to the original behavior that did not include any margin.  It would be helpful to figure out a path forward soon as this is currently blocking the next release candidate for 1.16.0.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] tpalfy commented on pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

tpalfy commented on pull request #5872:
URL: https://github.com/apache/nifi/pull/5872#issuecomment-1070870533


   @MikeThomsen, @exceptionfactory
   I would consider the need to add a property for the margin not urgent, if necessary at all.
   
   A 5 minute access token is extreme on its own but the service would handle such a scenario just fine. The service gets a new token if it considers the current one close to being expired. It doesn't break, doesn't throw exception, doesn't report error. Gets a new token thats all.
   
   In the extreme cases this would simply mean getting a new token ever time.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] exceptionfactory commented on pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

exceptionfactory commented on pull request #5872:
URL: https://github.com/apache/nifi/pull/5872#issuecomment-1070989776


   Submitted PR #5876 for NIFI-9807 to implement a configurable service property and remove the hard-coded expiry margin in AccessToken.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] asfgit closed pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

asfgit closed pull request #5872:
URL: https://github.com/apache/nifi/pull/5872


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] tpalfy commented on pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

tpalfy commented on pull request #5872:
URL: https://github.com/apache/nifi/pull/5872#issuecomment-1070870533


   @MikeThomsen, @exceptionfactory
   I would consider the need to add a property for the margin not urgent, if necessary at all.
   
   A 5 minute access token is extreme on its own but the service would handle such a scenario just fine. The service gets a new token if it considers the current one close to being expired. It doesn't break, doesn't throw exception, doesn't report error. Gets a new token thats all.
   
   In the extreme cases this would simply mean getting a new token ever time.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [nifi] MikeThomsen commented on pull request #5872: NIFI-9801 Fixed error in previous correction of AccessToken.isExpired() margin calculation

Posted by GitBox <gi...@apache.org>.

MikeThomsen commented on pull request #5872:
URL: https://github.com/apache/nifi/pull/5872#issuecomment-1069647888


   > Are you suggesting that this should be a new property on the StandardOauth2Provider service?
   
   Yeah. I see value in having the margin. I just don't think having it hard-coded at exactly a 5 minute window is a good idea since I've seen security folks insist on a 5 minute window before for the expiry.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org