Skip to content

Refactor SessionCredentials #470

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Jun 25, 2025
Merged

Refactor SessionCredentials #470

merged 7 commits into from
Jun 25, 2025
+333 −190

Conversation

emmyzhou-db
Copy link
Contributor

@emmyzhou-db emmyzhou-db commented Jun 19, 2025
edited
Loading

What changes are proposed in this pull request?

This PR refactors the SessionCredentials class to achieve clearer separation of concerns by splitting its responsibilities into two distinct components: a CredentialsProvider implementation and a dedicated TokenSource implementation. This refactoring is necessary for introducing token cache wrappers in future PRs.

Current Implementation

  • SessionCredentials both implements CredentialsProvider and extends RefreshableTokenSource.
  • Token refresh logic is tightly coupled with credential provider functionality, making it hard to isolate token source logic and introduce caching.
  • A single class is responsible for both authentication configuration and token management.

Proposed Changes

  • SessionCredentials now implements only CredentialsProvider and delegates all token operations to a new SessionCredentialsTokenSource class.
  • SessionCredentialsTokenSource extends RefreshableTokenSource and is solely responsible for token refresh logic.

Benefits

  • Token sources can now be easily wrapped with caching mechanisms in future updates.
  • SessionCredentials remains a public CredentialsProvider as intended with no breaking changes to the public API.

How is this tested?

Existing unit tests.

NO_CHANGELOG=true

renaudhartert-db
renaudhartert-db reviewed Jun 25, 2025
View reviewed changes
...icks-sdk-java/src/main/java/com/databricks/sdk/core/oauth/SessionCredentialsTokenSource.java
*
* <p>Implements the refresh_token OAuth grant type with optional token caching.
*/
public class SessionCredentialsTokenSource extends RefreshableTokenSource {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we AutoValue this and use an auto value builder?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After some reading up, it seems like AutoValue does not support constructors that call parent constructors with arguments: https://stackoverflow.com/questions/45069608/autovalue-how-to-call-super. In this case, we need super(token) in the constructor, so I have opted for removing the builder class and just have the two optional fields as Optional.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SG, thanks @emmyzhou-db

parthban-db
parthban-db reviewed Jun 25, 2025
View reviewed changes
Copy link
Contributor

@parthban-db parthban-db left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where is the sessionCredentials used now? I am seeing all its usages are changed to sessionCredentialsTokenSource. Maybe I am missing something.

@emmyzhou-db
Copy link
Contributor Author

Where is the sessionCredentials used now? I am seeing all its usages are changed to sessionCredentialsTokenSource. Maybe I am missing something.

So SessionCredentials is not used internally as a CredentialsProvider, but based on the examples from https://github.com/databricks/databricks-sdk-java/blob/main/examples/spring-boot-oauth-u2m-demo/src/main/java/com/databricks/sdk/RootController.java it seems like the intention is that a user can get a SessionCredentials and set it as the CredentialsProvider to use.

parthban-db
parthban-db reviewed Jun 25, 2025
View reviewed changes
Copy link
Contributor

@parthban-db parthban-db left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM modulo Renaud comments.

@github-actions GitHub Actions
Copy link

If integration tests don't run automatically, an authorized user can run them manually by following the instructions below:

Trigger:
go/deco-tests-run/sdk-java

Inputs:

  • PR number: 470
  • Commit SHA: 4b9a4037a3d3424dd2be7ed83a07e1ed897b3c82

Checks will be approved automatically on success.

renaudhartert-db
renaudhartert-db approved these changes Jun 25, 2025
View reviewed changes
...icks-sdk-java/src/main/java/com/databricks/sdk/core/oauth/SessionCredentialsTokenSource.java
*
* <p>Implements the refresh_token OAuth grant type with optional token caching.
*/
public class SessionCredentialsTokenSource extends RefreshableTokenSource {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SG, thanks @emmyzhou-db

@renaudhartert-db renaudhartert-db added this pull request to the merge queue Jun 25, 2025
Merged via the queue into main with commit 66d514e Jun 25, 2025
15 checks passed
@renaudhartert-db renaudhartert-db deleted the emmyzhou-db/refactor-session-credentials branch June 25, 2025 19:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@renaudhartert-db renaudhartert-db renaudhartert-db approved these changes

@parthban-db parthban-db Awaiting requested review from parthban-db

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@emmyzhou-db @parthban-db @renaudhartert-db