Skip to content

Commit a1a91a9

Browse files
authored
Merge pull request #208 from protegrity/av_add_auth_to_init_023
Adding JWT fetch during health check for server connection
2 parents 44b2e79 + 026cf91 commit a1a91a9

4 files changed

Lines changed: 49 additions & 1 deletion

File tree

src/client/dbps_api_client.cpp

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -173,7 +173,12 @@ std::string DBPSApiClient::HealthCheck() {
173173
if (!IsHttpSuccess(response.status_code)) {
174174
return "Health check failed with status: " + std::to_string(response.status_code);
175175
}
176-
176+
177+
auto auth_error = http_client_->PrefetchToken();
178+
if (auth_error.has_value()) {
179+
return "Health check succeeded but JWT fetch failed: " + auth_error.value();
180+
}
181+
177182
return response.result;
178183
}
179184

src/client/http_client_base.cpp

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,18 @@ HttpClientBase::HttpResponse HttpClientBase::Post(const std::string& endpoint,
8888
return result;
8989
}
9090

91+
std::optional<std::string> HttpClientBase::PrefetchToken() {
92+
std::string error;
93+
auto token_opt = EnsureValidToken(error);
94+
if (!token_opt.has_value()) {
95+
if (error.empty()) {
96+
return std::string("Failed to fetch auth token");
97+
}
98+
return error;
99+
}
100+
return std::nullopt;
101+
}
102+
91103
std::string HttpClientBase::AddAuthorizationHeader(HeaderList& headers) {
92104
// Get the valid token or an error message.
93105
std::string token_or_error;

src/client/http_client_base.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,9 @@ class HttpClientBase {
6161
HttpResponse Get(const std::string& endpoint, bool auth_required = true);
6262
HttpResponse Post(const std::string& endpoint, const std::string& json_body, bool auth_required = true);
6363

64+
// Fetches a JWT if missing. Returns nullopt on success, error message otherwise.
65+
std::optional<std::string> PrefetchToken();
66+
6467
protected:
6568
explicit HttpClientBase(std::string base_url,
6669
ClientCredentials credentials = {})

src/client/http_client_base_test.cpp

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,7 @@ class FakeHttpClient final : public HttpClientBase {
5252
HeaderList last_get_headers;
5353
std::vector<HeaderList> get_headers_history;
5454
bool fail_first_get_with_401 = false;
55+
bool fail_token_fetch = false;
5556

5657
protected:
5758
HttpResponse DoGet(const std::string& endpoint, const HeaderList& headers) override {
@@ -72,6 +73,9 @@ class FakeHttpClient final : public HttpClientBase {
7273
++post_calls;
7374
if (endpoint == "/token") {
7475
++token_calls;
76+
if (fail_token_fetch) {
77+
return HttpResponse(401, "", "Unauthorized");
78+
}
7579
// Use far-future expiry so the cached token is always considered valid.
7680
const TokenResp* tr = nullptr;
7781
if (!token_responses_.empty()) {
@@ -172,4 +176,28 @@ TEST(HttpClientBaseTest, RetryOnceOn401FetchesNewTokenAndRetries) {
172176
ASSERT_EQ(auth2->second, "Bearer t2");
173177
}
174178

179+
TEST(HttpClientBaseTest, PrefetchTokenFetchesAndCachesToken) {
180+
FakeHttpClient client({{"client_id", "clientA"}, {"api_key", "keyA"}});
181+
client.SetTokenResponse("prefetch", "Bearer", 4102444800);
182+
183+
auto error = client.PrefetchToken();
184+
ASSERT_FALSE(error.has_value());
185+
ASSERT_EQ(client.token_calls.load(), 1);
186+
187+
auto r = client.Get("/statusz");
188+
ASSERT_TRUE(r.error_message.empty());
189+
ASSERT_EQ(r.status_code, 200);
190+
ASSERT_EQ(client.token_calls.load(), 1);
191+
}
192+
193+
TEST(HttpClientBaseTest, PrefetchTokenReturnsErrorOnFailure) {
194+
FakeHttpClient client({{"client_id", "clientA"}, {"api_key", "keyA"}});
195+
client.fail_token_fetch = true;
196+
197+
auto error = client.PrefetchToken();
198+
ASSERT_TRUE(error.has_value());
199+
ASSERT_NE(error->find("status code: 401"), std::string::npos);
200+
ASSERT_EQ(client.token_calls.load(), 1);
201+
}
202+
175203

0 commit comments

Comments
 (0)