From b398fa9be3a1052aa45274e477d53adeda29ed16 Mon Sep 17 00:00:00 2001 From: Katrina Rogan Date: Wed, 5 Oct 2022 15:45:11 -0700 Subject: [PATCH] Update token source provider to optionally call GetPublicClientConfig (#326) * Update token source provider Signed-off-by: Katrina Rogan * GH actions incident Signed-off-by: Katrina Rogan Signed-off-by: Katrina Rogan --- .../clients/go/admin/token_source_provider.go | 20 +++++++++---------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/flyteidl/clients/go/admin/token_source_provider.go b/flyteidl/clients/go/admin/token_source_provider.go index 9890c75daa..78a1952ab1 100644 --- a/flyteidl/clients/go/admin/token_source_provider.go +++ b/flyteidl/clients/go/admin/token_source_provider.go @@ -45,12 +45,16 @@ func NewTokenSourceProvider(ctx context.Context, cfg *Config, tokenCache cache.T tokenURL = metadata.TokenEndpoint } - clientMetadata, err := authClient.GetPublicClientConfig(ctx, &service.PublicClientAuthConfigRequest{}) - if err != nil { - return nil, fmt.Errorf("failed to fetch client metadata. Error: %v", err) + scopes := cfg.Scopes + if len(scopes) == 0 { + clientMetadata, err := authClient.GetPublicClientConfig(ctx, &service.PublicClientAuthConfigRequest{}) + if err != nil { + return nil, fmt.Errorf("failed to fetch client metadata. Error: %v", err) + } + scopes = clientMetadata.Scopes } - tokenProvider, err = NewClientCredentialsTokenSourceProvider(ctx, cfg, clientMetadata, tokenURL) + tokenProvider, err = NewClientCredentialsTokenSourceProvider(ctx, cfg, scopes, tokenURL) if err != nil { return nil, err } @@ -148,8 +152,7 @@ type ClientCredentialsTokenSourceProvider struct { TokenRefreshWindow time.Duration } -func NewClientCredentialsTokenSourceProvider(ctx context.Context, cfg *Config, - clientMetadata *service.PublicClientAuthConfigResponse, tokenURL string) (TokenSourceProvider, error) { +func NewClientCredentialsTokenSourceProvider(ctx context.Context, cfg *Config, scopes []string, tokenURL string) (TokenSourceProvider, error) { var secret string if len(cfg.ClientSecretEnvVar) > 0 { secret = os.Getenv(cfg.ClientSecretEnvVar) @@ -162,11 +165,6 @@ func NewClientCredentialsTokenSourceProvider(ctx context.Context, cfg *Config, secret = string(secretBytes) } secret = strings.TrimSpace(secret) - - scopes := cfg.Scopes - if len(scopes) == 0 { - scopes = clientMetadata.Scopes - } return ClientCredentialsTokenSourceProvider{ ccConfig: clientcredentials.Config{ ClientID: cfg.ClientID,