[Test] Add resilience in TokenAuthIntegTests #64757
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The testExpiredTokensDeletedAfterExpiration method assumed that invalidating a refresh token immediately after the delete task was run would behave as if the token did not exist. However, the Elasticsearch concurrency controls do not guarantee that behaviour. It is possible for the request that searches for the token document the corresponds to the refresh token to find an invalidated but not yet deleted document which is reflected in the API response. This change makes the test resilient to this behaviour by wrapping the assertion in an assertBusy Resolves: elastic#56903
tvernum
added
>test
Collaborator
|
Pinging @elastic/es-security (:Security/Authentication) |
ywangd
approved these changes
Nov 9, 2020
| invalidateRefreshTokenRequest, SECURITY_REQUEST_OPTIONS); | ||
| assertThat(invalidateRefreshTokenResponse.getInvalidatedTokens(), equalTo(0)); | ||
| assertThat(invalidateRefreshTokenResponse.getPreviouslyInvalidatedTokens(), equalTo(0)); | ||
| assertThat(invalidateRefreshTokenResponse.getErrors(), empty()); |
Member
Contributor
Author
There was a problem hiding this comment.
I don't follow.
Do you want this PR to reference another PR that is loosely related (they've both linked to the original issue)? Or do you want the code to reference the PR.
I didn't link these because they're separate pieces of work. One fixed a particular error in the code and the other fixes an incorrect assumption in the test. Both PRs link back to the original issue because the precised CI failure was a combination of the two, but I don't think the PRs themselves are that closely related.
Member
There was a problem hiding this comment.
The former. This is mainly a note to myself. I am not suggesting you to do anything. I did not review the other PR. So I was a bit confused when trying to cross compare the build scan failure and the changes in this PR, which "resolves" the failure. Initially they seemed to be unrelated to me.
From the build scan, the exact error occured at the following line :
assertThat(invalidateRefreshTokenResponse.getErrors(), empty());and technically speaking, the above error can be fixed by the other PR alone. By itself it will not be able to fix the "getPreviouslyInvalidatedTokens" assertion, but that was not the original error. So I added the comment as a reminder to my-future-self or maybe someone else who might need to look into it in future.
Contributor
Author
|
@elasticmachine update branch |
tvernum
added a commit
to tvernum/elasticsearch
that referenced
this pull request
Dec 15, 2020
The testExpiredTokensDeletedAfterExpiration method assumed that invalidating a refresh token immediately after the delete task was run would behave as if the token did not exist. However, the Elasticsearch concurrency controls do not guarantee that behaviour. It is possible for the request that searches for the token document the corresponds to the refresh token to find an invalidated but not yet deleted document which is reflected in the API response. This change makes the test resilient to this behaviour by wrapping the assertion in an assertBusy Backport of: elastic#64757
ywangd
added a commit
to ywangd/elasticsearch
that referenced
this pull request
Oct 24, 2022
The PR introduces a waiting for token invalidation similar to the fix for elastic#67347 and elastic#64757. It targets access token instead of the refresh token. But the underlying cause is the same because invalidation of both token types are at least a 2-step process: (1) find the document and (2) delete the document. In the first step, a document can be found by either search or get when it is about to be deleted and this results to missingDocument exception in step 2. The intention of the particular test does not really care about this situation. Its main purpose is to ensure nothing gets invalidated when the requested token does not exist (deleted). Hence the PR just adds a wait to ensure temporary inconsistent condition eventually goes away. Resolves: elastic#90509
ywangd
added a commit
that referenced
this pull request
Oct 24, 2022
The PR introduces a waiting for token invalidation similar to the fix for #67347 and #64757. It targets access token instead of the refresh token. But the underlying cause is the same because invalidation of both token types are at least a 2-step process: (1) find the document and (2) delete the document. In the first step, a document can be found by either search or get when it is about to be deleted and this results to missingDocument exception in step 2. The intention of the particular test does not really care about this situation. Its main purpose is to ensure nothing gets invalidated when the requested token does not exist (deleted). Hence the PR just adds a wait to ensure temporary inconsistent condition eventually goes away. Resolves: #90509
ywangd
added a commit
to ywangd/elasticsearch
that referenced
this pull request
Oct 25, 2022
) The PR introduces a waiting for token invalidation similar to the fix for elastic#67347 and elastic#64757. It targets access token instead of the refresh token. But the underlying cause is the same because invalidation of both token types are at least a 2-step process: (1) find the document and (2) delete the document. In the first step, a document can be found by either search or get when it is about to be deleted and this results to missingDocument exception in step 2. The intention of the particular test does not really care about this situation. Its main purpose is to ensure nothing gets invalidated when the requested token does not exist (deleted). Hence the PR just adds a wait to ensure temporary inconsistent condition eventually goes away. Resolves: elastic#90509
elasticsearchmachine
pushed a commit
that referenced
this pull request
Oct 25, 2022
…91103) The PR introduces a waiting for token invalidation similar to the fix for #67347 and #64757. It targets access token instead of the refresh token. But the underlying cause is the same because invalidation of both token types are at least a 2-step process: (1) find the document and (2) delete the document. In the first step, a document can be found by either search or get when it is about to be deleted and this results to missingDocument exception in step 2. The intention of the particular test does not really care about this situation. Its main purpose is to ensure nothing gets invalidated when the requested token does not exist (deleted). Hence the PR just adds a wait to ensure temporary inconsistent condition eventually goes away. Resolves: #90509
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The testExpiredTokensDeletedAfterExpiration method assumed that
invalidating a refresh token immediately after the delete task was run
would behave as if the token did not exist.
However, the Elasticsearch concurrency controls do not guarantee that
behaviour. It is possible for the request that searches for the token
document the corresponds to the refresh token to find an invalidated
but not yet deleted document which is reflected in the API response.
This change makes the test resilient to this behaviour by wrapping the
assertion in an assertBusy
Resolves: #56903