fix: only refresh if the token has expired.

GoogleCloudPlatform · Jun 14, 2023 · 0285e3e · 0285e3e
1 parent a53e83d
commit 0285e3e
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/core/src/main/java/com/google/cloud/sql/core/SqlAdminApiFetcher.java b/core/src/main/java/com/google/cloud/sql/core/SqlAdminApiFetcher.java
@@ -299,10 +299,17 @@ private Certificate fetchEphemeralCertificate(
    * @throws IOException when the credentials.refresh() has failed 3 times
    */
   private void refreshWithRetry(OAuth2Credentials credentials) throws IOException {
+
+    // if the access token has not expired, do not attempt to refresh
+    AccessToken token = credentials.getAccessToken();
+    if( token == null || token.getExpirationTime().toInstant().isAfter(Instant.now()) ) {
+      return;
+    }
+
     Callable<OAuth2Credentials> refresh =
         () -> {
           try {
-            credentials.refresh();
+            credentials.refreshIfExpired();
           } catch (IllegalStateException e) {
             throw new IllegalStateException(
                 String.format(