IAM Token retrieval in DefaultTokenProvider does not honor provided client settings

[everlylfc]

I was having trouble applying connection timeouts to the overall flow of the code despite providing explicit values for client configuration which includes a connection timeout setting on the token provider, token manager, and the amazons3 client builder.

	private static final int S3_REQUEST_TIMEOUT_MS = 2000;
	private static final int S3_CONNECTION_TIMEOUT_MS = 1000;
	private static final int S3_CLIENT_EXECUTION_TIMEOUT_MS = 15000;
	private static final int S3_MAX_ERROR_RETRY = 5;

	public static AmazonS3 getAmazonS3(final String apiKey, final String endpoint, final String location, final String serviceInstanceId) {
		String iamEndpoint;
		if (endpoint.contains("cloud-object-storage.test.appdomain.cloud") || endpoint.contains("objectstorage.uat")) {
			iamEndpoint = "https://iam.test.cloud.ibm.com/identity/token";
		} else {
			iamEndpoint = "https://iam.cloud.ibm.com/identity/token";
		}

		ClientConfiguration clientConfig = new ClientConfiguration().withRequestTimeout(S3_REQUEST_TIMEOUT_MS).withConnectionTimeout(S3_CONNECTION_TIMEOUT_MS)
				.withClientExecutionTimeout(S3_CLIENT_EXECUTION_TIMEOUT_MS)
				.withRetryPolicy(PredefinedRetryPolicies.getDefaultRetryPolicyWithCustomMaxRetries(S3_MAX_ERROR_RETRY));
		clientConfig.setUseTcpKeepAlive(true);

		final DefaultTokenProvider tokenProvider = new DefaultTokenProvider(apiKey);
		tokenProvider.setHttpClientSettings(HttpClientSettings.adapt(clientConfig));
		tokenProvider.setIamEndpoint(iamEndpoint);
		final DefaultTokenManager tokenManager = new DefaultTokenManager(tokenProvider);
		tokenManager.setIamEndpoint(iamEndpoint);
		tokenManager.setIamMaxRetry(S3_MAX_ERROR_RETRY);
		tokenManager.setClientConfiguration(clientConfig);
		final BasicIBMOAuthCredentials credentials = new BasicIBMOAuthCredentials(tokenManager, serviceInstanceId);

		return AmazonS3ClientBuilder.standard().withIAMEndpoint(iamEndpoint).withCredentials(new AWSStaticCredentialsProvider(credentials))
				.withEndpointConfiguration(new EndpointConfiguration(endpoint, location)).withPathStyleAccessEnabled(true).withClientConfiguration(clientConfig)
				.build();
	}

I pulled the source code and changed this section to explicitly set a request config to test if this was the issue:

ibm-cos-sdk-java/ibm-cos-java-sdk-core/src/main/java/com/ibm/cloud/objectstorage/oauth/DefaultTokenProvider.java

Line 140 in 66efd38

HttpClient client = builder.setSSLSocketFactory(sslsf).build();

RequestConfig config = RequestConfig.custom().setConnectTimeout(1000).build();
HttpClient client = builder.setSSLSocketFactory(sslsf).setDefaultRequestConfig(config).build();

With this explicit setting, the behavior was what I was expecting. It seems the token provider is not configured with the client configuration that is provided.

[IBMeric]

Thank you for your report and investigation. We have an internal ticket tracking this item.

[IBMeric]

@everlylfc This issue has been resolved in 2.11.1. Please verify and close this ticket.

[IBMeric]

Closing ticket as resolved.