Handle properly Google's tokeninfo 503/backend error by clementdenis · Pull Request #141 · cloudendpoints/endpoints-java

clementdenis · 2018-04-16T19:27:59Z

We are using Cloud Endpoints to serve a large scale API (millions of API requests per day).
We measure a low but significant amount of transient "503/backend error" when validating OAuth2 requests with GoogleAuth#getTokenInfoRemote, that translates into a "401/UnauthorizedException" for the API clients => this is not what one would expect for a transient exception.

This pull request introduce two main changes:

It performs a single, immediate retry on https://www.googleapis.com/oauth2/v2/tokeninfo?access_token=XXX for IOExceptions and 5xx responses
If the retry on IOException or 5xx fails, a "503/ServiceUnavailableException" is returned to API client, instead of a "401/UnauthorizedException"

codecov-io · 2018-04-16T19:31:38Z

Codecov Report

Merging #141 into master will increase coverage by 0.06%.
The diff coverage is 80.95%.

@@             Coverage Diff              @@
##             master     #141      +/-   ##
============================================
+ Coverage     79.95%   80.02%   +0.06%     
- Complexity     1673     1677       +4     
============================================
  Files           156      156              
  Lines          5573     5591      +18     
  Branches        725      729       +4     
============================================
+ Hits           4456     4474      +18     
+ Misses          841      840       -1     
- Partials        276      277       +1

Impacted Files	Coverage Δ	Complexity Δ
...le/api/server/spi/auth/EndpointsAuthenticator.java	`100% <ø> (ø)`	`6 <0> (ø)`	⬇️
.../server/spi/auth/GoogleAppEngineAuthenticator.java	`85.45% <ø> (ø)`	`16 <0> (ø)`	⬇️
...api/server/spi/auth/GoogleOAuth2Authenticator.java	`87.09% <ø> (ø)`	`10 <0> (ø)`	⬇️
...ava/com/google/api/server/spi/auth/GoogleAuth.java	`85.71% <80.95%> (+0.96%)`	`33 <5> (+3)`	⬆️
...rver/spi/response/ServiceUnavailableException.java	`14.28% <0%> (+14.28%)`	`1% <0%> (+1%)`	⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 36333f9...031de81. Read the comment docs.

tangiel

Mostly LGTM, just two minor comments. Thanks for doing this!

tangiel · 2018-04-17T22:06:13Z

endpoints-framework/src/main/java/com/google/api/server/spi/auth/GoogleAuth.java

+  @VisibleForTesting
+  static void configureErrorHandling(HttpRequest request) {
+    request.setNumberOfRetries(1)
+      .setThrowExceptionOnExecuteError(false)


This should be indented four spaces in.

tangiel · 2018-04-17T22:06:34Z

endpoints-framework/src/main/java/com/google/api/server/spi/auth/GoogleAuth.java

+      .setIOExceptionHandler(new HttpIOExceptionHandler() {
+        @Override
+        public boolean handleIOException(HttpRequest request, boolean supportsRetry) {
+          return true; //consider all IOException as transient


Super minor nit but please add a space after the // here and below.

clementdenis · 2018-04-18T08:43:51Z

Fixed formatting (and too long lines as well). As there are only format change, I amended my commit and force pushed.

I'm coding with IntelliJ, can you confirm I should use Google's style guide?

tangiel

Yes, that should cover most of the formatting.

clementdenis force-pushed the auth_errors branch from da07bd0 to 6aa81f3 Compare April 17, 2018 15:18

tangiel reviewed Apr 17, 2018

View reviewed changes

Add retry logic in GoogleAuth.getTokenInfoRemote to handle 5xx errors

031de81

clementdenis force-pushed the auth_errors branch from 6aa81f3 to 031de81 Compare April 18, 2018 08:41

tangiel approved these changes Apr 18, 2018

View reviewed changes

tangiel merged commit 1b51f85 into cloudendpoints:master Apr 18, 2018

clementdenis deleted the auth_errors branch July 31, 2018 12:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Handle properly Google's tokeninfo 503/backend error#141

Handle properly Google's tokeninfo 503/backend error#141
tangiel merged 1 commit intocloudendpoints:masterfrom
AODocs:auth_errors

clementdenis commented Apr 16, 2018

Uh oh!

codecov-io commented Apr 16, 2018 •

edited

Loading

Uh oh!

tangiel left a comment

Uh oh!

tangiel Apr 17, 2018

Uh oh!

tangiel Apr 17, 2018

Uh oh!

clementdenis commented Apr 18, 2018

Uh oh!

tangiel left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

clementdenis commented Apr 16, 2018

Uh oh!

codecov-io commented Apr 16, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

tangiel left a comment

Choose a reason for hiding this comment

Uh oh!

tangiel Apr 17, 2018

Choose a reason for hiding this comment

Uh oh!

tangiel Apr 17, 2018

Choose a reason for hiding this comment

Uh oh!

clementdenis commented Apr 18, 2018

Uh oh!

tangiel left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

codecov-io commented Apr 16, 2018 •

edited

Loading