Skip to content

feat(auth): add retry loop for generate_access_token#6092

Draft
alvarowolfx wants to merge 1 commit into
googleapis:mainfrom
alvarowolfx:auth-generate-access-token-retry
Draft

feat(auth): add retry loop for generate_access_token#6092
alvarowolfx wants to merge 1 commit into
googleapis:mainfrom
alvarowolfx:auth-generate-access-token-retry

Conversation

@alvarowolfx

Copy link
Copy Markdown
Contributor

Towards #4459

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request refactors the generate_access_token function in src/auth/src/credentials/impersonated.rs to use a new GenerateAccessTokenClient struct, integrating a retry loop with exponential backoff and strict AIP-194 retry policies from google-cloud-gax. It also adds corresponding unit tests to verify successful retries and exhausted retry attempts. Feedback on the changes highlights an issue where formatting err_payload (of type bytes::Bytes) with {:?} results in a non-human-readable debug representation of byte integers. The reviewer suggests passing the raw payload directly to GaxError::http to preserve the response body and avoid redundant error message wrapping.

Comment on lines +948 to +952
return Err(GaxError::http(
status.as_u16(),
err_headers,
format!("{MSG}: {err_payload:?}").into(),
));

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Formatting err_payload (which is of type bytes::Bytes) using {:?} inside format! will output a debug representation of the bytes (e.g., a list of integers like [123, 34, ...]), which is not human-readable and makes debugging HTTP errors extremely difficult.

Additionally, prepending {MSG} here is redundant because the caller (fetch) already wraps the returned error using errors::from_gax_error(e, MSG).

We should pass the raw err_payload directly to GaxError::http to preserve the raw HTTP response body (e.g., JSON error details) so that it can be properly formatted or parsed later.

Suggested change
return Err(GaxError::http(
status.as_u16(),
err_headers,
format!("{MSG}: {err_payload:?}").into(),
));
return Err(GaxError::http(
status.as_u16(),
err_headers,
err_payload,
));

@codecov

codecov Bot commented Jul 17, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 99.29577% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 97.04%. Comparing base (2f59820) to head (4aec5eb).
⚠️ Report is 9 commits behind head on main.

Files with missing lines Patch % Lines
src/auth/src/credentials/impersonated.rs 99.29% 1 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main    #6092      +/-   ##
==========================================
- Coverage   97.04%   97.04%   -0.01%     
==========================================
  Files         253      253              
  Lines       63682    63793     +111     
==========================================
+ Hits        61798    61905     +107     
- Misses       1884     1888       +4     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant