diff options
author | Carl Lundin <clundin@google.com> | 2024-05-10 13:56:44 -0700 |
---|---|---|
committer | Gopher Robot <gobot@golang.org> | 2024-05-10 21:31:51 +0000 |
commit | 5fd42413edb3b1699004a31b72e485e0e4ba1b13 (patch) | |
tree | 67bbdd1450eaa666ca38774391115c8e40bd5674 | |
parent | 84cb9f7f5c5a639955cd501bfdd54f0e63997e61 (diff) | |
download | golang-x-oauth2-upstream-master.tar.gz |
google: update compute token refreshupstream-master
The shortest MDS token cache time is 4 minutes. The refresh window is updated
to 3 minutes and 45 seconds to give the MDS time to update it's cache.
This should make slow refreshes less likely to cause failures.
Done in https://github.com/googleapis/google-cloud-go/pull/9139 for the other auth library.
Change-Id: Ifa353248197d8998e6b0363d1f2821b45a0e6495
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/584815
Auto-Submit: Cody Oss <codyoss@google.com>
TryBot-Bypass: Cody Oss <codyoss@google.com>
Run-TryBot: Cody Oss <codyoss@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Cody Oss <codyoss@google.com>
-rw-r--r-- | google/google.go | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/google/google.go b/google/google.go index ba931c2..7b82e7a 100644 --- a/google/google.go +++ b/google/google.go @@ -252,7 +252,10 @@ func (f *credentialsFile) tokenSource(ctx context.Context, params CredentialsPar // Further information about retrieving access tokens from the GCE metadata // server can be found at https://cloud.google.com/compute/docs/authentication. func ComputeTokenSource(account string, scope ...string) oauth2.TokenSource { - return computeTokenSource(account, 0, scope...) + // refresh 3 minutes and 45 seconds early. The shortest MDS cache is currently 4 minutes, so any + // refreshes earlier are a waste of compute. + earlyExpirySecs := 225 * time.Second + return computeTokenSource(account, earlyExpirySecs, scope...) } func computeTokenSource(account string, earlyExpiry time.Duration, scope ...string) oauth2.TokenSource { |