imjoey
commented
4 years ago @rgolangh It makes sense and look good to me. Thanks for this.
Closed rgolangh closed 4 years ago
imjoey
commented
4 years ago @rgolangh It makes sense and look good to me. Thanks for this.
When the client has a token acquired by former authentication we should use it to test the connection. It is not enough just to keep holding the token state when in fact it is no longer valid.
Description of the Change
The change actually performs a simple request to the ovirt-engine API, using an OPTIONS https method with the Bearer token. If the token is no longer valid the request fails and a reauthentication is made, to acquire a new token.
Benefits
Long running application, that needs to to communicate with engine API can survive events of session expirations or timeouts and tokens being removed, without creating new connections over and over again, by using the
Test()method. This should save us from constant login attempts, and load on the session management module in the engine.Possible Drawbacks
It may be that we want to design the client in a way that it only uses auth token and not to really perform login with user/pass. In that case we would need to change some of the behaviours.
Verification Process
Use the procedure described in the issue to verify https://github.com/oVirt/ovirt-engine-sdk-go/issues/193#issue-556810987
Fixes: #193
@imjoey PTAL