Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

increase timeout

pull/7160/head
chrislu 1 month ago
parent
9f9b6710b2
commit
ef9d779764
2 changed files with 15 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      test/s3/iam/s3_iam_framework.go
  2. 6
      weed/iam/oidc/oidc_provider.go

16
test/s3/iam/s3_iam_framework.go
View File

@ -511,7 +511,15 @@ func (f *S3IAMTestFramework) CreateS3ClientWithSessionToken(sessionToken string)
// CreateS3ClientWithKeycloakToken creates an S3 client using a Keycloak JWT token
func (f *S3IAMTestFramework) CreateS3ClientWithKeycloakToken(keycloakToken string) (*s3.S3, error) {
// Create a fresh HTTP transport with aggressive timeouts to prevent hanging
// Determine response header timeout based on environment
responseHeaderTimeout := 10 * time.Second
overallTimeout := 30 * time.Second
if os.Getenv("GITHUB_ACTIONS") == "true" {
responseHeaderTimeout = 30 * time.Second // Longer timeout for CI JWT validation
overallTimeout = 60 * time.Second
}
// Create a fresh HTTP transport with appropriate timeouts
transport := &http.Transport{
DisableKeepAlives: true, // Force new connections for each request
DisableCompression: true, // Disable compression to simplify requests
@ -519,13 +527,13 @@ func (f *S3IAMTestFramework) CreateS3ClientWithKeycloakToken(keycloakToken strin
MaxIdleConnsPerHost: 0, // No connection pooling per host
IdleConnTimeout: 1 * time.Second,
TLSHandshakeTimeout: 5 * time.Second,
ResponseHeaderTimeout: 10 * time.Second,
ResponseHeaderTimeout: responseHeaderTimeout, // Adjustable for CI environments
ExpectContinueTimeout: 1 * time.Second,
}
// Create a custom HTTP client with aggressive timeouts
// Create a custom HTTP client with appropriate timeouts
httpClient := &http.Client{
Timeout: 30 * time.Second, // Overall request timeout
Timeout: overallTimeout, // Overall request timeout (adjustable for CI)
Transport: &BearerTokenTransport{
Token: keycloakToken,
Transport: transport,

6
weed/iam/oidc/oidc_provider.go
View File

@ -79,7 +79,7 @@ type JWK struct {
func NewOIDCProvider(name string) *OIDCProvider {
return &OIDCProvider{
name: name,
httpClient: &http.Client{Timeout: 5 * time.Second}, // Reduced timeout for faster failures
httpClient: &http.Client{Timeout: 30 * time.Second},
}
}
@ -384,7 +384,7 @@ func (p *OIDCProvider) mapClaimsToRoles(claims *providers.TokenClaims) []string
// mapClaimsToRolesWithConfig maps token claims to roles using configured role mapping
func (p *OIDCProvider) mapClaimsToRolesWithConfig(claims *providers.TokenClaims) []string {
glog.V(3).Infof("mapClaimsToRolesWithConfig: RoleMapping is nil? %t", p.config.RoleMapping == nil)
if p.config.RoleMapping == nil {
glog.V(2).Infof("No role mapping configured for provider %s, using legacy mapping", p.name)
// Fallback to legacy mapping if no role mapping configured
@ -397,7 +397,7 @@ func (p *OIDCProvider) mapClaimsToRolesWithConfig(claims *providers.TokenClaims)
// Apply role mapping rules
for i, rule := range p.config.RoleMapping.Rules {
glog.V(3).Infof("Rule %d: claim=%s, value=%s, role=%s", i, rule.Claim, rule.Value, rule.Role)
if rule.Matches(claims) {
glog.V(2).Infof("Rule %d matched! Adding role: %s", i, rule.Role)
roles = append(roles, rule.Role)

Write Preview
Loading…
Cancel
Save