moved inferring logic to azure utils

Signed-off-by: Sreekanth Vadigi <[email protected]>

Author: sreekanth-db

databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java

@@ -14,19 +14,11 @@
 import java.io.File;
 import java.io.IOException;
 import java.lang.reflect.Field;
-import java.net.URL;
 import java.util.*;
 import org.apache.http.HttpMessage;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 public class DatabricksConfig {
 
-  private static final Logger logger = LoggerFactory.getLogger(DatabricksConfig.class);
-  
-  /** Azure authentication endpoint for tenant ID discovery */
-  private static final String AZURE_AUTH_ENDPOINT = "/aad/auth";
-  
   private CredentialsProvider credentialsProvider = new DefaultCredentialsProvider();
 
   @ConfigAttribute(env = "DATABRICKS_HOST")
@@ -735,7 +727,7 @@ private DatabricksConfig clone(Set<String> fieldsToSkip) {
   }
 
   public DatabricksConfig clone() {
-    return clone(new HashSet<>(Arrays.asList("logger", "AZURE_AUTH_ENDPOINT")));
+    return clone(new HashSet<>());
   }
 
   public DatabricksConfig newWithWorkspaceHost(String host) {
@@ -745,8 +737,6 @@ public DatabricksConfig newWithWorkspaceHost(String host) {
                 // The config for WorkspaceClient has a different host and Azure Workspace resource
                 // ID, and also omits
                 // the account ID.
-                "logger",
-                "AZURE_AUTH_ENDPOINT",
                 "host",
                 "accountId",
                 "azureWorkspaceResourceId",
@@ -766,88 +756,4 @@ public DatabricksConfig newWithWorkspaceHost(String host) {
   public String getEffectiveOAuthRedirectUrl() {
     return redirectUrl != null ? redirectUrl : "http://localhost:8080/callback";
   }
-
-  /**
-   * [Internal] Load the Azure tenant ID from the Azure Databricks login page. If the tenant ID is
-   * already set, this method does nothing.
-   * 
-   * @return true if tenant ID is available (either was already set or successfully loaded), false otherwise
-   */
-  public boolean loadAzureTenantId() {
-
-    if (azureTenantId != null) {
-      return true; // Tenant ID already available - success
-    }
-
-    if (!isAzure() || host == null) {
-      return false; // Configuration issue - can't perform operation
-    }
-
-    String loginUrl = host + AZURE_AUTH_ENDPOINT;
-    logger.debug("Loading tenant ID from {}", loginUrl);
-
-    try {
-      String redirectLocation = getRedirectLocation(loginUrl);
-      if (redirectLocation == null) {
-        return false; // Failed to get redirect location
-      }
-
-      String extractedTenantId = extractTenantIdFromUrl(redirectLocation);
-      if (extractedTenantId == null) {
-        return false; // Failed to extract tenant ID
-      }
-
-      this.azureTenantId = extractedTenantId;
-      logger.debug("Loaded tenant ID: {}", this.azureTenantId);
-      return true; // Successfully loaded
-
-    } catch (Exception e) {
-      logger.warn("Failed to load tenant ID: {}", e.getMessage());
-      return false;
-    }
-  }
-
-  private String getRedirectLocation(String loginUrl) throws IOException {
-
-    Request request = new Request("GET", loginUrl);
-    request.setRedirectionBehavior(false);
-    Response response = getHttpClient().execute(request);
-    int statusCode = response.getStatusCode();
-
-    if (statusCode != 302) {
-      logger.warn(
-          "Failed to get tenant ID from {}: expected status code 302, got {}",
-          loginUrl,
-          statusCode);
-      return null;
-    }
-
-    String location = response.getFirstHeader("Location");
-    if (location == null) {
-      logger.warn("No Location header in response from {}", loginUrl);
-    }
-
-    return location;
-  }
-
-  private String extractTenantIdFromUrl(String redirectUrl) {
-    try {
-      // The Location header has the following form:
-      // https://login.microsoftonline.com/<tenant-id>/oauth2/authorize?...
-      // The domain may change depending on the Azure cloud (e.g. login.microsoftonline.us for US
-      // Government cloud).
-      URL entraIdUrl = new URL(redirectUrl);
-      String[] pathSegments = entraIdUrl.getPath().split("/");
-
-      if (pathSegments.length < 2) {
-        logger.warn("Invalid path in Location header: {}", entraIdUrl.getPath());
-        return null;
-      }
-
-      return pathSegments[1];
-    } catch (Exception e) {
-      logger.warn("Failed to extract tenant ID from URL {}: {}", redirectUrl, e.getMessage());
-      return null;
-    }
-  }
 }

databricks-sdk-java/src/main/java/com/databricks/sdk/core/oauth/AzureServicePrincipalCredentialsProvider.java

@@ -12,6 +12,7 @@
  */
 public class AzureServicePrincipalCredentialsProvider implements CredentialsProvider {
   private final ObjectMapper mapper = new ObjectMapper();
+  private String tenantId;
 
   @Override
   public String authType() {
@@ -25,14 +26,15 @@ public OAuthHeaderFactory configure(DatabricksConfig config) {
         || config.getAzureClientSecret() == null) {
       return null;
     }
-    AzureUtils.ensureHostPresent(
-        config, mapper, AzureServicePrincipalCredentialsProvider::tokenSourceFor);
-        
-    boolean tenantIdLoaded = config.loadAzureTenantId();
-    if (!tenantIdLoaded) {
+    
+    this.tenantId = config.getAzureTenantId() != null ? config.getAzureTenantId() : AzureUtils.inferTenantId(config);
+    if (this.tenantId == null) {
       return null;
     }
-
+    
+    AzureUtils.ensureHostPresent(
+        config, mapper, this::tokenSourceFor);
+        
     CachedTokenSource inner = tokenSourceFor(config, config.getEffectiveAzureLoginAppId());
     CachedTokenSource cloud =
         tokenSourceFor(config, config.getAzureEnvironment().getServiceManagementEndpoint());
@@ -60,9 +62,9 @@ public OAuthHeaderFactory configure(DatabricksConfig config) {
    * @return A CachedTokenSource instance capable of fetching OAuth tokens for the specified Azure
    *     resource.
    */
-  private static CachedTokenSource tokenSourceFor(DatabricksConfig config, String resource) {
+  private CachedTokenSource tokenSourceFor(DatabricksConfig config, String resource) {
     String aadEndpoint = config.getAzureEnvironment().getActiveDirectoryEndpoint();
-    String tokenUrl = aadEndpoint + config.getAzureTenantId() + "/oauth2/token";
+    String tokenUrl = aadEndpoint + this.tenantId + "/oauth2/token";
     Map<String, String> endpointParams = new HashMap<>();
     endpointParams.put("resource", resource);
 

databricks-sdk-java/src/main/java/com/databricks/sdk/core/utils/AzureUtils.java

@@ -10,12 +10,20 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import java.io.IOException;
+import java.net.URL;
 import java.util.Map;
 import java.util.Optional;
 import java.util.function.BiFunction;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public class AzureUtils {
 
+  private static final Logger logger = LoggerFactory.getLogger(AzureUtils.class);
+
+  /** Azure authentication endpoint for tenant ID discovery */
+  private static final String AZURE_AUTH_ENDPOINT = "/aad/auth";
+
   public static String getWorkspaceFromJsonResponse(ObjectNode jsonResponse) throws IOException {
     JsonNode properties = jsonResponse.get("properties");
     if (properties == null) {
@@ -95,4 +103,80 @@ public static Optional<String> getAzureWorkspaceResourceId(Workspace workspace)
             workspace.getWorkspaceName());
     return Optional.of(resourceId);
   }
+
+  /**
+   * Infers the Azure tenant ID from the Databricks workspace login page.
+   * 
+   * @param config The DatabricksConfig instance
+   * @return the discovered tenant ID, or null if discovery fails
+   */
+  public static String inferTenantId(DatabricksConfig config) {
+    if (config.getAzureTenantId() != null) {
+      return config.getAzureTenantId();
+    }
+    
+    if (!config.isAzure() || config.getHost() == null) {
+      logger.warn("Cannot infer tenant ID: workspace is not Azure or host is missing");
+      return null;
+    }
+    
+    String loginUrl = config.getHost() + AZURE_AUTH_ENDPOINT;
+
+    try {
+      String redirectLocation = getRedirectLocation(config, loginUrl);
+      if (redirectLocation == null) {
+        logger.warn("Failed to get redirect location from Azure auth endpoint: {}", loginUrl);
+        return null;
+      }
+      
+      String extractedTenantId = extractTenantIdFromUrl(redirectLocation);
+      if (extractedTenantId == null) {
+        logger.warn("Failed to extract tenant ID from redirect URL: {}", redirectLocation);
+        return null;
+      }
+      
+      logger.info("Successfully discovered Azure tenant ID: {}", extractedTenantId);
+      return extractedTenantId;
+      
+    } catch (Exception e) {
+      logger.warn("Exception occurred while inferring Azure tenant ID from {}: {}", loginUrl, e.getMessage());
+      return null;
+    }
+  }
+  
+  private static String getRedirectLocation(DatabricksConfig config, String loginUrl) throws IOException {
+    Request request = new Request("GET", loginUrl);
+    request.setRedirectionBehavior(false);
+    Response response = config.getHttpClient().execute(request);
+    
+    if (response.getStatusCode() != 302) {
+      logger.warn("Expected redirect (302) from {}, got status code: {}", loginUrl, response.getStatusCode());
+      return null;
+    }
+    
+    String location = response.getFirstHeader("Location");
+    if (location == null) {
+      logger.warn("No Location header in redirect response from {}", loginUrl);
+    }
+    
+    return location;
+  }
+  
+  private static String extractTenantIdFromUrl(String redirectUrl) {
+    try {
+      // Parse: https://login.microsoftonline.com/<tenant-id>/oauth2/authorize?...
+      URL entraIdUrl = new URL(redirectUrl);
+      String[] pathSegments = entraIdUrl.getPath().split("/");
+      
+      if (pathSegments.length < 2) {
+        logger.warn("Invalid path in Location header: {}", entraIdUrl.getPath());
+        return null;
+      }
+
+        return pathSegments[1];
+    } catch (Exception e) {
+      logger.warn("Failed to parse tenant ID from URL {}: {}", redirectUrl, e.getMessage());
+      return null;
+    }
+  }
 }

databricks-sdk-java/src/test/java/com/databricks/sdk/core/DatabricksConfigTest.java

@@ -251,97 +251,4 @@ public void testGetTokenSourceWithOAuth() {
     assertEquals(tokenSource.getToken().getAccessToken(), "test-token");
   }
 
-  @Test
-  public void testLoadAzureTenantId404() throws IOException {
-    try (FixtureServer server = new FixtureServer().with("GET", "/aad/auth", "", 404)) {
-      DatabricksConfig config = new DatabricksConfig();
-      config.setHost(server.getUrl());
-      config.setHttpClient(new CommonsHttpClient.Builder().withTimeoutSeconds(30).build());
-      boolean result = config.loadAzureTenantId();
-      assertFalse(result);
-      assertNull(config.getAzureTenantId());
-    }
-  }
-
-  @Test
-  public void testLoadAzureTenantIdNoLocationHeader() throws IOException {
-    try (FixtureServer server = new FixtureServer().with("GET", "/aad/auth", "", 302)) {
-      DatabricksConfig config = new DatabricksConfig();
-      config.setHost(server.getUrl());
-      config.setHttpClient(new CommonsHttpClient.Builder().withTimeoutSeconds(30).build());
-      boolean result = config.loadAzureTenantId();
-      assertFalse(result);
-      assertNull(config.getAzureTenantId());
-    }
-  }
-
-  @Test
-  public void testLoadAzureTenantIdUnparsableLocationHeader() throws IOException {
-    FixtureServer.FixtureMapping fixture =
-        new FixtureServer.FixtureMapping.Builder()
-            .validateMethod("GET")
-            .validatePath("/aad/auth")
-            .withRedirect("https://unexpected-location", 302)
-            .build();
-
-    try (FixtureServer server = new FixtureServer().with(fixture)) {
-      DatabricksConfig config = new DatabricksConfig();
-      config.setHost(server.getUrl());
-      config.setHttpClient(new CommonsHttpClient.Builder().withTimeoutSeconds(30).build());
-      boolean result = config.loadAzureTenantId();
-      assertFalse(result);
-      assertNull(config.getAzureTenantId());
-    }
-  }
-
-  @Test
-  public void testLoadAzureTenantIdHappyPath() throws IOException {
-    FixtureServer.FixtureMapping fixture =
-        new FixtureServer.FixtureMapping.Builder()
-            .validateMethod("GET")
-            .validatePath("/aad/auth")
-            .withRedirect("https://login.microsoftonline.com/test-tenant-id/oauth2/authorize", 302)
-            .build();
-
-    try (FixtureServer server = new FixtureServer().with(fixture)) {
-      DatabricksConfig config = new DatabricksConfig();
-      config.setHost(server.getUrl());
-      config.setAzureWorkspaceResourceId(
-          "/subscriptions/123/resourceGroups/rg/providers/Microsoft.Databricks/workspaces/ws");
-      config.setHttpClient(new CommonsHttpClient.Builder().withTimeoutSeconds(30).build());
-      boolean result = config.loadAzureTenantId();
-      assertTrue(result);
-      assertEquals("test-tenant-id", config.getAzureTenantId());
-    }
-  }
-
-  @Test
-  public void testLoadAzureTenantIdSkipsWhenNotAzure() throws IOException {
-    DatabricksConfig config = new DatabricksConfig();
-    config.setHost("https://my-workspace.cloud.databricks.com"); // non-azure host
-    config.setHttpClient(new CommonsHttpClient.Builder().withTimeoutSeconds(30).build());
-    boolean result = config.loadAzureTenantId();
-    assertFalse(result);
-    assertNull(config.getAzureTenantId());
-  }
-
-  @Test
-  public void testLoadAzureTenantIdSkipsWhenAlreadySet() throws IOException {
-    DatabricksConfig config = new DatabricksConfig();
-    config.setHost("https://adb-123.0.azuredatabricks.net");
-    config.setAzureTenantId("existing-tenant-id");
-    config.setHttpClient(new CommonsHttpClient.Builder().withTimeoutSeconds(30).build());
-    boolean result = config.loadAzureTenantId();
-    assertTrue(result);
-    assertEquals("existing-tenant-id", config.getAzureTenantId());
-  }
-
-  @Test
-  public void testLoadAzureTenantIdSkipsWhenNoHost() throws IOException {
-    DatabricksConfig config = new DatabricksConfig();
-    config.setHttpClient(new CommonsHttpClient.Builder().withTimeoutSeconds(30).build());
-    boolean result = config.loadAzureTenantId();
-    assertFalse(result);
-    assertNull(config.getAzureTenantId());
-  }
 }