Skip to content

Add an option to disable adding the offline_access scope by default in OAuth exchanges. #525

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 17, 2025
Merged

Add an option to disable adding the offline_access scope by default in OAuth exchanges. #525

merged 4 commits into from
Oct 17, 2025

Conversation

@renaudhartert-db
Copy link
Contributor

@renaudhartert-db renaudhartert-db commented Oct 16, 2025

What changes are proposed in this pull request?

This PR adds the DATABRICKS_DISABLE_OAUTH_REFRESH_TOKEN option in DatabricksConfig to disable automatically requesting a refresh token (by adding the offline_access scope) in OAuth flow. Note that this option does not remove the scope from the user provided scopes if present.

How is this tested?

Unit + Integration tests.

@github-actions
Copy link

github-actions bot commented Oct 16, 2025

If integration tests don't run automatically, an authorized user can run them manually by following the instructions below:

Trigger:
go/deco-tests-run/sdk-java

Inputs:

  • PR number: 525
  • Commit SHA: 57786aa8cf21ebe0577a9d1cc80b7fc71bbc5f1b

Checks will be approved automatically on success.

@samikshya-db samikshya-db mentioned this pull request Oct 17, 2025
Merged
Divyansh-db
Divyansh-db approved these changes Oct 17, 2025
View reviewed changes
Copy link
Contributor

@Divyansh-db Divyansh-db left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@renaudhartert-db renaudhartert-db added this pull request to the merge queue Oct 17, 2025
Merged via the queue into main with commit c8b5595 Oct 17, 2025
16 checks passed
@renaudhartert-db renaudhartert-db deleted the renaud-hartert_data/refresh_token branch October 17, 2025 11:56
@Divyansh-db Divyansh-db mentioned this pull request Oct 17, 2025
Merged
github-merge-queue bot pushed a commit that referenced this pull request Oct 22, 2025
@Divyansh-db
Fixed configure method for non-refreshable tokens (#526)
54b94b1 
## What changes are proposed in this pull request?

We recently added support for disabling auto token refresh
(#525). The
current code is hardcoded to handle refreshable tokens, and it
forcefully refreshes the token on every call of `configure()`
This PR proposed using a token (no matter if it is refreshable or not)
if it is valid. Once the ExternalBrowserCredentialsProvider is run, it
stores the token on disk. If the application is run again, it checks the
token and tries to use it.

## How is this tested?

Added Unit tests

NO_CHANGELOG=true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Divyansh-db Divyansh-db Divyansh-db approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@renaudhartert-db @Divyansh-db