test(oidc): await token expiry

bevzzz · bevzzz · commit 889a488c1549 · 2025-12-30T09:30:03.000+01:00
diff --git a/src/it/java/io/weaviate/integration/OIDCSupportITest.java b/src/it/java/io/weaviate/integration/OIDCSupportITest.java
@@ -3,6 +3,7 @@
 import java.io.IOException;
 import java.net.InetSocketAddress;
 import java.net.Socket;
+import java.time.Duration;
 import java.util.List;
 import java.util.UUID;
 
@@ -13,6 +14,7 @@
 import io.weaviate.ConcurrentTest;
 import io.weaviate.client6.v1.api.Authentication;
 import io.weaviate.client6.v1.internal.TokenProvider;
+import io.weaviate.client6.v1.internal.TokenProvider.Token;
 import io.weaviate.client6.v1.internal.rest.RestTransport;
 import io.weaviate.containers.Weaviate;
 
@@ -88,9 +90,10 @@ public void test_resourceOwnerPassword() throws Exception {
     // Get the token obtained by the wrapped TokenProvider.
     var t = auth.getToken();
 
-    // Now make all tokens expire immediately, forcing the client to refresh..
-    // Verify the new token is different from the one before.
-    auth.setExpiresIn(0);
+    // Wait for the token to expire. Because we're testing against a live IdP
+    // and cannot control it at test, all other "mocking" options are more
+    // intrusive. Verify the new token is different from the one before.
+    waitForExpiry(t);
     pingWeaviate(wcsContainer, auth);
 
     var newT = auth.getToken();
@@ -113,9 +116,10 @@ public void test_clientCredentials() throws Exception {
     // Get the token obtained by the wrapped TokenProvider.
     var t = auth.getToken();
 
-    // Now make all tokens expire immediately, forcing the client to refresh..
-    // Verify the new token is different from the one before.
-    auth.setExpiresIn(0);
+    // Wait for the token to expire. Because we're testing against a live IdP
+    // and cannot control it at test, all other "mocking" options are more
+    // intrusive. Verify the new token is different from the one before.
+    waitForExpiry(t);
     pingWeaviate(oktaContainer, auth);
 
     var newT = auth.getToken();
@@ -170,6 +174,20 @@ private static boolean ping(String site) {
     }
   }
 
+  private static void waitForExpiry(Token t) {
+    if (!t.isValid()) {
+      return;
+    }
+    if (t.neverExpires()) {
+      throw new IllegalStateException("token never expires");
+    }
+    try {
+      Thread.sleep(Duration.ofSeconds(t.expiresIn()).toMillis());
+    } catch (InterruptedException e) {
+      Thread.currentThread().interrupt();
+    }
+  }
+
   /**
    * SpyTokenProvider is an Authentication implementation that spies on the
    * TokenProvider it creates and can expose tokens generated by it.
@@ -188,7 +206,6 @@ static Token stealToken(Authentication auth) throws Exception {
       return spy.getToken();
     }
 
-    private Long expiresIn;
     private Authentication authentication;
     private TokenProvider tokenProvider;
 
@@ -204,17 +221,7 @@ public TokenProvider getTokenProvider(RestTransport transport) {
 
     @Override
     public Token getToken() {
-      var t = tokenProvider.getToken();
-      if (expiresIn != null) {
-        t = Token.expireAfter(t.accessToken(), t.refreshToken(), expiresIn);
-      }
-      return t;
-    }
-
-    /** Expire all tokens in {@code expiresIn} seconds. */
-    void setExpiresIn(long expiresIn) {
-      this.expiresIn = expiresIn;
+      return tokenProvider.getToken();
     }
-
   }
 }
diff --git a/src/test/java/io/weaviate/client6/v1/api/WeaviateClientAsyncTest.java b/src/test/java/io/weaviate/client6/v1/api/WeaviateClientAsyncTest.java
@@ -14,6 +14,9 @@ public void testFailedConnection() {
 
   @Test(expected = WeaviateConnectException.class)
   public void testFailedConnection_Local() {
+    // You might see a warning from gRPC saying that the channel has been
+    // garbage-collected before it was closed. The stack trace will probably
+    // show that it's related to this test.
     WeaviateClientAsync.connectToLocal(conn -> conn.port(1234));
   }
 
diff --git a/src/test/java/io/weaviate/client6/v1/api/WeaviateClientTest.java b/src/test/java/io/weaviate/client6/v1/api/WeaviateClientTest.java
@@ -14,15 +14,10 @@ public void testFailedConnection() {
 
   @Test(expected = WeaviateConnectException.class)
   public void testFailedConnection_Local() throws Exception {
-    // This test will fail if SOME Weaviate container is running on your machine
-    // with default :8080 port exposed. All Testcontainer instances started by
-    // the client's test suite expose random ports, which will not interferen with
-    // this test.
-    //
-    // You might also see a warning from gRPC saying that the channel has been
+    // You might see a warning from gRPC saying that the channel has been
     // garbage-collected before it was closed. The stack trace will probably
     // show that it's related to this test.
-    WeaviateClient.connectToLocal();
+    WeaviateClient.connectToLocal(conn -> conn.port(1234));
   }
 
   @Test(expected = WeaviateConnectException.class)

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,9 @@ public void testFailedConnection() {`
`14`	`14`
`15`	`15`	`@Test(expected = WeaviateConnectException.class)`
`16`	`16`	`public void testFailedConnection_Local() {`
	`17`	`+ // You might see a warning from gRPC saying that the channel has been`
	`18`	`+ // garbage-collected before it was closed. The stack trace will probably`
	`19`	`+ // show that it's related to this test.`
`17`	`20`	`WeaviateClientAsync.connectToLocal(conn -> conn.port(1234));`
`18`	`21`	`}`
`19`	`22`