[jira] [Created] (IMPALA-14186) Support JWT Token Refresh in Impyla

Wed, 25 Jun 2025 09:02:51 -0700 

Jason Fehr created IMPALA-14186:
-----------------------------------

             Summary: Support JWT Token Refresh in Impyla
                 Key: IMPALA-14186
                 URL: https://issues.apache.org/jira/browse/IMPALA-14186
             Project: IMPALA
          Issue Type: Improvement
            Reporter: Jason Fehr


JWTs are intended to be short-lived, often having lifespans of 5 minutes.  
Currently, Impyla takes a JWT as input to start a query, but, if the query is 
long-running, the JWT expires and results in 401 Unauthorized errors.

Impyla needs to support JWT token refreshes while a query is running.  To 
accomplish this:
 # Add the ability to specify a callback function to generate a JWT.  When 
Impyla needs to obtain a new JWT, it will call that callback function to run 
the user provided code to obtain a new JWT.  Users can still specify a JWT if 
they want, and Impyla must use that JWT like it does today.  If a JWT is not 
specified, the callback function is immediately callef.  If both a JWT and a 
callback function are provided, start by using the JWT and call the callback 
function when that initial JWT is about to expire.  The callback function will 
be provided the previous JWT string as input (or None if there is no previous 
JWT) and will return a new JWT string.
 # Impyla must jave a new configuration setting to determine when the JWT 
should be renewed.  This setting must specify a number of seconds.  Once the 
JWT expiration time minus the current time is less than the value of this 
setting, the JWT is renewed.  Default this value to 60.
 # Impyla must provide the ability to specify a callback to determine if a JWT 
needs renewing or not.  The callback function will be provided the JWT as input 
and will return a boolean indicating if renewing is needed.
 # If both a JWT expiration callback and a number of seconds is specified, the 
callback takes precedence and the expiration time setting is ignored.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to