wrapper/src/main/java/software/amazon/jdbc/plugin/federatedauth/FederatedAuthPlugin.java [201:257]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - final boolean isCachedToken = tokenInfo != null && !tokenInfo.isExpired(); if (isCachedToken) { LOGGER.finest( () -> Messages.get( "AuthenticationToken.useCachedToken", new Object[] {tokenInfo.getToken()})); PropertyDefinition.PASSWORD.set(props, tokenInfo.getToken()); } else { updateAuthenticationToken(hostSpec, props, region, cacheKey, host); } PropertyDefinition.USER.set(props, DB_USER.getString(props)); try { return connectFunc.call(); } catch (final SQLException exception) { updateAuthenticationToken(hostSpec, props, region, cacheKey, host); return connectFunc.call(); } catch (final Exception exception) { LOGGER.warning( () -> Messages.get( "SamlAuthPlugin.unhandledException", new Object[] {exception})); throw new SQLException(exception); } } private void updateAuthenticationToken( final HostSpec hostSpec, final Properties props, final Region region, final String cacheKey, final String host) throws SQLException { final int tokenExpirationSec = IAM_TOKEN_EXPIRATION.getInteger(props); final Instant tokenExpiry = Instant.now().plus(tokenExpirationSec, ChronoUnit.SECONDS); final int port = IamAuthUtils.getIamPort( StringUtils.isNullOrEmpty(IAM_DEFAULT_PORT.getString(props)) ? 0 : IAM_DEFAULT_PORT.getInteger(props), hostSpec, this.pluginService.getDialect().getDefaultPort()); final AwsCredentialsProvider credentialsProvider = this.credentialsProviderFactory.getAwsCredentialsProvider(hostSpec.getHost(), region, props); this.fetchTokenCounter.inc(); final String token = IamAuthUtils.generateAuthenticationToken( this.iamTokenUtility, this.pluginService, DB_USER.getString(props), host, port, region, credentialsProvider); LOGGER.finest( () -> Messages.get( "AuthenticationToken.useCachedToken", new Object[] {token})); PropertyDefinition.PASSWORD.set(props, token); - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - wrapper/src/main/java/software/amazon/jdbc/plugin/federatedauth/OktaAuthPlugin.java [173:229]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - final boolean isCachedToken = tokenInfo != null && !tokenInfo.isExpired(); if (isCachedToken) { LOGGER.finest( () -> Messages.get( "AuthenticationToken.useCachedToken", new Object[] {tokenInfo.getToken()})); PropertyDefinition.PASSWORD.set(props, tokenInfo.getToken()); } else { updateAuthenticationToken(hostSpec, props, region, cacheKey, host); } PropertyDefinition.USER.set(props, DB_USER.getString(props)); try { return connectFunc.call(); } catch (final SQLException exception) { updateAuthenticationToken(hostSpec, props, region, cacheKey, host); return connectFunc.call(); } catch (final Exception exception) { LOGGER.warning( () -> Messages.get( "SamlAuthPlugin.unhandledException", new Object[] {exception})); throw new SQLException(exception); } } private void updateAuthenticationToken( final HostSpec hostSpec, final Properties props, final Region region, final String cacheKey, final String host) throws SQLException { final int tokenExpirationSec = IAM_TOKEN_EXPIRATION.getInteger(props); final Instant tokenExpiry = Instant.now().plus(tokenExpirationSec, ChronoUnit.SECONDS); final int port = IamAuthUtils.getIamPort( StringUtils.isNullOrEmpty(IAM_DEFAULT_PORT.getString(props)) ? 0 : IAM_DEFAULT_PORT.getInteger(props), hostSpec, this.pluginService.getDialect().getDefaultPort()); final AwsCredentialsProvider credentialsProvider = this.credentialsProviderFactory.getAwsCredentialsProvider(hostSpec.getHost(), region, props); this.fetchTokenCounter.inc(); final String token = IamAuthUtils.generateAuthenticationToken( this.iamTokenUtility, this.pluginService, DB_USER.getString(props), host, port, region, credentialsProvider); LOGGER.finest( () -> Messages.get( "AuthenticationToken.useCachedToken", new Object[] {token})); PropertyDefinition.PASSWORD.set(props, token); - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -