Skip to content

fix(sdk): Single-flight re-authentication on 401#1849

Merged
gtema merged 1 commit into
mainfrom
reauth
Jul 13, 2026
Merged

fix(sdk): Single-flight re-authentication on 401#1849
gtema merged 1 commit into
mainfrom
reauth

Conversation

@gtema

@gtema gtema commented Jul 13, 2026

Copy link
Copy Markdown
Owner

AsyncOpenStack clones share one Arc<RwLock>, so
concurrent requests hitting 401 each ran their own clear_all_auth +
full re-auth independently. Under an interactive AuthHelper this
meant up to N credential prompts and N parallel Keystone logins for
one token expiry.

Add reauth_lock (tokio::sync::Mutex) shared across clones, and
auth_generation on SessionContext bumped in set_auth. Waiters that
acquire the lock after another task already re-authed recheck the
generation and skip redundant work instead of re-authing again.

Signed-off-by: Artem Goncharov artem.goncharov@gmail.com

AsyncOpenStack clones share one Arc<RwLock<SessionContext>>, so
concurrent requests hitting 401 each ran their own clear_all_auth +
full re-auth independently. Under an interactive AuthHelper this
meant up to N credential prompts and N parallel Keystone logins for
one token expiry.

Add reauth_lock (tokio::sync::Mutex) shared across clones, and
auth_generation on SessionContext bumped in set_auth. Waiters that
acquire the lock after another task already re-authed recheck the
generation and skip redundant work instead of re-authing again.

Signed-off-by: Artem Goncharov <artem.goncharov@gmail.com>
@gtema
gtema merged commit fa66c94 into main Jul 13, 2026
20 checks passed
@gtema-release-plz gtema-release-plz Bot mentioned this pull request Jul 13, 2026
@gtema
gtema deleted the reauth branch July 14, 2026 07:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant