quickstart-python icon indicating copy to clipboard operation
quickstart-python copied to clipboard
verified publisher icon firebase

you write nothing about timeouts when do authorization

Open antonov-impulsm opened this issue 6 years ago • 0 comments

hi there!

https://github.com/firebase/quickstart-python/blob/688fcfa8068dcac67978a171df828c9e77cd320e/messaging/messaging.py#L25-L33

problem is here

# [START retrieve_access_token]
def _get_access_token():
  """Retrieve a valid access token that can be used to authorize requests.

  :return: Access token.
  """
  credentials = ServiceAccountCredentials.from_json_keyfile_name(
      'service-account.json', SCOPES)
  access_token_info = credentials.get_access_token()
  return access_token_info.access_token
# [END retrieve_access_token]

authorization formally is incorrect, it could be freezen (for infinite time) in rary moments. see the full chain of the problem:

  1. get_access_token() uses defaults of oauth2clientlibrary settings (about timeouts). if you don't ask doing another (and yes: you DON'T ask -- in this example).

  2. oauth2client library uses defaults of httplib2 library settings (about timeouts). if you don't ask doing another.

  3. httplib2 library uses defaults of python sockets (std lib) settings (about timeouts). if you don't ask doing another.

  4. python sockets (std lib) uses defaults of linux settings. if you don't ask doing another.

  5. defaults of linux timeout settings means ability freezing of programme for infinite time when doing read().

how to fix it?

change invoking credentials.get_access_token() to credentials.get_access_token(http=my_http_factory_with_timeouts_blahblahblah) (and define def my_http_factory_with_timeouts_blahblahblah() somewhere)

or

fix the library oauth2client itself.

antonov-impulsm avatar Mar 13 '19 08:03 antonov-impulsm