Skip to content

Authenticate to Redis with Microsoft Entra ID using Token Cache #372

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10 commits into
base: develop
Choose a base branch
from
Open

Authenticate to Redis with Microsoft Entra ID using Token Cache #372

wants to merge 10 commits into from

Conversation

thjarvin
Copy link
Contributor

@thjarvin thjarvin commented Jun 6, 2025
edited by azure-boards bot
Loading

Fixes AB#57327

@thjarvin thjarvin requested review from haphut and LofhJann June 11, 2025 09:49
LofhJann
LofhJann requested changes Jun 11, 2025
View reviewed changes
Copy link
Contributor

@LofhJann LofhJann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works.

Requesting some clarifications and changes, some smaller some bigger but main logic is fine.

haphut
haphut reviewed Jun 11, 2025
View reviewed changes
src/main/java/fi/hsl/common/pulsar/PulsarApplication.java
int timeOutMs = connTimeOutSecs * 1000;
Jedis jedis = new Jedis(redisHost, port, timeOutMs);
jedis.connect();
protected Jedis createRedisClient(@NotNull String redisHost, int port) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I prefer having the opportunity to use both our own Redis or Redis managed by Azure. Please rather create a separate method or class.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, sorry, I have to write this somewhere:

Some of the methods in this class do not really use private instance variables of the object, apart from the logger. Would a cleaner approach aim for static methods, perhaps split over several classes? Why is something named PulsarApplication creating Jedis clients with intricate code and health checks?

If possible, I would rather follow "clean as you code" instead of waiting for separate refactoring issues that might not get prioritized high enough, unless we need a total rewrite issue.

src/main/java/fi/hsl/common/redis/RedisUtils.java
.build());
}

public static String extractUsernameFromToken(String token) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method looks nasty (and is from the Azure code samples). I would bury these Azure-specific things in a separate Azure kludge class if we choose to keep both kinds of Jedis clients.

src/main/java/fi/hsl/common/redis/RedisUtils.java
@@ -227,4 +236,105 @@ public boolean checkResponse(@Nullable final String response) {
public boolean checkResponse(@Nullable final Long response) {
return response != null && response == 1;
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For all code copied from the Azure code samples, please refer to the exact commit and mention the license under which it is copied in a comment. E.g. The following method is copied or adapted from https://github.com/Azure/azure-sdk-for-java/blob/e7103f9019669032c7ffc3b51f1bd30c6ad8655f/sdk/identity/azure-identity/src/samples/Azure-Cache-For-Redis/Jedis/Azure-AAD-Authentication-With-Jedis.md under the MIT license.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haphut haphut haphut left review comments

@LofhJann LofhJann LofhJann requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@thjarvin @haphut @LofhJann