ktor
ktor copied to clipboard
ktorio
KTOR-8180 Provide control over tokens to user code for the client Auth
[!IMPORTANT]
Review skipped
Draft detected.
Please check the settings in the CodeRabbit UI or the
.coderabbit.yamlfile in this repository. To trigger a single review, invoke the@coderabbitai reviewcommand.You can disable this status message by setting the
reviews.review_statustofalsein the CodeRabbit configuration file.
Walkthrough
This change introduces a new, modular, and asynchronous token storage abstraction for Ktor client's authentication providers. It adds the TokenStorage interface, its implementations, and integrates them into Bearer, Basic, and Digest auth providers. The update includes new documentation, tests, and configuration options for token caching, and marks the old AuthTokenHolder as deprecated.
Changes
| Files/Group | Change Summary |
|---|---|
.gitignore, CLAUDE.md |
.gitignore fixed syntax and added ignore for .claude/settings.local.json; new CLAUDE.md with code style, build, and workflow guidelines. |
CHANGELOG.md |
Updated to document the addition of the TokenStorage interface and related improvements for version 3.1.3. |
docs/auth-token-management.md |
New documentation explaining token storage, caching, custom storage, clearing, sharing, DI integration, and migration instructions for token management in Ktor client auth. |
ktor-client/ktor-client-plugins/ktor-client-auth/api/ktor-client-auth.api,ktor-client/ktor-client-plugins/ktor-client-auth/api/ktor-client-auth.klib.api |
Added/updated public API declarations for TokenStorage, its implementations, new config options, and updated function signatures for auth providers. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/src/io/ktor/client/plugins/auth/Auth.kt |
Initialized token storage map during plugin install; added authProvider<T>() extension and documented authProviders property; made AuthProvidersKey internal and moved its location. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/src/io/ktor/client/plugins/auth/providers/AuthTokenHolder.kt |
Marked AuthTokenHolder as deprecated and added deprecation guidance. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/src/io/ktor/client/plugins/auth/providers/BasicAuthProvider.kt |
Integrated TokenStorage into Basic auth provider and config; added custom storage support; clearToken() is now suspendable. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/src/io/ktor/client/plugins/auth/providers/BearerAuthProvider.kt |
Integrated TokenStorage into Bearer auth provider and config; added cacheTokens option, custom storage support, and made clearToken() suspendable. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/src/io/ktor/client/plugins/auth/providers/DigestAuthProvider.kt |
Replaced internal token holder with TokenStorage and made clearToken() suspendable. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/src/io/ktor/client/plugins/auth/providers/TokenStorage.kt |
New file: defines TokenStorage abstraction, caching/non-caching implementations, factory, and client extension functions for registering/retrieving token storage. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/test/io/ktor/client/plugins/auth/AuthTest.kt |
Added tests for bearer auth provider: token caching disabled, refresh with/without caching, and correct invocation counts. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/test/io/ktor/client/plugins/auth/BearerProviderTest.kt |
New test suite: verifies bearer provider's default caching, disabled caching, custom storage, and refresh flow. |
ktor-client/ktor-client-plugins/ktor-client-auth/common/test/io/ktor/client/plugins/auth/TokenStorageTest.kt |
New test suite: verifies caching and non-caching token storage behavior, concurrent access, updates, and null handling. |
Possibly related PRs
- ktorio/ktor#4829: Both PRs update the changelog for version 3.1.3, indicating a connection regarding release documentation.
- ktorio/ktor#4825: Both PRs modify
.gitignoreand addCLAUDE.md, reflecting related changes in project configuration and guidelines. - ktorio/ktor#4832: Both PRs address token storage; this PR supersedes the previous approach by introducing a new abstraction and deprecating
AuthTokenHolder.
Suggested reviewers
- osipxd
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.
🪧 Tips
Chat
There are 3 ways to chat with CodeRabbit:
- Review comments: Directly reply to a review comment made by CodeRabbit. Example:
I pushed a fix in commit <commit_id>, please review it.Generate unit testing code for this file.Open a follow-up GitHub issue for this discussion.
- Files and specific lines of code (under the "Files changed" tab): Tag
@coderabbitaiin a new review comment at the desired location with your query. Examples:@coderabbitai generate unit testing code for this file.@coderabbitai modularize this function.
- PR comments: Tag
@coderabbitaiin a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.@coderabbitai read src/utils.ts and generate unit testing code.@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.@coderabbitai help me debug CodeRabbit configuration file.
Support
Need help? Create a ticket on our support page for assistance with any issues or questions.
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.
CodeRabbit Commands (Invoked using PR comments)
@coderabbitai pauseto pause the reviews on a PR.@coderabbitai resumeto resume the paused reviews.@coderabbitai reviewto trigger an incremental review. This is useful when automatic reviews are disabled for the repository.@coderabbitai full reviewto do a full review from scratch and review all the files again.@coderabbitai summaryto regenerate the summary of the PR.@coderabbitai generate docstringsto generate docstrings for this PR.@coderabbitai generate sequence diagramto generate a sequence diagram of the changes in this PR.@coderabbitai resolveresolve all the CodeRabbit review comments.@coderabbitai configurationto show the current CodeRabbit configuration for the repository.@coderabbitai helpto get help.
Other keywords and placeholders
- Add
@coderabbitai ignoreanywhere in the PR description to prevent this PR from being reviewed. - Add
@coderabbitai summaryto generate the high-level summary at a specific location in the PR description. - Add
@coderabbitaianywhere in the PR title to generate the title automatically.
CodeRabbit Configuration File (.coderabbit.yaml)
- You can programmatically configure CodeRabbit by adding a
.coderabbit.yamlfile to the root of your repository. - Please see the configuration documentation for more information.
- If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation:
# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
Documentation and Community
- Visit our Documentation for detailed information on how to use CodeRabbit.
- Join our Discord Community to get help, request features, and share feedback.
- Follow us on X/Twitter for updates and announcements.
![coderabbitai[bot] avatar](https://avatars.githubusercontent.com/in/347564?v=4 "Published by a pub.dev verified publisher"){kind=small}
We have the same problem in all other AuthProvider implementations using AuthTokenHolder. Could you take a look at KTOR-8180 as a possible general solution?
![jetbrains-junie[bot] avatar](https://avatars.githubusercontent.com/in/1164761?v=4 "Published by a pub.dev verified publisher"){kind=small}
