Package io.strimzi.kafka.oauth.validator

Class BackOffTaskScheduler

java.lang.Object

io.strimzi.kafka.oauth.validator.BackOffTaskScheduler

public class BackOffTaskScheduler
extends Object

This scheduler adds support to immediately re-schedule the execution of the provided task, using the provided ExecutorService.

It is used by JWTSignatureValidator to perform immediate (out of regular schedule) keys refresh upon detection of unknown keys. The objective is to detect rotation of JWT signing keys on authorization server very quickly in order to minimize the mismatch between valid / invalid keys on the Kafka broker and on the authorization server. Until the keys are in-sync with the authorization server, the mismatch causes 'invalid token' errors for valid new tokens, and keeps the Kafka broker accepting the no-longer-valid tokens.

This scheduler works in tandem with periodic keys refresh job in JWTSignatureValidator, using the same ScheduledExecutorService, running the tasks on the same thread. While the periodic refresh is triggered on a regular schedule, and is unaware of any other tasks, this class runs the refresh task on demand as a one-off, but tries hard to succeed - it reschedules the task if it fails.

If the task has already been scheduled (by calling scheduleTask() and has not yet successfully completed, another request to schedule the task will be ignored.

If the scheduled task fails during its run, it will be rescheduled using the so called 'exponential backoff' delay. Rather than being attempted again immediately, it will pause for an ever increasing time delay until some cutoff delay is reached (cutoffIntervalSeconds) when no further attempts are scheduled, and another scheduleTask() call can again trigger a new refresh.

Constructor Summary

Constructors

Constructor	Description
BackOffTaskScheduler(ScheduledExecutorService executor, int minPauseSeconds, int cutoffIntervalSeconds, Runnable task)	Initialise a new scheduler instance

Method Summary

Modifier and Type	Method	Description
int	getCutoffIntervalSeconds()	Get the cutoff interval in seconds for exponential backoff
int	getMinPauseSeconds()	Get the minimum pause in seconds between two consecutive scheduled runs, so that the next run does not start immediately after the previous run completes.
boolean	scheduleTask()	Schedule a task.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

BackOffTaskScheduler

public BackOffTaskScheduler(ScheduledExecutorService executor,
 int minPauseSeconds,
 int cutoffIntervalSeconds,
 Runnable task)

Initialise a new scheduler instance

Parameters:

executor - Single threaded executor service, also used by periodic keys refresh job

minPauseSeconds - A minimum pause before starting the task, and between any subsequent attempt

cutoffIntervalSeconds - If exponential backoff pause exceeds this interval, the task is cancelled

task - The task that refreshes the keys

Method Details

getMinPauseSeconds

public int getMinPauseSeconds()

Get the minimum pause in seconds between two consecutive scheduled runs, so that the next run does not start immediately after the previous run completes.

Returns:

The minimum pause in seconds

getCutoffIntervalSeconds

public int getCutoffIntervalSeconds()

Get the cutoff interval in seconds for exponential backoff

Returns:

The cutoff interval in seconds

scheduleTask

public boolean scheduleTask()

Schedule a task. The task will only be scheduled if no other task is yet scheduled. That is to prevent queueing up of tasks and unnecessary repetition of the task execution.

Returns:

true if the task was scheduled for execution, false otherwise