Skip to content

perf: avoid re-authenticating if credentials have already been fetched#2058

Merged
tswast merged 4 commits intomainfrom
b443753087-global-credentials
Sep 9, 2025
Merged

perf: avoid re-authenticating if credentials have already been fetched#2058
tswast merged 4 commits intomainfrom
b443753087-global-credentials

Conversation

@tswast
Copy link
Collaborator

@tswast tswast commented Sep 8, 2025

Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly:

  • Make sure to open an issue as a bug/issue before writing your code! That way we can discuss the change, evaluate designs, and agree on the general idea
  • Ensure the tests and linter pass
  • Code coverage does not decrease (if any source code was changed)
  • Appropriate docs were updated (if necessary)

Fixes internal issue b/443753087 🦕

@tswast tswast requested review from a team as code owners September 8, 2025 20:02
@tswast tswast requested a review from jialuoo September 8, 2025 20:02
@product-auto-label product-auto-label bot added size: m Pull request size is medium. api: bigquery Issues related to the googleapis/python-bigquery-dataframes API. labels Sep 8, 2025
tswast
tswast commented Sep 8, 2025
View reviewed changes
chelsea-lin
chelsea-lin reviewed Sep 8, 2025
View reviewed changes
bigframes/_config/auth.py
)

# Ensure an access token is available.
_cached_credentials.refresh(google.auth.transport.requests.Request())
Copy link
Contributor

@chelsea-lin chelsea-lin Sep 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the cached credentials is failed to refresh (e.g. expired), should we reload another new credentials?

Copy link
Collaborator Author

@tswast tswast Sep 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reloading generally wouldn't help. Refreshing is just exchanging a refresh token (generally long lived) for an access token (short-lived, default 1 hour, I think).

Copy link
Collaborator Author

@tswast tswast Sep 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This step shouldn't actually be necessary. I think it was added for the sole reason of having tests that check if a credential is "valid", which I don't think is populated until after the first refresh.

chelsea-lin
chelsea-lin reviewed Sep 8, 2025
View reviewed changes
bigframes/_config/bigquery_options.py
"""
return self._credentials
if self._credentials:
return self._credentials
Copy link
Contributor

@chelsea-lin chelsea-lin Sep 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure how the bigquery recycles the credentials. If it's recycled by the expired time, do we need to refresh the credentials whenever we are fetching them?

Copy link
Collaborator Author

@tswast tswast Sep 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

google-auth will automatically refresh the credentials when they are expired.

@tswast tswast merged commit 913de1b into main Sep 9, 2025
24 of 25 checks passed
@tswast tswast deleted the b443753087-global-credentials branch September 9, 2025 19:49
@release-please release-please bot mentioned this pull request Sep 9, 2025
Merged
tswast added a commit that referenced this pull request Sep 17, 2025
@tswast
fix: allow bigframes.options.bigquery.credentials to be None
a171bee 
This is a partial revert of "perf: avoid re-authenticating if
credentials have already been fetched (#2058)", commit
913de1b.
@tswast tswast mentioned this pull request Sep 17, 2025
Merged
4 tasks
tswast added a commit that referenced this pull request Sep 17, 2025
@tswast
fix: allow bigframes.options.bigquery.credentials to be None (#2092)
78f4001 
* fix: allow bigframes.options.bigquery.credentials to be `None`

This is a partial revert of "perf: avoid re-authenticating if
credentials have already been fetched (#2058)", commit
913de1b.

* add unit test
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chelsea-lin chelsea-lin chelsea-lin approved these changes

@jialuoo jialuoo Awaiting requested review from jialuoo jialuoo is a code owner automatically assigned from googleapis/api-bigquery-dataframe

Assignees

@shuoweil shuoweil

Labels

api: bigquery Issues related to the googleapis/python-bigquery-dataframes API. size: m Pull request size is medium.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tswast @chelsea-lin @shuoweil