Skip to content

[Credential Cache Pr 1/3] CachedSupplier ALLOW static stability with uniform backoff #7028

Merged
alextwoods merged 2 commits into
feature/master/credential_cachefrom
alexwoo/credential_cache_pr1
Jun 11, 2026
Merged

[Credential Cache Pr 1/3] CachedSupplier ALLOW static stability with uniform backoff #7028
alextwoods merged 2 commits into
feature/master/credential_cachefrom
alexwoo/credential_cache_pr1

Conversation

@alextwoods

@alextwoods alextwoods commented Jun 10, 2026

Copy link
Copy Markdown
Contributor

This PR merges to feature/master/credential_cache, NOT to master
[Credential Cache Pr 1/3].

Implement updated static stability in CachedSupplier ALLOW mode with uniform backoff + cache invalidation handling.

Motivation and Context

This PR establishes the foundation: rewriting the CachedSupplier StaleValueBehavior.ALLOW semantics and introducing the CacheInvalidatingError/CacheInvalidatingException types that all subsequent provider changes depend on.

PR chain: PR 1 (this) → [PR 2: Provider ALLOW adoption] → [PR 3: Unified timing configuration]
(Note: To view the complete set of changes, see: #7022)

Modifications

  • CachedSupplier ALLOW behavior rewrite (utils module): Replaced the previous exponential 100ms→10s backoff on refresh failure with uniform random 5–10 minute (300-600 second) backoff per the SEP. On failure, handleFetchFailure() now extends both staleTime and prefetchTime to suppress refresh attempts for the backoff duration. Prefetch-window failures are also handled (previously only stale-window failures were). The consecutiveStaleRetrievalFailures counter and maxStaleFailureJitter() method are removed (no longer needed with uniform backoff). maxStaleFailureJitterTest() is deprecated (cannot remove due to japicmp).

  • CacheInvalidatingError marker interface (utils module): A new @SdkProtectedApi marker interface that CachedSupplier checks via instanceof. When a refresh exception implements this interface, the exception is re-thrown immediately without applying backoff or extending expiration. This enables providers to signal non-recoverable errors (expired SSO tokens, changed passwords) that should bypass static stability.

  • CacheInvalidatingException (sdk-core module): A new @SdkPublicApi exception class extending SdkClientException and implementing CacheInvalidatingError. Provides create(String) and create(String, Throwable) factory methods. Lives in sdk-core to be accessible to all service modules while the marker interface lives in utils (avoiding circular dependencies).

Testing

  • Added comprehensize tests for static stability behavior, cache-invalidating exception bypass, backoff range validation, and prefetch-window failure handling.

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

Checklist

  • I have read the CONTRIBUTING document
  • Local run of mvn install succeeds
  • My code follows the code style of this project
  • My change requires a change to the Javadoc documentation
  • I have updated the Javadoc documentation accordingly
  • I have added tests to cover my changes
  • All new and existing tests passed
  • I have added a changelog entry. Adding a new entry must be accomplished by running the scripts/new-change script and following the instructions. Commit the new file created by the script in .changes/next-release with your changes.

License

  • I confirm that this pull request can be released under the Apache 2 license

@alextwoods
CachedSupplier ALLOW static stability with uniform backoff + CacheInv…
1927e30 
…alidatingError

Rewrite CachedSupplier's StaleValueBehavior.ALLOW to implement static
stability semantics per the Credential Refresh SEP:

- Replace exponential 100ms-10s backoff with uniform random 5-10 minute
  (300-600 second) backoff on refresh failure
- Add CacheInvalidatingError marker interface (utils module) for
  exceptions that should bypass static stability and propagate immediately
- Add CacheInvalidatingException (sdk-core module) as the concrete
  public exception type implementing CacheInvalidatingError
- Handle prefetch-window failures: extend prefetchTime on failure to
  suppress further attempts until backoff elapses
- Update handleFetchedSuccess ALLOW branch for expired-credentials case
- Remove consecutiveStaleRetrievalFailures counter (no longer needed)
- Deprecate maxStaleFailureJitterTest() (cannot remove due to japicmp)
- Add comprehensive tests for static stability, cache-invalidating
  exception bypass, and backoff range validation
@alextwoods alextwoods requested a review from a team as a code owner June 10, 2026 21:00
@alextwoods alextwoods requested a review from zoewangg June 11, 2026 15:01
zoewangg
zoewangg reviewed Jun 11, 2026
View reviewed changes
Comment thread utils/src/main/java/software/amazon/awssdk/utils/cache/CachedSupplier.java Outdated
Comment thread utils/src/main/java/software/amazon/awssdk/utils/cache/CacheInvalidatingError.java Outdated
@alextwoods alextwoods merged commit 5a90034 into feature/master/credential_cache Jun 11, 2026
2 of 3 checks passed
@github-actions

github-actions Bot commented Jun 11, 2026

Copy link
Copy Markdown

This pull request has been closed and the conversation has been locked. Comments on closed PRs are hard for our team to see. If you need more assistance, please open a new issue that references this one.

@github-actions github-actions Bot locked as resolved and limited conversation to collaborators Jun 11, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@zoewangg zoewangg zoewangg approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alextwoods @zoewangg