address comments

Author: vikrantpuppala

databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java

@@ -4,17 +4,13 @@
 import com.databricks.sdk.core.http.HttpClient;
 import com.databricks.sdk.core.http.Request;
 import com.databricks.sdk.core.http.Response;
-import com.databricks.sdk.core.oauth.FileTokenCache;
 import com.databricks.sdk.core.oauth.OpenIDConnectEndpoints;
-import com.databricks.sdk.core.oauth.TokenCache;
-import com.databricks.sdk.core.oauth.TokenCacheUtils;
 import com.databricks.sdk.core.utils.Cloud;
 import com.databricks.sdk.core.utils.Environment;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import java.io.File;
 import java.io.IOException;
 import java.lang.reflect.Field;
-import java.nio.file.Path;
 import java.util.*;
 import org.apache.http.HttpMessage;
 
@@ -145,9 +141,6 @@ public class DatabricksConfig {
 
   private DatabricksEnvironment databricksEnvironment;
 
-  // Lazily initialized OAuth token cache
-  private transient TokenCache tokenCache;
-
   public Environment getEnv() {
     return env;
   }
@@ -677,17 +670,6 @@ public DatabricksConfig newWithWorkspaceHost(String host) {
     return clone(fieldsToSkip).setHost(host);
   }
 
-  /**
-   * Sets a custom TokenCache implementation.
-   *
-   * @param tokenCache the TokenCache implementation to use
-   * @return this config instance
-   */
-  public DatabricksConfig setTokenCache(TokenCache tokenCache) {
-    this.tokenCache = tokenCache;
-    return this;
-  }
-
   /**
    * Gets the default OAuth redirect URL. If one is not provided explicitly, uses
    * http://localhost:8080/callback
@@ -697,20 +679,4 @@ public DatabricksConfig setTokenCache(TokenCache tokenCache) {
   public String getEffectiveOAuthRedirectUrl() {
     return redirectUrl != null ? redirectUrl : "http://localhost:8080/callback";
   }
-
-  /**
-   * Gets the TokenCache instance for the current configuration.
-   *
-   * <p>If a custom TokenCache has been set, it will be returned. Otherwise, a SimpleFileTokenCache
-   * will be created based on the configuration properties.
-   *
-   * @return A TokenCache instance
-   */
-  public synchronized TokenCache getTokenCache() {
-    if (tokenCache == null) {
-      Path cachePath = TokenCacheUtils.getCacheFilePath(getHost(), getClientId(), getScopes());
-      tokenCache = new FileTokenCache(cachePath);
-    }
-    return tokenCache;
-  }
 }

databricks-sdk-java/src/main/java/com/databricks/sdk/core/oauth/ExternalBrowserCredentialsProvider.java

@@ -5,34 +5,56 @@
 import com.databricks.sdk.core.DatabricksException;
 import com.databricks.sdk.core.HeaderFactory;
 import java.io.IOException;
+import java.nio.file.Path;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
  * A {@code CredentialsProvider} which implements the Authorization Code + PKCE flow by opening a
- * browser for the user to authorize the application. Uses the cache from {@link
- * DatabricksConfig#getTokenCache()}, tokens will be cached to avoid repeated authentication.
+ * browser for the user to authorize the application. Uses a specified TokenCache or creates a
+ * default one if none is provided.
  */
 public class ExternalBrowserCredentialsProvider implements CredentialsProvider {
   private static final Logger LOGGER =
       LoggerFactory.getLogger(ExternalBrowserCredentialsProvider.class);
 
+  private TokenCache tokenCache;
+
+  /**
+   * Creates a new ExternalBrowserCredentialsProvider with the specified TokenCache.
+   *
+   * @param tokenCache the TokenCache to use for caching tokens
+   */
+  public ExternalBrowserCredentialsProvider(TokenCache tokenCache) {
+    this.tokenCache = tokenCache;
+  }
+
+  /**
+   * Creates a new ExternalBrowserCredentialsProvider with a default TokenCache. A FileTokenCache
+   * will be created when credentials are configured.
+   */
+  public ExternalBrowserCredentialsProvider() {
+    this(null);
+  }
+
   @Override
   public String authType() {
     return "external-browser";
   }
 
   @Override
   public HeaderFactory configure(DatabricksConfig config) {
-    if (config.getHost() == null
-        || config.getClientId() == null
-        || !config.getAuthType().equals("external-browser")) {
+    if (config.getHost() == null || config.getAuthType() != "external-browser") {
       return null;
     }
-
     try {
-      // Get the token cache from config
-      TokenCache tokenCache = config.getTokenCache();
+      if (tokenCache == null) {
+        // Create a default FileTokenCache based on config
+        Path cachePath =
+            TokenCacheUtils.getCacheFilePath(
+                config.getHost(), config.getClientId(), config.getScopes());
+        tokenCache = new FileTokenCache(cachePath);
+      }
 
       // First try to use the cached token if available (will return null if disabled)
       Token cachedToken = tokenCache.load();
@@ -49,11 +71,11 @@ public HeaderFactory configure(DatabricksConfig config) {
                   .withClientSecret(config.getClientSecret())
                   .withTokenUrl(config.getOidcEndpoints().getTokenEndpoint())
                   .withRedirectUrl(config.getEffectiveOAuthRedirectUrl())
+                  .withTokenCache(tokenCache)
                   .build();
 
           LOGGER.debug("Using cached token, will immediately refresh");
           cachedCreds.token = cachedCreds.refresh();
-          tokenCache.save(cachedCreds.getToken());
           return cachedCreds.configure(config);
         } catch (Exception e) {
           // If token refresh fails, log and continue to browser auth
@@ -62,7 +84,7 @@ public HeaderFactory configure(DatabricksConfig config) {
       }
 
       // If no cached token or refresh failed, perform browser auth
-      SessionCredentials credentials = performBrowserAuth(config);
+      SessionCredentials credentials = performBrowserAuth(config, tokenCache);
       tokenCache.save(credentials.getToken());
       return credentials.configure(config);
     } catch (IOException | DatabricksException e) {
@@ -71,10 +93,24 @@ public HeaderFactory configure(DatabricksConfig config) {
     }
   }
 
-  SessionCredentials performBrowserAuth(DatabricksConfig config) throws IOException {
+  SessionCredentials performBrowserAuth(DatabricksConfig config, TokenCache tokenCache)
+      throws IOException {
     LOGGER.debug("Performing browser authentication");
     OAuthClient client = new OAuthClient(config);
     Consent consent = client.initiateConsent();
-    return consent.launchExternalBrowser();
+
+    // Use the existing browser flow to get credentials
+    SessionCredentials credentials = consent.launchExternalBrowser();
+
+    // Create a new SessionCredentials with the same token but with our token cache
+    return new SessionCredentials.Builder()
+        .withToken(credentials.getToken())
+        .withHttpClient(config.getHttpClient())
+        .withClientId(config.getClientId())
+        .withClientSecret(config.getClientSecret())
+        .withTokenUrl(config.getOidcEndpoints().getTokenEndpoint())
+        .withRedirectUrl(config.getEffectiveOAuthRedirectUrl())
+        .withTokenCache(tokenCache)
+        .build();
   }
 }

databricks-sdk-java/src/main/java/com/databricks/sdk/core/oauth/SessionCredentials.java

@@ -31,8 +31,6 @@ public String authType() {
 
   @Override
   public HeaderFactory configure(DatabricksConfig config) {
-    this.tokenCache = config.getTokenCache();
-
     return () -> {
       Map<String, String> headers = new HashMap<>();
       headers.put(
@@ -48,6 +46,7 @@ static class Builder {
     private String redirectUrl;
     private String clientId;
     private String clientSecret;
+    private TokenCache tokenCache;
 
     public Builder withHttpClient(HttpClient hc) {
       this.hc = hc;
@@ -79,6 +78,11 @@ public Builder withClientSecret(String clientSecret) {
       return this;
     }
 
+    public Builder withTokenCache(TokenCache tokenCache) {
+      this.tokenCache = tokenCache;
+      return this;
+    }
+
     public SessionCredentials build() {
       return new SessionCredentials(this);
     }
@@ -89,7 +93,7 @@ public SessionCredentials build() {
   private final String redirectUrl;
   private final String clientId;
   private final String clientSecret;
-  private transient TokenCache tokenCache;
+  private final TokenCache tokenCache;
 
   private SessionCredentials(Builder b) {
     super(b.token);
@@ -98,6 +102,7 @@ private SessionCredentials(Builder b) {
     this.redirectUrl = b.redirectUrl;
     this.clientId = b.clientId;
     this.clientSecret = b.clientSecret;
+    this.tokenCache = b.tokenCache;
   }
 
   @Override

databricks-sdk-java/src/test/java/com/databricks/sdk/core/DatabricksConfigTest.java

@@ -3,18 +3,14 @@
 import static org.junit.jupiter.api.Assertions.*;
 
 import com.databricks.sdk.core.commons.CommonsHttpClient;
-import com.databricks.sdk.core.oauth.FileTokenCache;
 import com.databricks.sdk.core.oauth.OpenIDConnectEndpoints;
-import com.databricks.sdk.core.oauth.TokenCache;
 import com.databricks.sdk.core.utils.Environment;
 import java.io.IOException;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import org.junit.jupiter.api.Test;
-import org.mockito.Mockito;
 
 public class DatabricksConfigTest {
   @Test
@@ -199,43 +195,4 @@ public void testClone() {
     assert newWorkspaceConfig.getClientId().equals("my-client-id");
     assert newWorkspaceConfig.getClientSecret().equals("my-client-secret");
   }
-
-  @Test
-  public void testGetTokenCache() {
-    // Test that getTokenCache returns a FileTokenCache by default
-    String testHost = "https://test-host.cloud.databricks.com";
-    String testClientId = "test-client-id";
-    List<String> testScopes = Arrays.asList("offline_access", "clusters", "sql");
-
-    DatabricksConfig config =
-        new DatabricksConfig().setHost(testHost).setClientId(testClientId).setScopes(testScopes);
-
-    TokenCache cache = config.getTokenCache();
-
-    assertNotNull(cache, "TokenCache from config should not be null");
-    assertInstanceOf(
-        FileTokenCache.class, cache, "Default cache should be a FileTokenCache instance");
-  }
-
-  @Test
-  public void testSetTokenCache() {
-    // Test that a custom token cache can be set and is returned by getTokenCache
-    String testHost = "https://test-host.cloud.databricks.com";
-    String testClientId = "test-client-id";
-    List<String> testScopes = Arrays.asList("offline_access", "clusters", "sql");
-
-    // Create a mock token cache
-    TokenCache mockCache = Mockito.mock(TokenCache.class);
-
-    DatabricksConfig config =
-        new DatabricksConfig()
-            .setHost(testHost)
-            .setClientId(testClientId)
-            .setScopes(testScopes)
-            .setTokenCache(mockCache);
-
-    // Verify the custom cache is returned
-    TokenCache returnedCache = config.getTokenCache();
-    assertSame(mockCache, returnedCache, "Should return the custom token cache");
-  }
 }