This is an automated email from the ASF dual-hosted git repository.
yuqi4733 pushed a commit to branch branch-1.2
in repository https://gitbox.apache.org/repos/asf/gravitino.git
The following commit(s) were added to refs/heads/branch-1.2 by this push:
new 0b4612d3af [Cherry-pick to branch-1.2] [#10315]fix(client-python): Fix
GCS credential handling for gcsfs 2026.2.0 compatibility (#10317) (#10328)
0b4612d3af is described below
commit 0b4612d3af28c3a26228868c1e4c1c86432b44b5
Author: github-actions[bot]
<41898282+github-actions[bot]@users.noreply.github.com>
AuthorDate: Tue Mar 10 17:15:47 2026 +0800
[Cherry-pick to branch-1.2] [#10315]fix(client-python): Fix GCS credential
handling for gcsfs 2026.2.0 compatibility (#10317) (#10328)
**Cherry-pick Information:**
- Original commit: 34938d52aff8d2485015941724b01a8a0edfa314
- Target branch: `branch-1.2`
- Status: ✅ Clean cherry-pick (no conflicts)
Co-authored-by: geyanggang <[email protected]>
---
.../gravitino/filesystem/gvfs_storage_handler.py | 51 +++++++++++++++++++++-
1 file changed, 50 insertions(+), 1 deletion(-)
diff --git a/clients/client-python/gravitino/filesystem/gvfs_storage_handler.py
b/clients/client-python/gravitino/filesystem/gvfs_storage_handler.py
index 63c215079a..22abc27aa9 100644
--- a/clients/client-python/gravitino/filesystem/gvfs_storage_handler.py
+++ b/clients/client-python/gravitino/filesystem/gvfs_storage_handler.py
@@ -19,6 +19,7 @@ import logging
import sys
import time
from abc import ABC, abstractmethod
+from datetime import datetime, timezone
from enum import Enum
from typing import Optional, Tuple, List, Dict, Any
@@ -40,6 +41,14 @@ from gravitino.api.credential.s3_token_credential import
S3TokenCredential
from gravitino.exceptions.base import GravitinoRuntimeException
from gravitino.filesystem.gvfs_config import GVFSConfig
+try:
+ from google.auth.credentials import Credentials
+ from google.auth.exceptions import RefreshError
+
+ GOOGLE_AUTH_AVAILABLE = True
+except ImportError:
+ GOOGLE_AUTH_AVAILABLE = False
+
TIME_WITHOUT_EXPIRATION = sys.maxsize
SLASH = "/"
@@ -403,10 +412,50 @@ class GCSStorageHandler(StorageHandler):
catalog_props,
)
if isinstance(credential, GCSTokenCredential):
+ if not GOOGLE_AUTH_AVAILABLE:
+ raise GravitinoRuntimeException(
+ "Failed to import google.auth. "
+ "Please ensure google-auth is installed."
+ )
+
+ # gcsfs expects a google.auth.credentials.Credentials
object
+ # We need to create a credentials object from the access
token
+ class StaticCredentials(Credentials):
+ """A credentials object that uses a static access
token."""
+
+ def __init__(self, token_value, expiry_time_ms):
+ super().__init__()
+ self.token = token_value
+ # Convert milliseconds to datetime
+ self.expiry = datetime.fromtimestamp(
+ expiry_time_ms / 1000.0, tz=timezone.utc
+ )
+
+ def refresh(self, request):
+ # Static token cannot be refreshed
+ raise RefreshError(
+ "Cannot refresh static access token. "
+ "Please request a new credential from
Gravitino."
+ )
+
+ @property
+ def expired(self):
+ if not self.expiry:
+ return False
+ return datetime.now(timezone.utc) >= self.expiry
+
+ @property
+ def valid(self):
+ return self.token is not None and not self.expired
+
+ creds = StaticCredentials(
+ credential.token(), credential.expire_time_in_ms()
+ )
+
return (
expire_time,
self.get_filesystem(
- token=credential.token(),
+ token=creds,
**kwargs,
),
)
