Skip to content

branch-4.1: [fix](fe) Reject invalid stream load tokens on commit and rollback#63066

Open
liaoxin01 wants to merge 1 commit intoapache:branch-4.1from
liaoxin01:pick-pr-62111-to-branch-4.1
Open

branch-4.1: [fix](fe) Reject invalid stream load tokens on commit and rollback#63066
liaoxin01 wants to merge 1 commit intoapache:branch-4.1from
liaoxin01:pick-pr-62111-to-branch-4.1

Conversation

@liaoxin01
Copy link
Copy Markdown
Contributor

@liaoxin01 liaoxin01 commented May 8, 2026

Pick #62111

@liaoxin01
[fix](fe) Reject invalid stream load tokens on commit and rollback (a…
4b8e37b 
…pache#62111)

Problem Summary: Stream load commit and rollback accepted invalid tokens
because the return value of checkToken() was ignored.
Copilot AI review requested due to automatic review settings May 8, 2026 04:02
@liaoxin01 liaoxin01 requested a review from yiguolei as a code owner May 8, 2026 04:02
@hello-stephen
Copy link
Copy Markdown
Contributor

hello-stephen commented May 8, 2026

Thank you for your contribution to Apache Doris.
Don't know what should be done next? See How to process your PR.

Please clearly describe your PR:

  1. What problem was fixed (it's best to include specific error reporting information). How it was fixed.
  2. Which behaviors were modified. What was the previous behavior, what is it now, why was it modified, and what possible impacts might there be.
  3. What features were added. Why was this function added?
  4. Which code was refactored and why was this part of the code refactored?
  5. Which functions were optimized and what is the difference before and after the optimization?

Copilot AI reviewed May 8, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Backport of #62111 to FE that enforces stream-load/txn commit & rollback token validation, preventing invalid tokens from being accepted in these finalization RPC paths.

Changes:

  • Switch token-handling in load/txn commit and rollback implementations to a throwing validation (checkTokenOrThrow) instead of ignoring checkToken’s boolean result.
  • Add checkTokenOrThrow(String) helper that raises AuthenticationException on invalid tokens.
  • Add unit tests covering invalid-token rejection for loadTxnCommit/loadTxnRollback/commitTxn/rollbackTxn, and ensuring the error message doesn’t echo the raw token.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
fe/fe-core/src/main/java/org/apache/doris/service/FrontendServiceImpl.java Enforces token validation on commit/rollback paths via a new throwing helper.
fe/fe-core/src/test/java/org/apache/doris/service/FrontendServiceImplTest.java Adds regression tests ensuring invalid tokens are rejected on commit/rollback operations.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread fe/fe-core/src/main/java/org/apache/doris/service/FrontendServiceImpl.java
@liaoxin01
Copy link
Copy Markdown
Contributor Author

liaoxin01 commented May 8, 2026

run buildall

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@yiguolei yiguolei Awaiting requested review from yiguolei yiguolei is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@liaoxin01 @hello-stephen