From 7a5412f11e6646f5a65364a1502f6e387430f864 Mon Sep 17 00:00:00 2001
From: Chris Wilcox <crwilcox@google.com>
Date: Mon, 3 Jun 2019 13:16:32 -0700
Subject: [PATCH 1/3] Prevent requests from hanging on SSL handshake issue by
 adding a max timeout of 5 minutes

---
 core/google/cloud/client.py    | 6 +++++-
 core/tests/unit/test_client.py | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/core/google/cloud/client.py b/core/google/cloud/client.py
index 6a7fb1fe5554..2605f6c8fe40 100644
--- a/core/google/cloud/client.py
+++ b/core/google/cloud/client.py
@@ -33,6 +33,9 @@
     "for help on authentication with this library."
 )
 
+# Default timeout for auth requests.
+_REFRESH_TIMEOUT = 300
+
 
 class _ClientFactoryMixin(object):
     """Mixin to allow factories that create credentials.
@@ -153,7 +156,8 @@ def _http(self):
         """
         if self._http_internal is None:
             self._http_internal = google.auth.transport.requests.AuthorizedSession(
-                self._credentials
+                self._credentials,
+                _REFRESH_TIMEOUT,
             )
         return self._http_internal
 
diff --git a/core/tests/unit/test_client.py b/core/tests/unit/test_client.py
index 43830f902fbd..2ca07b4ed81d 100644
--- a/core/tests/unit/test_client.py
+++ b/core/tests/unit/test_client.py
@@ -133,7 +133,7 @@ def test__http_property_new(self):
         with authorized_session_patch as AuthorizedSession:
             self.assertIs(client._http, mock.sentinel.http)
             # Check the mock.
-            AuthorizedSession.assert_called_once_with(credentials)
+            AuthorizedSession.assert_called_once_with(credentials, 300)
             # Make sure the cached value is used on subsequent access.
             self.assertIs(client._http_internal, mock.sentinel.http)
             self.assertIs(client._http, mock.sentinel.http)

From bb9d6bc1f4b5801e28349baac824bc27d21d861d Mon Sep 17 00:00:00 2001
From: Chris Wilcox <crwilcox@google.com>
Date: Tue, 4 Jun 2019 12:49:20 -0700
Subject: [PATCH 2/3] rename and reuse constant

---
 core/google/cloud/client.py    | 4 ++--
 core/tests/unit/test_client.py | 3 ++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/core/google/cloud/client.py b/core/google/cloud/client.py
index 2605f6c8fe40..640459fdd878 100644
--- a/core/google/cloud/client.py
+++ b/core/google/cloud/client.py
@@ -34,7 +34,7 @@
 )
 
 # Default timeout for auth requests.
-_REFRESH_TIMEOUT = 300
+_CREDENTIALS_REFRESH_TIMEOUT = 300
 
 
 class _ClientFactoryMixin(object):
@@ -157,7 +157,7 @@ def _http(self):
         if self._http_internal is None:
             self._http_internal = google.auth.transport.requests.AuthorizedSession(
                 self._credentials,
-                _REFRESH_TIMEOUT,
+                _CREDENTIALS_REFRESH_TIMEOUT,
             )
         return self._http_internal
 
diff --git a/core/tests/unit/test_client.py b/core/tests/unit/test_client.py
index 2ca07b4ed81d..a49d728198d0 100644
--- a/core/tests/unit/test_client.py
+++ b/core/tests/unit/test_client.py
@@ -122,6 +122,7 @@ def test__http_property_existing(self):
         self.assertIs(client._http, http)
 
     def test__http_property_new(self):
+        from google.cloud.client import _CREDENTIALS_REFRESH_TIMEOUT
         credentials = _make_credentials()
         client = self._make_one(credentials=credentials)
         self.assertIsNone(client._http_internal)
@@ -133,7 +134,7 @@ def test__http_property_new(self):
         with authorized_session_patch as AuthorizedSession:
             self.assertIs(client._http, mock.sentinel.http)
             # Check the mock.
-            AuthorizedSession.assert_called_once_with(credentials, 300)
+            AuthorizedSession.assert_called_once_with(credentials, _CREDENTIALS_REFRESH_TIMEOUT)
             # Make sure the cached value is used on subsequent access.
             self.assertIs(client._http_internal, mock.sentinel.http)
             self.assertIs(client._http, mock.sentinel.http)

From a663be810a304cbb75fe6b03bd3947308361ead4 Mon Sep 17 00:00:00 2001
From: Chris Wilcox <crwilcox@google.com>
Date: Tue, 4 Jun 2019 16:23:37 -0700
Subject: [PATCH 3/3] use named arg

---
 core/google/cloud/client.py    | 2 +-
 core/tests/unit/test_client.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/google/cloud/client.py b/core/google/cloud/client.py
index 640459fdd878..b03b54197441 100644
--- a/core/google/cloud/client.py
+++ b/core/google/cloud/client.py
@@ -157,7 +157,7 @@ def _http(self):
         if self._http_internal is None:
             self._http_internal = google.auth.transport.requests.AuthorizedSession(
                 self._credentials,
-                _CREDENTIALS_REFRESH_TIMEOUT,
+                refresh_timeout=_CREDENTIALS_REFRESH_TIMEOUT,
             )
         return self._http_internal
 
diff --git a/core/tests/unit/test_client.py b/core/tests/unit/test_client.py
index a49d728198d0..7aec69ffc701 100644
--- a/core/tests/unit/test_client.py
+++ b/core/tests/unit/test_client.py
@@ -134,7 +134,7 @@ def test__http_property_new(self):
         with authorized_session_patch as AuthorizedSession:
             self.assertIs(client._http, mock.sentinel.http)
             # Check the mock.
-            AuthorizedSession.assert_called_once_with(credentials, _CREDENTIALS_REFRESH_TIMEOUT)
+            AuthorizedSession.assert_called_once_with(credentials, refresh_timeout=_CREDENTIALS_REFRESH_TIMEOUT)
             # Make sure the cached value is used on subsequent access.
             self.assertIs(client._http_internal, mock.sentinel.http)
             self.assertIs(client._http, mock.sentinel.http)