lishuxu commented on code in PR #479: URL: https://github.com/apache/iceberg-cpp/pull/479#discussion_r2688711035
########## src/iceberg/catalog/rest/auth/auth_manager.h: ########## @@ -0,0 +1,122 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +#pragma once + +#include <memory> +#include <string> +#include <unordered_map> + +#include "iceberg/catalog/rest/auth/auth_session.h" +#include "iceberg/catalog/rest/iceberg_rest_export.h" +#include "iceberg/table_identifier.h" + +/// \file iceberg/catalog/rest/auth/auth_manager.h +/// \brief Authentication manager interface for REST catalog. + +namespace iceberg::rest { +class HttpClient; +} // namespace iceberg::rest + +namespace iceberg::rest::auth { + +/// \brief Manager for authentication sessions. +/// +/// This interface is used to create sessions for the catalog, tables/views, +/// and any other context that requires authentication. +/// +/// Managers are typically stateful and may require initialization and cleanup. +/// The manager is created by the catalog and is closed when the catalog is closed. +/// +/// This interface is modeled after Java Iceberg's AuthManager interface. +class ICEBERG_REST_EXPORT AuthManager { + public: + virtual ~AuthManager() = default; + + /// \brief Return a temporary session for contacting the configuration endpoint. + /// + /// This session is used only during catalog initialization to fetch server + /// configuration. The returned session will be closed after the configuration + /// endpoint is contacted and should not be cached. + /// + /// The provided HTTP client is a short-lived client; it should only be used + /// to fetch initial credentials if required, and must be discarded after that. + /// + /// This method cannot return null. By default, it returns the catalog session. + /// + /// \param init_client A short-lived HTTP client for initialization. + /// \param properties Configuration properties. + /// \return A session for initialization, or the catalog session by default. + virtual std::shared_ptr<AuthSession> InitSession( + HttpClient* init_client, + const std::unordered_map<std::string, std::string>& properties); + + /// \brief Return a long-lived session for catalog operations. + /// + /// This session's lifetime is tied to the owning catalog. It serves as the + /// parent session for all other sessions (contextual and table-specific). + /// It is closed when the owning catalog is closed. + /// + /// The provided HTTP client is a long-lived, shared client. Implementors may + /// store it and reuse it for subsequent requests to the authorization server + /// (e.g., for renewing or refreshing credentials). It is not necessary to + /// close it when Close() is called. + /// + /// This method cannot return null. + /// + /// It is not required to cache the returned session internally, as the catalog + /// will keep it alive for the lifetime of the catalog. + /// + /// \param shared_client A long-lived, shared HTTP client. + /// \param properties Configuration properties (merged with server config). + /// \return A session for catalog operations. + virtual std::shared_ptr<AuthSession> CatalogSession( Review Comment: Good catch! You're right that the Java implementations can throw exceptions (e.g., BasicAuthManager throws IllegalArgumentException when credentials are missing). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
