Re: [PR] rest: refresh oauth tokens [iceberg-go]

Wed, 18 Mar 2026 08:28:46 -0700 


zeroshade commented on code in PR #793:
URL: https://github.com/apache/iceberg-go/pull/793#discussion_r2954304189


##########
catalog/rest/rest.go:
##########
@@ -490,19 +502,53 @@ func NewCatalog(ctx context.Context, name, uri string, 
opts ...Option) (*Catalog
 }
 
 // setupOAuthManager creates an Oauth2AuthManager based on the provided 
options.
-// The allows users to set their token, credential, or just get the defaults 
if no auth manager is set.
-func setupOAuthManager(r *Catalog, cl *http.Client, opts *options) 
*Oauth2AuthManager {
-       authURI := opts.authUri
-       if authURI == nil {
-               authURI = r.baseURI.JoinPath("oauth/tokens")
+// It uses golang.org/x/oauth2 for token management, caching, and thread-safe 
refresh.
+func setupOAuthManager(r *Catalog, cl *http.Client, opts *options) AuthManager 
{
+       // If a static token is provided, use it directly.
+       if opts.oauthToken != "" {
+               return &Oauth2AuthManager{
+                       tokenSource: oauth2.StaticTokenSource(&oauth2.Token{
+                               AccessToken: opts.oauthToken,
+                               TokenType:   "Bearer",
+                       }),
+               }
+       }
+
+       // If no credential, no auth needed.
+       if opts.credential == "" {
+               return nil
+       }
+
+       authURL := opts.authUri
+       if authURL == nil {
+               authURL = r.baseURI.JoinPath("oauth/tokens")
+       }
+
+       clientID, clientSecret, found := strings.Cut(opts.credential, ":")
+       if !found {
+               clientID = ""
+               clientSecret = opts.credential
+       }
+
+       cfg := &clientcredentials.Config{
+               ClientID:     clientID,
+               ClientSecret: clientSecret,
+               TokenURL:     authURL.String(),
+               AuthStyle:    oauth2.AuthStyleInParams,
        }
 
+       scope := "catalog"
+       if opts.scope != "" {
+               scope = opts.scope
+       }
+       cfg.Scopes = []string{scope}

Review Comment:
   is this in the iceberg spec? 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to