kevinjqliu commented on issue #3422:
URL:
https://github.com/apache/iceberg-python/issues/3422#issuecomment-4557572436
## Recommended Fix
Implement a tolerant auth parsing path in REST catalog session setup, in
this order:
1. If auth is already an object, use it directly.
2. If auth is a string, parse it as JSON. (**maybe we dont need to support
this**)
3. If auth is missing, reconstruct it from flattened keys produced by
environment variables:
- auth.type
- auth.impl
- auth.<type>.<param>
4. Normalize auth parameter names for AuthManager constructors:
- convert dashed keys to snake_case (example: client-id to client_id)
## Why this is the best approach
- Backward compatible with current YAML and Python object config.
- Unblocks users passing JSON in AUTH env var.
- Also supports flattened AUTH__... env vars.
- Keeps the change localized to REST auth handling, which lowers risk
compared to changing global config parsing.
## Required tests
1. JSON auth env var path
- Set PYICEBERG_CATALOG__<NAME>__AUTH to a JSON string.
- Verify catalog initializes and auth manager is created with expected
values.
2. Flattened auth env var path
- Set PYICEBERG_CATALOG__<NAME>__AUTH__TYPE and AUTH__<TYPE>__... keys.
- Verify catalog initializes and auth manager receives normalized
parameters correctly.
## Optional hardening
- If auth string is invalid JSON, raise a clear ValueError describing
accepted formats:
- nested auth object
- JSON string in AUTH
- flattened AUTH__... environment variables
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
