raphaelsolarski commented on code in PR #17148:
URL: https://github.com/apache/iceberg/pull/17148#discussion_r3603057443
##########
core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Properties.java:
##########
@@ -64,6 +64,16 @@ private OAuth2Properties() {}
/** Optional param resource for OAuth2. */
public static final String RESOURCE = "resource";
+ /**
+ * When enabled, the Authorization header inherited from the parent session
is not forwarded when
+ * fetching a new token via the client credentials flow. This prevents
strict identity providers
+ * from rejecting the token request due to using multiple authentication
methods.
+ */
+ public static final String SKIP_INHERITED_AUTH_HEADER_IN_TOKEN_REQUEST =
Review Comment:
Thanks for the comment.
1. In context of merging both flags under single one I see such issue that
it is hard to find name that will explain what the flag does. I'm not sure if
we can use current `token-exchange-enabled` name but it's only my impression.
2. I wonder if there is also 3rd scenario when `Authorization` header from
parent session is used for token exchange in table session and contextual
session scenario. @ebyhr also asked about it in [the
comment](https://github.com/apache/iceberg/pull/17148#discussion_r3569010411).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]