rdblue opened a new pull request, #4830: URL: https://github.com/apache/iceberg/pull/4830
This adds `RESTSessionCatalog` that implements `SessionCatalog`. This is the last PR to replace #4575. `RESTSessionCatalog` implements `SessionCatalog` and adds support for session-based auth handling using OAuth2. For the catalog: * If the catalog is configured with credentials, those credentials are used to fetch a bearer token using OAuth2 client credentials flow, and that token is used for the `Authorization` header * If the catalog is configured with a bearer token, that token is used in the `Authorization` header. For each session context: * If the session context is configured with credentials, those credentials are used to fetch a bearer token using OAuth2 client credentials flow, and that token is used for the `Authorization` header * If the session context has a non-access token, that token is exchanged for an access token using OAuth2 token exchange flow, and the access token is used for the `Authorization` header This is the basic behavior, but it will be updated in follow up PRs: * For session context, token type will be added so that it is possible to pass a bearer token that will be used without exchange. In addition, more token types will be added for the token exchange, e.g., id_token and saml2. * Token refresh will be implemented using token exchange after the expiration time returned by the OAuth2 flows -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
