dimas-b commented on code in PR #2523:
URL: https://github.com/apache/polaris/pull/2523#discussion_r2402319997
##########
polaris-core/src/main/java/org/apache/polaris/core/identity/dpo/ServiceIdentityInfoDpo.java:
##########
@@ -72,10 +74,25 @@ public SecretReference getIdentityInfoReference() {
}
/**
- * Converts this persistence object to the corresponding API model. During
the conversion, some
- * fields will be dropped, e.g. the reference to the service identity's
credential
+ * Converts this persistence object to the corresponding API model.
+ *
+ * <p>The conversion uses the provided {@link ServiceIdentityProvider} to
retrieve the user-facing
+ * identity information (e.g., AWS IAM ARN) without exposing sensitive
credentials. The credential
+ * reference stored in this DPO is not included in the API model.
+ *
+ * @param serviceIdentityProvider the service identity provider used to
retrieve display
+ * information
+ * @return the API model representation, or null if the provider is null or
cannot resolve the
+ * identity
*/
- public abstract @Nonnull ServiceIdentityInfo asServiceIdentityInfoModel();
+ public @Nullable ServiceIdentityInfo asServiceIdentityInfoModel(
+ ServiceIdentityProvider serviceIdentityProvider) {
+ if (serviceIdentityProvider == null) {
Review Comment:
if `serviceIdentityProvider` is `null`, why would the caller even call this
method?
Currently `serviceIdentityProvider` is ultimately injected, so it should not
be `null`, right?
Can this be converted to a `Preconditions` check instead?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
