cccs-cat001 commented on PR #3236: URL: https://github.com/apache/polaris/pull/3236#issuecomment-3628221390
> @cccs-cat001 do you mind elaborating how you intend to use the JWT or specific claims? > > I was looking into whether there's a nicer way for consumers to get the whole JWT or specific claims. > > I wonder whether we could just get away with [CDI injection](https://quarkus.io/guides/security-jwt#using-the-jsonwebtoken-and-claim-injection)? We're looking for a way to pass the users token along to the STS, like in #3170. Since that was closed due to some concerns over security, I've been given a way to do this in our downstream build. There's another PR open, #3224 which will pass the PolarisPrincipal down to the `PolarisStorageIntegration::getSubscopedCreds`. So mixing these two together would enable our use-case. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
