Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Core: Allow customizing OAuth scope #6616

Merged
merged 1 commit into from
Jan 23, 2023
Merged

Core: Allow customizing OAuth scope #6616

merged 1 commit into from
Jan 23, 2023

Conversation

nastra
Copy link
Contributor

@nastra nastra commented Jan 18, 2023

In #6169 we're planning to re-use AuthSession but we need the ability to use a scope, which is different from the default OAuth2Properties.CATALOG_SCOPE

@github-actions github-actions bot added the core label Jan 18, 2023
@nastra nastra force-pushed the rest-catalog-customize-scope branch 2 times, most recently from 3c9963e to 64c1da5 Compare January 18, 2023 12:07
@nastra nastra force-pushed the rest-catalog-customize-scope branch 2 times, most recently from 0e925ed to 05f6763 Compare January 19, 2023 16:59
@nastra nastra requested a review from rdblue January 19, 2023 17:01
@nastra nastra force-pushed the rest-catalog-customize-scope branch from 05f6763 to 4b5ee1a Compare January 19, 2023 17:04
rdblue
rdblue reviewed Jan 23, 2023
View reviewed changes
core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java
response.token(),
response.issuedTokenType(),
credential,
parent.scope());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When this is called in fromTokenExchange, the scope passed there is not passed in here. I think that this method needs to have a scope argument. Then the fromTokenResponse above can pass parent.scope() and fromTokenExchange can pass the scope it was passed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've simplified this to actually and removed the scope parameter from fromTokenExchange/fromCredential as I think we need to take the scope from the parent in those cases

@nastra nastra force-pushed the rest-catalog-customize-scope branch from 4b5ee1a to 909d3bb Compare January 23, 2023 16:15
@rdblue rdblue merged commit 75b349d into apache:master Jan 23, 2023
@nastra nastra deleted the rest-catalog-customize-scope branch January 24, 2023 07:46
krvikash pushed a commit to krvikash/iceberg that referenced this pull request Mar 16, 2023
@nastra @krvikash
Core: Allow customizing OAuth scope (apache#6616)
927cf79
@sungwy sungwy mentioned this pull request Feb 22, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rdblue rdblue rdblue approved these changes

Assignees
No one assigned
Labels
core
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nastra @rdblue