haizhou-zhao commented on issue #8869: URL: https://github.com/apache/iceberg/issues/8869#issuecomment-1769293387
@syun64 In my org, we have very similar situation where we, unfortunately, can only use an internal procedure to grab auth token (that is quite different from OIDC flow). Based on what you talked about, I believe we are doing quite similar things as you mentioned, that we setup a different auth server, and has to reimplement our own internal version of RestSessionCatalog and OAuth2Util so that our Spark/Flink Iceberg users can leverage our internal process to refresh token on the fly. That being said, I do see the value of separating out the interface of auth away from the interface of resources and define an auth protocol (interface) to allow more degrees of freedom for auth implementation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For additional commands, e-mail: issues-h...@iceberg.apache.org
