adutra commented on code in PR #10256:
URL: https://github.com/apache/iceberg/pull/10256#discussion_r1590646919


##########
core/src/main/java/org/apache/iceberg/rest/RESTSessionCatalog.java:
##########
@@ -215,6 +215,12 @@ public void initialize(String name, Map<String, String> 
unresolved) {
     this.paths = ResourcePaths.forCatalogProperties(mergedProps);
 
     String token = mergedProps.get(OAuth2Properties.TOKEN);
+    // re-resolve these variables in case they were overridden by the config 
endpoint
+    credential = mergedProps.get(OAuth2Properties.CREDENTIAL);
+    scope = mergedProps.getOrDefault(OAuth2Properties.SCOPE, 
OAuth2Properties.CATALOG_SCOPE);
+    oauth2ServerUri =
+        mergedProps.getOrDefault(OAuth2Properties.OAUTH2_SERVER_URI, 
ResourcePaths.tokens());

Review Comment:
   Hi @flyrain thank you so much for reviewing!
   
   Regarding the risk of config name clashes, most properties have a prefix 
such as `s3.`, `adls.`, `http-client.`, `ecs.`, etc. This prefix makes name 
clashes rather unlikely, while also clearly indicating the "scope" the property 
belongs to.
   
   Unfortunately, none of the properties in `OAuth2Properties` have such a 
prefix, which makes them rather prone to misinterpretation indeed. 
   
   This is imho a bit out of the scope if this PR, but I agree with you that we 
could probably do something about it, e.g. introduce a prefix `auth.` that the 
client would then automatically "map" to properties in `OAuth2Properties`. But 
we'd still need to support "unprefixed" properties for a long time I'm afraid.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For additional commands, e-mail: issues-h...@iceberg.apache.org

Reply via email to