nastra commented on code in PR #10314:
URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601214325
##########
core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java:
##########
@@ -763,11 +763,19 @@ private static AuthSession fromTokenResponse(
long startTimeMillis,
AuthSession parent,
String credential) {
+ // issued token type is not present in every OAuth2 response:
+ // assume type is access token if none provided.
+ // See https://datatracker.ietf.org/doc/html/rfc6749#section-4.4.3
Review Comment:
I found https://github.com/keycloak/keycloak/discussions/26502, which states
unfortunately that Keycloak deviates from the standard.
I can see that we might add the null check as a workaround for such cases
where the auth server doesn't send back an `issued_token_type` but I'd like to
first see what other people in the community think about this.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org
For additional commands, e-mail: issues-h...@iceberg.apache.org
