danielcweeks commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2206759806
I think the application of extensions referenced in RFC 8693 are a little ambiguous due to the following: `RFC 6749` section 4.1 references the response described in [section 5.1](https://www.rfc-editor.org/rfc/rfc6749.html#section-5.1) `RFC 8693` describe the extensions to what is defined in the response to that same section to expand upon the format of what the `access_token` field contains. It states in the section 2.2.1: >The identifier access_token is used for historical reasons and the issued token need not be an OAuth access token. I believe that the intent includes that a client credential exchange could return any of the enumerated token types defined in [section 3](https://www.rfc-editor.org/rfc/rfc8693.html#name-token-type-identifiers) and applies. I don't think it's explicitly clear either way, but I would interpret it as the latter. Either way, I don't think it's a huge issue to default to ensure `RFC 6749` compatibility, but we should just add a note as to why we're defaulting (e.g. "defaulting `issued_token_type` to `access_token` for compatibility with `RFC 6749` where the issued type is omitted). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For additional commands, e-mail: issues-h...@iceberg.apache.org
