adutra commented on code in PR #10621: URL: https://github.com/apache/iceberg/pull/10621#discussion_r1665281650
########## core/src/main/java/org/apache/iceberg/rest/auth/AuthManager.java: ########## @@ -0,0 +1,38 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.iceberg.rest.auth; + +import java.util.Map; +import java.util.function.Supplier; +import org.apache.iceberg.rest.RESTClient; +import org.apache.iceberg.util.Pair; + +public interface AuthManager extends AutoCloseable { + + Map<String, String> mergeAuthHeadersForGetConfig( Review Comment: I'd say it's actually the opposite: we need more methods. In my exploration I came up with the following interface which works well: ```java /** * Creates a new session for the initial authentication. This session is used to authenticate * against the config endpoint. The session is discarded after the initial authentication is * complete. This method may return null if authentication is disabled. */ @Nullable AuthSession newInitialSession(RESTClient initialAuthClient, Map<String, String> initialHeaders); /** * Creates a new session for the whole catalog. This session is the parent session for all other * sessions and is kept alive for the whole catalog lifespan. This method is called once per * catalog when the catalog is initialized. This method may return null if authentication is * disabled. */ @Nullable AuthSession newCatalogSession( RESTClient authClient, Map<String, String> catalogProperties, Map<String, String> catalogHeaders); /** * Creates a new session for a specific context. May return null if the context does not require a * a specific AuthSession to be created and cached, and should use the parent session. */ @Nullable AuthSession newContextualSession( SessionCatalog.SessionContext context, @Nullable AuthSession parentSession); /** * Creates a new session for a specific table or view. May return null if the table or view does * not require a specific AuthSession to be created and cached, and should use the parent session. */ @Nullable AuthSession newTableSession( TableIdentifier identifier, Map<String, String> properties, @Nullable AuthSession parentSession); ``` We need a different factory method for each "level" (or "scope") where an auth session could be introduced (and cached). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For additional commands, e-mail: issues-h...@iceberg.apache.org
