adutra commented on PR #12362: URL: https://github.com/apache/iceberg/pull/12362#issuecomment-2676192110
@nika-qubit thanks for the detailed context! Indeed, Google OAuth 2.0 uses the so-called "Authorization Code" flow for authentication. Iceberg REST unfortunately does not have support for this flow. I understand and share your pain here, but imho the right way to proceed is to provide Iceberg REST with support for this flow _natively_. Just implementing support for refreshing tokens, as you did in this PR, imho is not going to solve this problem since you still need to pass the refresh token manually. Instead, we need the Iceberg REST client to handle that transparently, which would include redirecting the user to their browser for authentication whenever required. But this is a complex flow. The good news is, I've been working on this for quite a while. The plan would be as follows: 1. Get the AuthManager API merged (#12197) and released, possibly in Iceberg 1.9.0. 2. Provide support for the Authorization Code flow as an implementation of that API. So, how urgent is this for you? Can you wait a few weeks more? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For additional commands, e-mail: issues-h...@iceberg.apache.org
