varpa89 commented on PR #12197: URL: https://github.com/apache/iceberg/pull/12197#issuecomment-2678010968
@adutra thank you for clarification! Actually my question if specific to Trino. Yes, they [use](https://github.com/trinodb/trino/blob/master/plugin/trino-iceberg/src/main/java/io/trino/plugin/iceberg/catalog/rest/TrinoRestCatalog.java#L839) `SessionContext` I see that technically [it is possible](https://github.com/apache/iceberg/blob/1.7.x/core/src/main/java/org/apache/iceberg/rest/RESTSessionCatalog.java#L1058) to use not only credentials but just a token too. And when we build `AuthSession` with `fromAccessToken` method is is possible that `tokenRefreshExecutor` method will return `null` and a condition `if (null != executor && null != expiresAtMillis)` will be always `false` and we don't hit the `scheduleTokenRefresh` method. I'm actually curious whether it is possible to delegate token control to the outside (Trino for example, because trino has its own oauth2 management process) completely and always use for authorization a token that we send via `extraCredential` option. At the moment I see the problem with cache and the only possible solution in the current state is to set cache lifetime to zero, but I'm not sure what else can be broken. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@iceberg.apache.org For additional commands, e-mail: issues-h...@iceberg.apache.org
