laskoviymishka commented on code in PR #1345:
URL: https://github.com/apache/iceberg-go/pull/1345#discussion_r3501966714


##########
catalog/rest/rest.go:
##########
@@ -462,11 +470,6 @@ func fromProps(props iceberg.Properties, o *options) error 
{
                case keyRestSigV4Service:
                        o.sigv4Service = v
                case keyAuthUrl:

Review Comment:
   This empty `case keyAuthUrl:` reads like dead code, but it's load-bearing — 
it's the only thing keeping the auth URL from falling into `default` and 
getting pushed into `additionalProps`. Someone skimming will see every other 
key with a one-line assignment and "clean this up" by deleting it, which 
silently regresses the URL into `additionalProps`.
   
   I'd just fold `parseAuthURL` back into the case here instead of hoisting it 
above the loop:
   
   ```go
   case keyAuthUrl:
       u, err := parseAuthURL(v)
       if err != nil {
           return err
       }
       o.authUri = u
   ```
   
   That keeps the testable-helper win, drops the pre-loop lookup, and the case 
is self-evident again. wdyt?



##########
catalog/rest/rest_internal_test.go:
##########
@@ -54,35 +54,101 @@ import (
 func TestLoadRegisteredCatalogRejectsInvalidAuthURL(t *testing.T) {
        t.Parallel()
 
-       cat, err := catalog.Load(context.Background(), "rest", 
iceberg.Properties{
-               "uri":                    "http://example.com";,
-               "rest.authorization-url": "http://[::1";,
-       })
-       require.Error(t, err)
-       assert.Nil(t, cat)
-       assert.ErrorContains(t, err, "invalid rest.authorization-url")
+       tests := []struct {

Review Comment:
   Every case in both tables asserts an error — there's no positive case 
proving a well-formed `rest.authorization-url` (say 
`https://auth.example.com/oauth/token`) still parses and lands on `o.authUri` 
as the token endpoint.
   
   The thing we actually shipped is "reject broken, keep valid", and right now 
a regression that over-tightens the check — rejecting good URLs too — wouldn't 
be caught by anything here. I'd add a success case asserting 
`Load`/`NewCatalog` succeeds and the URL ends up where it should.



##########
catalog/rest/rest_internal_test.go:
##########
@@ -54,35 +54,101 @@ import (
 func TestLoadRegisteredCatalogRejectsInvalidAuthURL(t *testing.T) {
        t.Parallel()
 
-       cat, err := catalog.Load(context.Background(), "rest", 
iceberg.Properties{
-               "uri":                    "http://example.com";,
-               "rest.authorization-url": "http://[::1";,
-       })
-       require.Error(t, err)
-       assert.Nil(t, cat)
-       assert.ErrorContains(t, err, "invalid rest.authorization-url")
+       tests := []struct {
+               name    string
+               authURL string
+               wantErr string
+       }{
+               {
+                       name:    "malformed URL",
+                       authURL: "http://[::1";,
+                       wantErr: "invalid rest.authorization-url",
+               },
+               {
+                       name:    "missing scheme",
+                       authURL: "example.com/auth",
+                       wantErr: "missing scheme or host",
+               },
+               {
+                       name:    "missing host",

Review Comment:
   `url.Parse("localhost:8080")` parses `localhost` as the scheme and `8080` as 
`Opaque` — so `Host` is empty and the assertion passes, but for a different 
reason than "missing host" implies. There's no case that actually exercises a 
valid scheme with a genuinely empty host.
   
   I'd rename this to something like `"scheme+opaque, no host"` and add a real 
`"http://"` (or `"http:///path"`) case to cover the true 
empty-host-with-valid-scheme path.



##########
catalog/rest/rest.go:
##########
@@ -500,6 +503,18 @@ func fromProps(props iceberg.Properties, o *options) error 
{
        return nil
 }
 
+func parseAuthURL(raw string) (*url.URL, error) {

Review Comment:
   Two small things here, neither blocking. The `"missing scheme or host"` 
message doesn't say which one is actually missing — a touch more precision 
would help whoever's debugging a bad config.
   
   And this only covers the config-string path; `WithAuthURI` (options.go) 
still lets a caller set a relative `*url.URL` directly, and `setupOAuthManager` 
calls `.String()` on it unconditionally. Scoping this PR to the config path is 
reasonable, but the invariant "if `authUri != nil` it's absolute" isn't 
enforced catalog-wide. Fine to leave for a follow-up — flagging so it's a 
deliberate choice.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to