Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1665347177 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -738,13 +738,21 @@ private static AuthSession fromTokenResponse( long startTimeMilli

Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1665172068 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -738,13 +738,21 @@ private static AuthSession fromTokenResponse( long startTimeMilli

Re: [PR] REST: assume issued token type is access token [iceberg]

danielcweeks commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2206897363 @adutra > An RFC cannot modify another one's structs without officially superseding it. > . . . RFC 8693 as a general rewrite of RFC 6749 section 5.1 I'm not sugg

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2206868094 > I believe that the intent includes that a client credential exchange could return any of the enumerated token types defined in [section 3](https://www.rfc-editor.org/rfc/rfc8693.html#n

Re: [PR] REST: assume issued token type is access token [iceberg]

snazy commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2206790685 [@nastra requested to revert](https://github.com/apache/iceberg/pull/10314#discussion_r1601220154) @adutra 's fix for the client-credentials flow, only RFC 6749 applies here. This part o

Re: [PR] REST: assume issued token type is access token [iceberg]

danielcweeks commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2206759806 I think the application of extensions referenced in RFC 8693 are a little ambiguous due to the following: `RFC 6749` section 4.1 references the response described in [section

Re: [PR] REST: assume issued token type is access token [iceberg]

snazy commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2205870528 @nastra Alex is 100% right. I do not understand why it takes so long to review this fix for an OAuth spec-compliance. -- This is an automated message from the Apache Git Service. To res

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2205866224 @rdblue since you originally authored this part (https://github.com/apache/iceberg/pull/4771#discussion_r874114263) would you mind having a look as well? Thank you! -- This is an auto

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2205848299 > @adutra I've read RFC 6749 but as I mentioned in [#10314 (comment)](https://github.com/apache/iceberg/pull/10314#discussion_r1601201951) I'm assuming that the token exchange is followi

Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2205796889 @adutra I've read RFC 6749 but as I mentioned in https://github.com/apache/iceberg/pull/10314#discussion_r1601201951 I'm assuming that the token exchange is following RFC 8693 (and my as

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2205747465 > @adutra IMO https://github.com/apache/iceberg/pull/10314/files#r1601220154 still needs to be reverted. It's ok to add a workaround for Keycloak but I don't see a good enough reason to

Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2205480722 @adutra IMO https://github.com/apache/iceberg/pull/10314/files#r1601220154 still needs to be reverted. It's ok to add a workaround for Keycloak but I don't see a good enough reason to ad

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2205417586 @nastra @amogh-jahagirdar This PR has been rebased. Could I get a review please? 🙏 -- This is an automated message from the Apache Git Service. To respond to the message, please log o

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on PR #10314: URL: https://github.com/apache/iceberg/pull/10314#issuecomment-2147206036 @nastra or @amogh-jahagirdar is it possible for you to have a another look here please? Thanks 🙏 -- This is an automated message from the Apache Git Service. To respond to the message

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601962494 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -763,11 +763,19 @@ private static AuthSession fromTokenResponse( long startTimeMilli

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601403672 ## core/src/test/java/org/apache/iceberg/rest/RESTCatalogAdapter.java: ## @@ -254,7 +254,6 @@ private static OAuthTokenResponse handleOAuthRequest(Object body) {

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601402075 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -763,11 +763,19 @@ private static AuthSession fromTokenResponse( long startTimeMilli

Re: [PR] REST: assume issued token type is access token [iceberg]

adutra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601396353 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -763,11 +763,19 @@ private static AuthSession fromTokenResponse( long startTimeMilli

Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601214325 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -763,11 +763,19 @@ private static AuthSession fromTokenResponse( long startTimeMilli

Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601220154 ## core/src/test/java/org/apache/iceberg/rest/RESTCatalogAdapter.java: ## @@ -254,7 +254,6 @@ private static OAuthTokenResponse handleOAuthRequest(Object body) {

Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601214325 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -763,11 +763,19 @@ private static AuthSession fromTokenResponse( long startTimeMilli

Re: [PR] REST: assume issued token type is access token [iceberg]

nastra commented on code in PR #10314: URL: https://github.com/apache/iceberg/pull/10314#discussion_r1601201951 ## core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java: ## @@ -763,11 +763,19 @@ private static AuthSession fromTokenResponse( long startTimeMilli