Skip to content

[CALCITE-6135] BEARER authentication support#232

Draft
Aarchy wants to merge 3 commits intoapache:mainfrom
Aarchy:jwt-auth
Draft

[CALCITE-6135] BEARER authentication support#232
Aarchy wants to merge 3 commits intoapache:mainfrom
Aarchy:jwt-auth

Conversation

@Aarchy
Copy link

@Aarchy Aarchy commented Nov 27, 2023

No description provided.

stoty
stoty reviewed Nov 29, 2023
View reviewed changes
core/src/main/java/org/apache/calcite/avatica/remote/SingleBearerTokenProvider.java Outdated

import java.io.IOException;

public class SingleBearerTokenProvider implements BearerTokenProvider {
Copy link
Contributor

@stoty stoty Nov 29, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That name sounds off. Every provider provides a single token (at a time).
Wouldn't SimpleBearerTokenProvider be more descriptive ?

Copy link
Author

@Aarchy Aarchy Nov 29, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This object can provide a single token for its entire lifetime. Maybe Constant?
I'd avoid "Simple" as it may sound that the token is simple in some way.

Copy link
Contributor

@stoty stoty Nov 29, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Constant is better.

@stoty
Copy link
Contributor

stoty commented Nov 29, 2023

Can you open a [DISCUSS] thread on the calcite list about this change ?
Explain its background in some detail ?

@Aarchy
Copy link
Author

Aarchy commented Jan 24, 2024

@stoty Based on your suggestion on the devlist, token providers now can be plugged in via config properties. Users can define their custom properties and use it in token provider's init function. There's a very basic example in the tests.
On the other hand, the current way of handling properties is a bit confusing in my opinion. For now, I tried to just modify the necessary parts.

@Aarchy Aarchy requested a review from stoty February 5, 2024 10:09
@stoty
Copy link
Contributor

stoty commented Oct 28, 2024

For the record:
This PR copies some of the Bear auth code from httpclient.
What we should do instead do is upgrading to a httpclient with native bearer auth support.

Either to 5.5, which is hopefully going to a have a new SPNEGO implementation, or to 5.4, and re-enable the deprecated SPENGO authentication in it..

@stoty stoty marked this pull request as draft October 28, 2024 07:59
@stoty
Copy link
Contributor

stoty commented Jan 17, 2025

This needs heavy refactoring, now that we have updated httpclient to one which has native BEARER support.
(Copied code needs to be removed)

@F21 F21 force-pushed the main branch 8 times, most recently from c7cee40 to a9dc6f8 Compare February 23, 2025 22:29
@richardantal richardantal mentioned this pull request Feb 3, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stoty stoty Awaiting requested review from stoty

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Aarchy @stoty @F21