OpenAPI: Add Basic Auth to the REST spec#15892
Conversation
roryqi
changed the title
|
@kelvin9314 @singhpk234 Could u help review this pull request? |
roryqi
changed the title
singhpk234
left a comment
singhpk234
left a comment
There was a problem hiding this comment.
Thanks for raising this @roryqi
IIUC you are talking of basic header ? if yes it think its pretty common to send the base64 of clientId : secret,
IRC servers such as Apache Polaris already support this : https://github.com/apache/polaris/blob/main/runtime/service/src/main/java/org/apache/polaris/service/auth/internal/service/DefaultOAuth2ApiService.java#L84
other IRC client such as DuckDb already send them :
https://github.com/duckdb/duckdb-iceberg/blob/main/src/catalog/rest/storage/authorization/oauth2.cpp#L163
Nevertheless i would still recommend opening ML Discuss thread !
| security: | ||
| - OAuth2: [catalog] | ||
| - BearerAuth: [] | ||
| - BasicAuth: [] |
There was a problem hiding this comment.
Are you talking of Basic header ?
If yes i think we would need to define it bit better like bearer: https://github.com/roryqi/iceberg/blob/0519d2d1fe3427299d1191b64bcd0376f7f43bf0/open-api/rest-catalog-open-api.yaml#L5265
There was a problem hiding this comment.
Yes, I am talking of Basic header.
OpenAPI has defined Bearer header and Basic header.
You can see
https://swagger.io/docs/specification/v3_0/authentication/bearer-authentication/
https://swagger.io/docs/specification/v3_0/authentication/basic-authentication/
I will add the definition, too.
Thanks for your review.
2 participants
Updated the OpenAPI specification to include Basic Authentication, reflecting the support already present in the Iceberg
RESTCatalog. I'm uncertain if we need to initiate a discussion on the dev mailing list for this.