amogh-jahagirdar commented on code in PR #14608:
URL: https://github.com/apache/iceberg/pull/14608#discussion_r2665488996
##########
aws/src/main/java/org/apache/iceberg/aws/AwsClientProperties.java:
##########
@@ -106,15 +105,18 @@ public AwsClientProperties() {
this.refreshCredentialsEndpoint = null;
this.refreshCredentialsEnabled = true;
this.legacyMd5pluginEnabled = false;
- this.allProperties = null;
}
public AwsClientProperties(Map<String, String> properties) {
- this.allProperties = SerializableMap.copyOf(properties);
this.clientRegion = properties.get(CLIENT_REGION);
this.clientCredentialsProvider =
properties.get(CLIENT_CREDENTIALS_PROVIDER);
+ // Retain all non-prefixed properties and override with prefixed properties
this.clientCredentialsProviderProperties =
- PropertyUtil.propertiesWithPrefix(properties,
CLIENT_CREDENTIAL_PROVIDER_PREFIX);
+ PropertyUtil.mergeProperties(
+ PropertyUtil.filterProperties(
+ properties,
+ Predicate.not(property ->
property.startsWith(CLIENT_CREDENTIAL_PROVIDER_PREFIX))),
+ PropertyUtil.propertiesWithPrefix(properties,
CLIENT_CREDENTIAL_PROVIDER_PREFIX));
Review Comment:
Yeah this looks right. The client credentials properties needs to override
the base properties if defined. So this will have a merged set of non-prefixed
properties AND any overriden or added prefixed properties.
##########
aws/src/test/java/org/apache/iceberg/aws/TestAwsClientProperties.java:
##########
@@ -189,17 +189,22 @@ public void
refreshCredentialsEndpointWithOverridingOAuthToken() {
"specific-token");
AwsClientProperties awsClientProperties = new
AwsClientProperties(properties);
- Map<String, String> expectedProperties =
- ImmutableMap.<String, String>builder()
- .putAll(properties)
- .put("credentials.uri", "http://localhost:1234/v1/credentials";)
- .build();
-
AwsCredentialsProvider provider =
awsClientProperties.credentialsProvider("key", "secret", "token");
assertThat(provider).isInstanceOf(VendedCredentialsProvider.class);
VendedCredentialsProvider vendedCredentialsProvider =
(VendedCredentialsProvider) provider;
-
assertThat(vendedCredentialsProvider).extracting("properties").isEqualTo(expectedProperties);
+ assertThat(vendedCredentialsProvider)
+ .extracting("properties")
+ .isEqualTo(
+ ImmutableMap.of(
+ AwsClientProperties.REFRESH_CREDENTIALS_ENDPOINT,
+ "http://localhost:1234/v1/credentials";,
+ "credentials.uri",
+ "http://localhost:1234/v1/credentials";,
+ CatalogProperties.URI,
+ "http://localhost:1234/v1/catalog";,
+ OAuth2Properties.TOKEN,
+ "specific-token"));
Review Comment:
Looks right, this is overriding the specific token instead of having a
separate base one and a client prefixed one (and it doesn't look like
VendedCredentialsProvider does any additional work to filter prefix scoped
properties, it looks like it just expects those to be given to it)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
