service/common/src/main/java/org/apache/polaris/service/auth/DefaultOAuth2ApiService.java

-Original file line number
+Diff line change
@@ Expand Up / @@ -110,7 +110,12 @@ public Response getToken( @@
         } else if (subjectToken != null) {
           tokenResponse =
               tokenBroker.generateFromToken(
-                  subjectTokenType, subjectToken, grantType, scope, requestedTokenType);
+                  subjectTokenType,
+                  subjectToken,
+                  grantType,
+                  scope,
+                  callContext.getPolarisCallContext(),
+                  requestedTokenType);
         } else {
           return OAuthUtils.getResponseFromError(OAuthTokenErrorResponse.Error.invalid_request);
         }
@@ Expand Down @@

service/common/src/main/java/org/apache/polaris/service/auth/JWTBroker.java

-Original file line number
+Diff line change
@@ Expand Up / @@ -31,7 +31,6 @@ @@
     import org.apache.commons.lang3.StringUtils;
     import org.apache.iceberg.exceptions.NotAuthorizedException;
     import org.apache.polaris.core.PolarisCallContext;
-    import org.apache.polaris.core.context.CallContext;
     import org.apache.polaris.core.entity.PolarisEntityType;
     import org.apache.polaris.core.entity.PrincipalEntity;
     import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
@@ Expand Down Expand Up / @@ -101,6 +100,7 @@ public TokenResponse generateFromToken( @@
           String subjectToken,
           String grantType,
           String scope,
+          PolarisCallContext polarisCallContext,
           TokenType requestedTokenType) {
         if (requestedTokenType != null && !TokenType.ACCESS_TOKEN.equals(requestedTokenType)) {
           return new TokenResponse(OAuthTokenErrorResponse.Error.invalid_request);
@@ Expand All / @@ -119,7 +119,7 @@ public TokenResponse generateFromToken( @@
         }
         EntityResult principalLookup =
             metaStoreManager.loadEntity(
-                CallContext.getCurrentContext().getPolarisCallContext(),
+                polarisCallContext,
 L,
                 Objects.requireNonNull(decodedToken.getPrincipalId()),
                 PolarisEntityType.PRINCIPAL);
@@ Expand Down @@

service/common/src/main/java/org/apache/polaris/service/auth/NoneTokenBrokerFactory.java

-Original file line number
+Diff line change
@@ Expand Up / @@ -58,6 +58,7 @@ public TokenResponse generateFromToken( @@
                 String subjectToken,
                 String grantType,
                 String scope,
+                PolarisCallContext polarisCallContext,
                 TokenType requestedTokenType) {
               return null;
             }
@@ Expand Down @@

service/common/src/main/java/org/apache/polaris/service/auth/TokenBroker.java

-Original file line number
+Diff line change
@@ Expand Up / @@ -35,35 +35,9 @@ public interface TokenBroker { @@
       boolean supportsRequestedTokenType(TokenType tokenType);
-      /**
-       * Generate a token from client secrets without specifying the requested token type
-       *
-       * @param clientId
-       * @param clientSecret
-       * @param grantType
-       * @param scope
-       * @return the response indicating an error or the requested token
-       * @deprecated - use the method with the requested token type
-       */
-      @Deprecated
-      default TokenResponse generateFromClientSecrets(
-          final String clientId,
-          final String clientSecret,
-          final String grantType,
-          final String scope,
-          PolarisCallContext polarisCallContext) {
-        return generateFromClientSecrets(
-            clientId, clientSecret, grantType, scope, polarisCallContext, TokenType.ACCESS_TOKEN);
-      }
       /**
        * Generate a token from client secrets
        *
-       * @param clientId
-       * @param clientSecret
-       * @param grantType
-       * @param scope
-       * @param requestedTokenType
        * @return the response indicating an error or the requested token
        */
       TokenResponse generateFromClientSecrets(
@@ Expand All / @@ -74,39 +48,17 @@ TokenResponse generateFromClientSecrets( @@
           PolarisCallContext polarisCallContext,
           TokenType requestedTokenType);
-      /**
-       * Generate a token from an existing token of a specified type without specifying the requested
-       * token type
-       *
-       * @param subjectTokenType
-       * @param subjectToken
-       * @param grantType
-       * @param scope
-       * @return the response indicating an error or the requested token
-       * @deprecated - use the method with the requested token type
-       */
-      @Deprecated
-      default TokenResponse generateFromToken(
-          TokenType subjectTokenType, String subjectToken, final String grantType, final String scope) {
-        return generateFromToken(
-            subjectTokenType, subjectToken, grantType, scope, TokenType.ACCESS_TOKEN);
-      }
       /**
        * Generate a token from an existing token of a specified type
        *
-       * @param subjectTokenType
-       * @param subjectToken
-       * @param grantType
-       * @param scope
-       * @param requestedTokenType
        * @return the response indicating an error or the requested token
        */
       TokenResponse generateFromToken(
           TokenType subjectTokenType,
           String subjectToken,
           final String grantType,
           final String scope,
+          PolarisCallContext polarisCallContext,
           TokenType requestedTokenType);
       DecodedToken verify(String token);
@@ Expand Down @@

Remove getCurrentContext from JWTBroker #2202

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

dimas-b merged 1 commit into apache:main from XN137:remove-getCurrentContext-from-JWTBroker

Jul 30, 2025

-Original file line number
+Diff line change
@@ Expand Up / @@ -110,7 +110,12 @@ public Response getToken( @@
         } else if (subjectToken != null) {
           tokenResponse =
               tokenBroker.generateFromToken(
-                  subjectTokenType, subjectToken, grantType, scope, requestedTokenType);
+                  subjectTokenType,
+                  subjectToken,
+                  grantType,
+                  scope,
+                  callContext.getPolarisCallContext(),
+                  requestedTokenType);
         } else {
           return OAuthUtils.getResponseFromError(OAuthTokenErrorResponse.Error.invalid_request);
         }
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -31,7 +31,6 @@ @@
     import org.apache.commons.lang3.StringUtils;
     import org.apache.iceberg.exceptions.NotAuthorizedException;
     import org.apache.polaris.core.PolarisCallContext;
-    import org.apache.polaris.core.context.CallContext;
     import org.apache.polaris.core.entity.PolarisEntityType;
     import org.apache.polaris.core.entity.PrincipalEntity;
     import org.apache.polaris.core.persistence.PolarisMetaStoreManager;
@@ Expand Down Expand Up / @@ -101,6 +100,7 @@ public TokenResponse generateFromToken( @@
           String subjectToken,
           String grantType,
           String scope,
+          PolarisCallContext polarisCallContext,
           TokenType requestedTokenType) {
         if (requestedTokenType != null && !TokenType.ACCESS_TOKEN.equals(requestedTokenType)) {
           return new TokenResponse(OAuthTokenErrorResponse.Error.invalid_request);
@@ Expand All / @@ -119,7 +119,7 @@ public TokenResponse generateFromToken( @@
         }
         EntityResult principalLookup =
             metaStoreManager.loadEntity(
-                CallContext.getCurrentContext().getPolarisCallContext(),
+                polarisCallContext,
 L,
                 Objects.requireNonNull(decodedToken.getPrincipalId()),
                 PolarisEntityType.PRINCIPAL);
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -58,6 +58,7 @@ public TokenResponse generateFromToken( @@
                 String subjectToken,
                 String grantType,
                 String scope,
+                PolarisCallContext polarisCallContext,
                 TokenType requestedTokenType) {
               return null;
             }
@@ Expand Down @@

-Original file line number
+Diff line change
@@ Expand Up / @@ -35,35 +35,9 @@ public interface TokenBroker { @@
       boolean supportsRequestedTokenType(TokenType tokenType);
-      /**
-       * Generate a token from client secrets without specifying the requested token type
-       *
-       * @param clientId
-       * @param clientSecret
-       * @param grantType
-       * @param scope
-       * @return the response indicating an error or the requested token
-       * @deprecated - use the method with the requested token type
-       */
-      @Deprecated
-      default TokenResponse generateFromClientSecrets(
-          final String clientId,
-          final String clientSecret,
-          final String grantType,
-          final String scope,
-          PolarisCallContext polarisCallContext) {
-        return generateFromClientSecrets(
-            clientId, clientSecret, grantType, scope, polarisCallContext, TokenType.ACCESS_TOKEN);
-      }
       /**
        * Generate a token from client secrets
        *
-       * @param clientId
-       * @param clientSecret
-       * @param grantType
-       * @param scope
-       * @param requestedTokenType
        * @return the response indicating an error or the requested token
        */
       TokenResponse generateFromClientSecrets(
@@ Expand All / @@ -74,39 +48,17 @@ TokenResponse generateFromClientSecrets( @@
           PolarisCallContext polarisCallContext,
           TokenType requestedTokenType);
-      /**
-       * Generate a token from an existing token of a specified type without specifying the requested
-       * token type
-       *
-       * @param subjectTokenType
-       * @param subjectToken
-       * @param grantType
-       * @param scope
-       * @return the response indicating an error or the requested token
-       * @deprecated - use the method with the requested token type
-       */
-      @Deprecated
-      default TokenResponse generateFromToken(
-          TokenType subjectTokenType, String subjectToken, final String grantType, final String scope) {
-        return generateFromToken(
-            subjectTokenType, subjectToken, grantType, scope, TokenType.ACCESS_TOKEN);
-      }
       /**
        * Generate a token from an existing token of a specified type
        *
-       * @param subjectTokenType
-       * @param subjectToken
-       * @param grantType
-       * @param scope
-       * @param requestedTokenType
        * @return the response indicating an error or the requested token
        */
       TokenResponse generateFromToken(
           TokenType subjectTokenType,
           String subjectToken,
           final String grantType,
           final String scope,
+          PolarisCallContext polarisCallContext,
           TokenType requestedTokenType);
       DecodedToken verify(String token);
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove getCurrentContext from JWTBroker #2202

Uh oh!

Diff view

Diff view

There are no files selected for viewing