Feature Request / Improvement
OAuth2 Scope is a mechanism to limit an application's access to a user's account. It can also be used to ask for more information like openId user profile(id, name, email, etc). The user profile is useful for ACL checking in the server side. Currently PyIceberg hard-codes it to catalog, which cannot support the use case above. I'd suggest to make it configurable. WDYT? cc @Fokko @danielcweeks @syun64 @RussellSpitzer
Here is an http request example for better understanding.
curl --request POST \
--url https://xxx.com/oauth2/token \
--header 'Authorization: Basic xxx' \
--header 'content-type: multipart/form-data' \
--form grant_type=client_credentials \
--form 'scope=openid offline corpds:ds:profile' \
Then the token in response will have the user profile like this:
corpds:ds:dsid=2321321, corpds:ds:email=abot44@xxx.com, corpds:ds:employeeType=D, corpds:ds:firstName=Bot1
Feature Request / Improvement
OAuth2 Scope is a mechanism to limit an application's access to a user's account. It can also be used to ask for more information like openId user profile(id, name, email, etc). The user profile is useful for ACL checking in the server side. Currently PyIceberg hard-codes it to
catalog, which cannot support the use case above. I'd suggest to make it configurable. WDYT? cc @Fokko @danielcweeks @syun64 @RussellSpitzerHere is an http request example for better understanding.
Then the token in response will have the user profile like this: