Implementation:Apache Paimon AuthBase
| Knowledge Sources | |
|---|---|
| Domains | Authentication, REST API |
| Last Updated | 2026-02-08 00:00 GMT |
Overview
AuthBase provides the foundational authentication provider abstraction and function wrapper for REST API authentication in Apache Paimon.
Description
The AuthBase module defines two key components for authentication in Paimon's REST API: the AuthProvider abstract base class and the RESTAuthFunction callable wrapper. AuthProvider declares the interface that all authentication providers must implement, requiring a merge_auth_header method that adds authentication credentials to HTTP headers.
RESTAuthFunction acts as a callable wrapper around an AuthProvider instance, maintaining an initial set of base headers and delegating to the provider to merge in authentication-specific headers. This design allows for flexible authentication strategies where different providers can implement various authentication schemes (bearer tokens, DLF signatures, etc.) while maintaining a consistent interface.
The pattern enables dependency injection and strategy-based authentication, making it easy to swap authentication mechanisms without modifying the REST client code. The function wrapper can be passed as a callable to HTTP clients that need to authenticate requests dynamically based on request parameters.
Usage
Use AuthBase when implementing custom authentication providers for Paimon REST catalogs, or when building REST clients that need pluggable authentication mechanisms supporting multiple authentication schemes.
Code Reference
Source Location
- Repository: Apache_Paimon
- File: paimon-python/pypaimon/api/auth/base.py
Signature
class AuthProvider(ABC):
@abstractmethod
def merge_auth_header(
self, base_header: Dict[str, str], parameter: RESTAuthParameter
) -> Dict[str, str]:
"""Merge authorization header into header."""
class RESTAuthFunction:
def __init__(self,
init_header: Dict[str, str],
auth_provider: AuthProvider):
self.init_header = init_header.copy() if init_header else {}
self.auth_provider = auth_provider
def __call__(
self, rest_auth_parameter: RESTAuthParameter) -> Dict[str, str]:
return self.auth_provider.merge_auth_header(
self.init_header, rest_auth_parameter
)
def apply(self, rest_auth_parameter: RESTAuthParameter) -> Dict[str, str]:
return self.__call__(rest_auth_parameter)
Import
from pypaimon.api.auth.base import AuthProvider, RESTAuthFunction
I/O Contract
Inputs
| Name | Type | Required | Description |
|---|---|---|---|
| base_header | Dict[str, str] | Yes | Base HTTP headers to augment with authentication |
| parameter | RESTAuthParameter | Yes | REST authentication parameters for the request |
| init_header | Dict[str, str] | Yes | Initial headers for RESTAuthFunction |
| auth_provider | AuthProvider | Yes | Authentication provider implementation |
Outputs
| Name | Type | Description |
|---|---|---|
| headers | Dict[str, str] | HTTP headers with authentication credentials merged in |
Usage Examples
from pypaimon.api.auth.base import AuthProvider, RESTAuthFunction
from pypaimon.api.typedef import RESTAuthParameter
from typing import Dict
# Implement a custom auth provider
class CustomAuthProvider(AuthProvider):
def __init__(self, api_key: str):
self.api_key = api_key
def merge_auth_header(
self, base_header: Dict[str, str], parameter: RESTAuthParameter
) -> Dict[str, str]:
headers = base_header.copy()
headers['X-API-Key'] = self.api_key
return headers
# Create an auth function
provider = CustomAuthProvider("my-secret-key")
base_headers = {"Content-Type": "application/json"}
auth_func = RESTAuthFunction(base_headers, provider)
# Apply authentication to a request
auth_param = RESTAuthParameter(data={"method": "GET", "path": "/api/tables"})
authenticated_headers = auth_func(auth_param)
# Result: {"Content-Type": "application/json", "X-API-Key": "my-secret-key"}
# Or use the apply method
authenticated_headers = auth_func.apply(auth_param)