Jump to content

Connect Leeroopedia MCP: Equip your AI agents to search best practices, build plans, verify code, diagnose failures, and look up hyperparameter defaults.

Implementation:Apache Paimon AuthProvider

From Leeroopedia


Knowledge Sources
Domains Authentication, Security, REST API
Last Updated 2026-02-08 00:00 GMT

Overview

AuthProvider is an interface defining the contract for authentication providers that generate HTTP headers for REST catalog requests.

Description

AuthProvider is a simple but critical interface in Apache Paimon's REST catalog authentication framework. It defines the contract that all authentication implementations must follow, requiring a single method that merges authentication headers with existing request headers.

The interface takes a base header map and REST authentication parameters (including the request path, HTTP method, query parameters, and request body) as input, and returns a new header map that includes all necessary authentication headers. This design allows for flexible authentication strategies that can sign requests based on various combinations of request components.

The interface supports extensibility through the factory pattern, allowing new authentication providers to be plugged in without modifying the core catalog code. Different authentication mechanisms (like bearer tokens, API keys, or signature-based authentication) can all implement this interface while providing their own header generation logic.

Usage

Use AuthProvider as the base interface when implementing custom authentication strategies for REST catalog communication. Implement this interface to create authentication providers that generate the appropriate HTTP headers for your authentication mechanism.

Code Reference

Source Location

Signature

public interface AuthProvider {

    Map<String, String> mergeAuthHeader(
            Map<String, String> baseHeader, RESTAuthParameter restAuthParameter);
}

Import

import org.apache.paimon.rest.auth.AuthProvider;

I/O Contract

Inputs

Name Type Required Description
baseHeader Map<String, String> Yes Existing headers to merge with authentication headers
restAuthParameter RESTAuthParameter Yes Request parameters including path, method, query params, and body

Outputs

Name Type Description
mergeAuthHeader() Map<String, String> Returns combined header map with authentication headers added

Usage Examples

import org.apache.paimon.rest.auth.AuthProvider;
import org.apache.paimon.rest.auth.RESTAuthParameter;
import java.util.HashMap;
import java.util.Map;

// Example 1: Simple bearer token authentication provider
public class BearerTokenAuthProvider implements AuthProvider {
    private final String token;

    public BearerTokenAuthProvider(String token) {
        this.token = token;
    }

    @Override
    public Map<String, String> mergeAuthHeader(
            Map<String, String> baseHeader,
            RESTAuthParameter restAuthParameter) {
        Map<String, String> headers = new HashMap<>(baseHeader);
        headers.put("Authorization", "Bearer " + token);
        headers.put("Content-Type", "application/json");
        return headers;
    }
}

// Example 2: API key authentication provider
public class ApiKeyAuthProvider implements AuthProvider {
    private final String apiKey;
    private final String apiSecret;

    public ApiKeyAuthProvider(String apiKey, String apiSecret) {
        this.apiKey = apiKey;
        this.apiSecret = apiSecret;
    }

    @Override
    public Map<String, String> mergeAuthHeader(
            Map<String, String> baseHeader,
            RESTAuthParameter restAuthParameter) {
        Map<String, String> headers = new HashMap<>(baseHeader);
        headers.put("X-API-Key", apiKey);
        headers.put("X-API-Secret", apiSecret);
        return headers;
    }
}

// Example 3: Request signature-based authentication
public class SignatureAuthProvider implements AuthProvider {
    private final String accessKey;
    private final String secretKey;

    public SignatureAuthProvider(String accessKey, String secretKey) {
        this.accessKey = accessKey;
        this.secretKey = secretKey;
    }

    @Override
    public Map<String, String> mergeAuthHeader(
            Map<String, String> baseHeader,
            RESTAuthParameter restAuthParameter) {
        Map<String, String> headers = new HashMap<>(baseHeader);

        // Generate signature from request parameters
        String signature = generateSignature(
            restAuthParameter.method(),
            restAuthParameter.resourcePath(),
            restAuthParameter.data(),
            secretKey
        );

        headers.put("Authorization", accessKey + ":" + signature);
        headers.put("X-Timestamp", String.valueOf(System.currentTimeMillis()));
        return headers;
    }

    private String generateSignature(String method, String path,
                                     String data, String secret) {
        // Signature generation logic
        return "signature";
    }
}

// Example 4: Using an AuthProvider
public class CatalogClient {
    private final AuthProvider authProvider;

    public CatalogClient(AuthProvider authProvider) {
        this.authProvider = authProvider;
    }

    public void makeRequest(String path, String method, String body) {
        // Base headers
        Map<String, String> baseHeaders = new HashMap<>();
        baseHeaders.put("Accept", "application/json");
        baseHeaders.put("User-Agent", "PaimonClient/1.0");

        // Create auth parameters
        RESTAuthParameter authParams = new RESTAuthParameter(
            path,
            new HashMap<>(),  // query params
            method,
            body
        );

        // Get headers with authentication
        Map<String, String> headers = authProvider.mergeAuthHeader(
            baseHeaders,
            authParams
        );

        // Use headers in HTTP request
        System.out.println("Request headers: " + headers);
    }
}

// Example 5: No-op authentication provider
public class NoAuthProvider implements AuthProvider {
    @Override
    public Map<String, String> mergeAuthHeader(
            Map<String, String> baseHeader,
            RESTAuthParameter restAuthParameter) {
        // Return base headers unchanged
        return new HashMap<>(baseHeader);
    }
}

// Example 6: Conditional authentication
public class ConditionalAuthProvider implements AuthProvider {
    private final AuthProvider primaryAuth;
    private final AuthProvider fallbackAuth;

    public ConditionalAuthProvider(AuthProvider primary, AuthProvider fallback) {
        this.primaryAuth = primary;
        this.fallbackAuth = fallback;
    }

    @Override
    public Map<String, String> mergeAuthHeader(
            Map<String, String> baseHeader,
            RESTAuthParameter restAuthParameter) {
        try {
            return primaryAuth.mergeAuthHeader(baseHeader, restAuthParameter);
        } catch (Exception e) {
            return fallbackAuth.mergeAuthHeader(baseHeader, restAuthParameter);
        }
    }
}

Related Pages

Page Connections

Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment
Retrieved from "https://leeroopedia.com/index.php?title=Implementation:Apache_Paimon_AuthProvider&oldid=11468"