Alexandre Dutra

Hi @nastra any updates on this PR? FYI here is an example of error from a Spark SQL session connected to REST catalog + external auth server: ``` 24/05/26 21:39:19...

@nastra or @amogh-jahagirdar is it possible for you to have a another look here please? Thanks 🙏

@nastra @amogh-jahagirdar This PR has been rebased. Could I get a review please? 🙏

> @adutra IMO https://github.com/apache/iceberg/pull/10314/files#r1601220154 still needs to be reverted. It's ok to add a workaround for Keycloak but I don't see a good enough reason to adjust what the server...

> @adutra I've read RFC 6749 but as I mentioned in [#10314 (comment)](https://github.com/apache/iceberg/pull/10314#discussion_r1601201951) I'm assuming that the token exchange is following RFC 8693 (and my assumption can be wrong). It...

@rdblue since you originally authored this part (https://github.com/apache/iceberg/pull/4771#discussion_r874114263) would you mind having a look as well? Thank you!

> I believe that the intent includes that a client credential exchange could return any of the enumerated token types defined in [section 3](https://www.rfc-editor.org/rfc/rfc8693.html#name-token-type-identifiers) and applies. RFC 8693 _builds_ on...

Thank you to all involved! I'm very glad that we could reach a consensus here 🙏

Tbh messages for `PAYLOAD_DIFFERS`, `CONTENT_ID_DIFFERS` and `VALUE_DIFFERS` only make sense to people familiar with the internals of the new storage engine. "Existing" here does not mean that the content exists...

Should we add this to the "Iceberg REST Catalog" milestone? https://github.com/apache/iceberg/milestone/46