All Classes and Interfaces
Class
Description
Represents access mechanisms defined in the Iceberg REST API specification (values for the
X-Iceberg-Access-Delegation header).Provides the active roles for a given principal.
Emitted after Polaris performs a commit to a table.
Emitted after Polaris refreshes its known version of a table's metadata by fetching the latest.
Emitted after an attempt of an async task, such as manifest file cleanup, finishes.
Emitted after Polaris performs a commit to a view.
Emitted after Polaris refreshes its known version of a view's metadata by fetching the latest.
An interface for authenticating principals based on provided credentials.
BatchFileCleanupTaskHandler responsible for batch file cleanup by processing multiple
file deletions in a single task handler.Emitted before the RateLimiterFilter rejects a request due to exceeding the rate limit.
Emitted when Polaris intends to perform a commit to a table.
Emitted when Polaris intends to refresh its known version of a table's metadata by fetching the
latest.
Emitted before an attempt of an async task, such as manifest file cleanup, begins.
Emitted when Polaris intends to perform a commit to a view.
Emitted when Polaris intends to refresh its known version of a view's metadata by fetching the
latest.
Uses the resolved RealmContext to further resolve elements of the CallContext.
A common interface for adapters between the REST interface and
CatalogHandler
implementationsAn ABC for catalog wrappers which provides authorize methods that should be called before a
request is actually forwarded to a catalog.
CODE_COPIED_TO_POLARIS Copied from CatalogHandler in Iceberg 1.8.0 Contains a collection of
utilities related to managing Iceberg entities
An extension point for converting Iceberg REST API "prefix" values to Polaris Catalog names.
A specialized
PrincipalAuthInfo used for internal authentication, when Polaris is the
identity provider.Default implementation of the
ActiveRolesProvider looks up the grant records for a
principal to determine roles that are available.The default authenticator that resolves a
PrincipalAuthInfo to an AuthenticatedPolarisPrincipal.For local/dev testing, this resolver simply expects a custom bearer-token format that is a
semicolon-separated list of colon-separated key/value pairs that constitute the realm properties.
A default FileIO factory implementation for creating Iceberg
FileIO instances with
contextual table-level properties.Default implementation of the
IcebergRestOAuth2ApiService that generates a JWT token for
the client if the client secret matches.A
FileIO implementation that wraps an existing FileIO and re-maps exceptionsFileCleanupTaskHandler responsible for cleaning up files in table tasks.Interface for providing a way to construct FileIO objects, such as for reading/writing S3.
A catalog for managing `GenericTableEntity` instances
Defines the relationship between PolarisEntities and Iceberg's business logic.
An adapter between generated service types like `IcebergRestCatalogApiService` and
`IcebergCatalogHandler`.
Authorization-aware adapter between REST stubs and shared Iceberg SDK CatalogHandlers.
Utility class that encapsulates logic pertaining to Iceberg REST specific concepts.
See Dropwizard's
io.dropwizard.jersey.jackson.JsonProcessingExceptionMapperLogical representation of an HTTP compliant If-None-Match header.
Uses a PolarisTreeMapStore for the underlying persistence layer but uses it to initialize an
AtomicOperationMetaStoreManager instead of the transactional version.
Generates a JWT Token.
Generates a JWT using a Public/Private RSA Key
Generates a JWT using a Symmetric Key.
Holds a public / private key pair in memory.
ManifestFileCleanupTaskHandler responsible for deleting all the files in a manifest and
the manifest itself.Serialized Task data sent from the
TableCleanupTaskHandlerDefault
TokenBrokerFactory that produces token brokers that do not do anything.Event listener that does nothing.
Rate limiter that always allows the request
An OAuth Error Token Response as defined by the Iceberg REST API OpenAPI Spec.
Simple utility class to assist with OAuth operations
Just as an Iceberg Catalog represents the logical model of Iceberg business logic to manage
Namespaces, Tables and Views, abstracted away from Iceberg REST objects, this class represents
the logical model for managing realm-level Catalogs, Principals, Roles, and Grants.
Represents an event emitted by Polaris.
Represents an event listener that can respond to notable moments during Polaris's execution.
Concrete implementation of the Polaris API services
Principal information extracted from authentication data (typically, an access token) by the
configured authentication mechanism.
Interface for rate limiting requests
Request filter that returns a 429 Too Many Requests if the rate limiter says so
An interface for resolving the realm context for a given request.
Gets or creates PolarisEntityManager instances based on config values and RealmContext.
Rate limiter that maps the request's realm identifier to its own TokenBucket, with its own
capacity.
Used to track entity properties reserved for use by the catalog.
Deserializer for
AddGrantRequest Backward compatible with previous version of the apiDeserializer for
CreateCatalogRequest.Deserializer for
CreateCatalogRoleRequest Backward compatible with the previous version
of the apiDeserializer for
CreatePrincipalRequest.Deserializer for
CreatePrincipalRoleRequest.Deserializer for
GrantCatalogRoleRequest Backward compatible with the previous version
of the apiDeserializer for
GrantPrincipalRoleRequest.Deserializer for
RevokeGrantRequest Backward compatible with previous version of the
apiAdds support for credential vending for (typically)
TableOperations to
fetch access credentials that are inserted into the LoadTableResponse.config() property.Table cleanup handler resolves the latest
TableMetadata file for a dropped table and
schedules a deletion task for each Snapshot found in the TableMetadata.Execute a task asynchronously with a provided context.
Given a list of registered
TaskHandlers, execute tasks asynchronously with the provided
CallContext.Event listener that stores all emitted events forever.
For local/dev testing, this resolver simply expects a custom bearer-token format that is a
semicolon-separated list of colon-separated key/value pairs that constitute the realm properties.
Generic token class intended to be extended by different token types
Factory that creates a
TokenBroker for generating and parsing.This is a union of configuration settings of all token brokers.
General-purpose Token bucket implementation.
Factory for creating token buckets per realm.
A
FileIO implementation that translates WASB paths into ABFS paths and then delegates to
another underlying FileIO implementationA
FileIOFactory that translates WASB paths to ABFS ones