feat: support per-request header override (#2631)

## Summary This PR introduces a `HeaderProvider` which is called for all remote HTTP calls to get the latest headers to inject. This is useful for features like adding the latest auth tokens where the header provider can auto-refresh tokens internally and each request always set the refreshed token. --------- Co-authored-by: Claude <noreply@anthropic.com>
2026-05-23 23:10:40 +00:00 · 2025-09-10 13:44:00 -07:00
parent 3c7419b392
commit 8da74dcb37
31 changed files with 2639 additions and 49 deletions
--- a/docs/src/js/classes/OAuthHeaderProvider.md
+++ b/docs/src/js/classes/OAuthHeaderProvider.md
@@ -0,0 +1,108 @@
+[**@lancedb/lancedb**](../README.md) • **Docs**
+
+***
+
+[@lancedb/lancedb](../globals.md) / OAuthHeaderProvider
+
+# Class: OAuthHeaderProvider
+
+Example implementation: OAuth token provider with automatic refresh.
+
+This is an example implementation showing how to manage OAuth tokens
+with automatic refresh when they expire.
+
+## Example
+
+```typescript
+async function fetchToken(): Promise<TokenResponse> {
+  const response = await fetch("https://oauth.example.com/token", {
+    method: "POST",
+    body: JSON.stringify({
+      grant_type: "client_credentials",
+      client_id: "your-client-id",
+      client_secret: "your-client-secret"
+    }),
+    headers: { "Content-Type": "application/json" }
+  });
+  const data = await response.json();
+  return {
+    accessToken: data.access_token,
+    expiresIn: data.expires_in
+  };
+}
+
+const provider = new OAuthHeaderProvider(fetchToken);
+const headers = provider.getHeaders();
+// Returns: {"authorization": "Bearer <your-token>"}
+```
+
+## Extends
+
+- [`HeaderProvider`](HeaderProvider.md)
+
+## Constructors
+
+### new OAuthHeaderProvider()
+
+```ts
+new OAuthHeaderProvider(tokenFetcher, refreshBufferSeconds): OAuthHeaderProvider
+```
+
+Initialize the OAuth provider.
+
+#### Parameters
+
+* **tokenFetcher**
+    Function to fetch new tokens. Should return object with 'accessToken' and optionally 'expiresIn'.
+
+* **refreshBufferSeconds**: `number` = `300`
+    Seconds before expiry to refresh token. Default 300 (5 minutes).
+
+#### Returns
+
+[`OAuthHeaderProvider`](OAuthHeaderProvider.md)
+
+#### Overrides
+
+[`HeaderProvider`](HeaderProvider.md).[`constructor`](HeaderProvider.md#constructors)
+
+## Methods
+
+### getHeaders()
+
+```ts
+getHeaders(): Record<string, string>
+```
+
+Get OAuth headers, refreshing token if needed.
+Note: This is synchronous for now as the Rust implementation expects sync.
+In a real implementation, this would need to handle async properly.
+
+#### Returns
+
+`Record`&lt;`string`, `string`&gt;
+
+Headers with Bearer token authorization.
+
+#### Throws
+
+If unable to fetch or refresh token.
+
+#### Overrides
+
+[`HeaderProvider`](HeaderProvider.md).[`getHeaders`](HeaderProvider.md#getheaders)
+
+***
+
+### refreshToken()
+
+```ts
+refreshToken(): Promise<void>
+```
+
+Manually refresh the token.
+Call this before using getHeaders() to ensure token is available.
+
+#### Returns
+
+`Promise`&lt;`void`&gt;