feat(java/driver/flight-sql): add OAuth2 support#4272
feat(java/driver/flight-sql): add OAuth2 support#4272lxyzxx wants to merge 0 commit intoapache:mainfrom
Conversation
lxyzxx
changed the title
|
Linked issue: #4277 |
lidavidm
changed the title
lidavidm
left a comment
lidavidm
left a comment
There was a problem hiding this comment.
FWIW, would using the existing Go Flight SQL driver via the JNI bridge work for you?
There was a problem hiding this comment.
Is there a standard library/common third party library we can leverage for OAuth details?
There was a problem hiding this comment.
Thanks for the suggestions.
I’d prefer to keep this in the pure Java Flight SQL driver instead of relying on the Go driver through JNI, since JNI would introduce native dependencies and additional deployment complexity for Java users.
For the OAuth2 implementation, I agree that we should use an existing library rather than hand-roll the protocol details. I noticed that Arrow Java already uses Nimbus OAuth2 SDK, so I think Nimbus would be a good fit for Java ADBC as well. I’ll update the PR accordingly.
There was a problem hiding this comment.
arrow-java implementation was based on the GO ADBC implementation and slightly changed to use Nimbus OAuth2 SDK. I think we could try to approximate ADBC and JDBC implementations, it might be possible to use arrow-java implementation since it seems ADBC has arrow-java as a dependency
There was a problem hiding this comment.
That makes sense. Since ADBC currently depends on Arrow Java 18.3.0 and the Arrow Java OAuth classes are not available in that version yet, directly reusing the JDBC implementation would require bumping the Arrow Java dependency.
Would you prefer that I refactor the ADBC implementation in this PR to more closely mirror the Arrow Java JDBC OAuth structure, or should we wait until ADBC updates to an Arrow Java version that includes those OAuth classes and then reuse the implementation ?
There was a problem hiding this comment.
I think it is ok to bump arrow-java version. 19.0.0 already got released. That way, refactoring the implementation to make it closer to arrow-java would be simpler
### Summary Upgrade the Java modules from Arrow Java 18.3.0 to 19.0.0. This is intended as a prerequisite for refactoring the Java Flight SQL OAuth implementation to reuse the OAuth abstractions added in Arrow Java 19.0.0. Follow-up to the discussion in: #4272 (comment) --------- Co-authored-by: xinyu.lin <xinyu.lin@transwarp.io>
3 participants
Summary
This PR provides an initial implementation of OAuth2 authentication support for the Java Flight SQL ADBC driver.
It introduces a configurable OAuth2 mechanism that allows clients to acquire and attach access tokens when establishing Flight SQL connections.
Changes
Add OAuth2-related connection options
Introduce
FlightSqlOAuthTokenProviderIntegrate OAuth authentication into
FlightSqlConnectionAuthorization: Bearer <token>headerAdd validation for conflicting authentication configurations
Add unit tests for OAuth2 authentication behavior
Future Work
Closes #4277.