-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SNOW-993600 External OAuth2.0 Support #718
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left some minor comments, otherwise LGTM, thanks!
@@ -187,11 +190,29 @@ public class SnowflakeStreamingIngestClientInternal<T> implements SnowflakeStrea | |||
throw new SFException(e, ErrorCode.KEYPAIR_CREATION_FAILURE); | |||
} | |||
} else { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we do a check here that the AUTHORIZATION_TYPE is OAuth, and throw an exception if user gives us something we don't understand?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The properties check is here before passing props to the internal client. Should we also add a check here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no, this looks good, thanks!
@sfc-gh-xhuang do you want to work with Alec to document our support for OAuth so that customer can start to try it out? I don't see many usage so far |
@sfc-gh-tzhang I believe we already document our support for Snowflake Oauth Oauth may not be a heavy usage feature. Similar to replication, big companies like to leverage it but not everyone |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!
External OAuth2.0 support for client sdk. Auth servers should adheres to the OAuth 2.0 grant flow, issuing refresh tokens. Additional parameters are required for OAuth support. Please refer to the accompanying image for details.
![image](https://private-user-images.githubusercontent.com/133713295/314658609-0b157b33-2317-4085-8c9f-9b3e8eb7a757.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIyNjgyODcsIm5iZiI6MTcyMjI2Nzk4NywicGF0aCI6Ii8xMzM3MTMyOTUvMzE0NjU4NjA5LTBiMTU3YjMzLTIzMTctNDA4NS04YzlmLTliM2U4ZWI3YTc1Ny5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzI5JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDcyOVQxNTQ2MjdaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT05NmI3YmFmYjkyMmI3MjRhYzljYjRiYzcwYWMyNDhkNTlkNmE5N2YyOWRiYWMwMjA0ZjY2YTQwM2QzZjczNDA4JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.SwY6cOsIkDWfalQjkyspHLQBfX-7YIsTJQLqWKLWVzM)
To integrate OAuth with Snowflake, please check this public doc.
JIRA