-
Notifications
You must be signed in to change notification settings - Fork 152
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Supports the parameter extracredentials #6
Comments
Currently one has to use workaround:
note: exact encoding of extra credentials is subject to improvement in trinodb/trino#2780 |
@findepi I tried the same in JDBC as well. See keys getting overwritten by the last one. |
Have you tried X-Trino instead of X-Presto? |
@zyxue I don't think that's the issue. Headers are getting passed. If you look at above example closely unlike Oauth token we need to set 2 keys for JDBC to work and it's passed in same header key. I guess the dictionary in presto client or requests library it get;s overwritten by last header key. |
This is a "bug" in python-requests. The HTTP spec allows repeating headers as long as values are different. e.g. It also says that compliant servers (Trino is compliant) should also treat comma-separated values as equivalent. i.e.
is equivalent to (ordering is important):
So try using the comma-separated form when setting headers from Python. |
bump on this, anyway to set user and pass extra credentials from python? |
@matt12eagles see #6 (comment) you could pass the extra credentials via request header |
@shawnzhu not having much luck :( Trying to pass in the extra credentials via the sqlachemy connect_args. if you find anything, please let me know. |
@matt12eagles it works for me: import http.client as http_client
from sqlalchemy.engine import create_engine
# dumping http headers via DEBUG
http_client.HTTPConnection.debuglevel = 1
# pass access token via connect_args
engine = create_engine(
'trino://<username>:<password>@<trino-hostname>:443/',
connect_args={'http_headers': {'X-Trino-Extra-Credential': 'foo1=bar, foo2=bar'}},
)
with engine.connect() as conn:
rs = conn.execute('SELECT * FROM system.runtime.nodes')
for row in rs:
print(row) If dumping the request headers, you will see the extra_credential header are sent like:
If using from urllib3._collections import HTTPHeaderDict
request_headers = HTTPHeaderDict()
request_headers.add('X-Trino-Extra-Credential', 'foo1=bar')
request_headers.add('X-Trino-Extra-Credential', 'foo2=bar')
engine = create_engine(
'trino://<username>:<password>@<trino-hostname>:443/',
connect_args={'http_headers': request_headers},
) |
@shawnzhu hands down the best response I have ever seen on git. Thank you! Here are my logs, i'm doing this from the superset python connection... so very very close to the python cli yet still a bit different: printing out new connection uri printing out params sent into connect class After your response, i'm going to replace 'X-Trino-Extra-Credential' with http-headers and see if it takes! Thank you! |
ANDDD @shawnzhu you got the key there!! Need http-headers!!! THANK YOU SO MUCH!! Beyond excited honestly! |
It introduced a new security feature called extraCredentials since release
302
:https://prestosql.io/docs/current/release/release-302.html
I've seen this new parameter
extraCredentials
has been documented and implemented for the JDBC driver but haven't seen such thing in the Python SDK.The text was updated successfully, but these errors were encountered: