Skip to content

Commit

Permalink
SNOW-1825471: Port and remove snowflake-common auth related codebase
Browse files Browse the repository at this point in the history
  • Loading branch information
@sfc-gh-dheyman
sfc-gh-dheyman committed Nov 28, 2024
1 parent a20f2cf commit 1ae7fba
Show file tree
Hide file tree
Showing 10 changed files with 99 additions and 24 deletions.
69 changes: 69 additions & 0 deletions src/main/java/net/snowflake/client/core/ClientAuthnDTO.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
package net.snowflake.client.core;
/*
* Copyright (c) 2024 Snowflake Computing Inc. All right reserved.
*/

import javax.annotation.Nullable;
import java.util.Map;

@SnowflakeJdbcInternalApi
public class ClientAuthnDTO {

public enum AuthenticatorType {
/*
* regular login username+password via Snowflake, may or may not have MFA
*/
SNOWFLAKE,

/*
* federated authentication, OKTA as IDP
*/
OKTA,

/*
* Web browser based authenticator for SAML 2.0 compliant
* service/application
*/
EXTERNALBROWSER,

/*
* OAUTH 2.0 flow
*/
OAUTH,

/*
* Snowflake local authentication using jwt token as a user credential
*/
SNOWFLAKE_JWT,

/*
* Internal authenticator to enable id_token for web browser based authenticator
*/
ID_TOKEN,

/*
* Authenticator to enable token for regular login with mfa
*/
USERNAME_PASSWORD_MFA,

/*
* Authenticator to support PAT
*/
PROGRAMMATIC_ACCESS_TOKEN,
}

// contains all the required data for current authn step
public final Map<String, Object> data;

/*
* current state
* tokenized string with all current parameters and the authn step
*/
public final String inFlightCtx;

/** Required by Jackson */
public ClientAuthnDTO(Map<String, Object> data, @Nullable String inFlightCtx) {
this.data = data;
this.inFlightCtx = inFlightCtx;
}
}
19 changes: 19 additions & 0 deletions src/main/java/net/snowflake/client/core/ClientAuthnParameter.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package net.snowflake.client.core;

@SnowflakeJdbcInternalApi
public enum ClientAuthnParameter {
LOGIN_NAME,
PASSWORD,
RAW_SAML_RESPONSE,
ACCOUNT_NAME,
CLIENT_APP_ID,
CLIENT_APP_VERSION,
EXT_AUTHN_DUO_METHOD,
PASSCODE,
CLIENT_ENVIRONMENT,
AUTHENTICATOR,
BROWSER_MODE_REDIRECT_PORT,
SESSION_PARAMETERS,
PROOF_KEY,
TOKEN
}
1 change: 0 additions & 1 deletion src/main/java/net/snowflake/client/core/SFSession.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@
import net.snowflake.client.log.SFLoggerFactory;
import net.snowflake.client.log.SFLoggerUtil;
import net.snowflake.client.util.Stopwatch;
import net.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.common.core.SqlState;
import org.apache.http.HttpHeaders;
import org.apache.http.client.methods.HttpGet;
Expand Down
15 changes: 4 additions & 11 deletions src/main/java/net/snowflake/client/core/SessionUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,6 @@
import net.snowflake.client.log.SFLoggerFactory;
import net.snowflake.client.util.SecretDetector;
import net.snowflake.client.util.Stopwatch;
import net.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.common.core.ClientAuthnParameter;
import net.snowflake.common.core.SqlState;
import org.apache.http.HttpHeaders;
import org.apache.http.client.config.RequestConfig;
Expand Down Expand Up @@ -453,9 +451,6 @@ private static SFLoginOutput newSession(
HttpPost postRequest = null;

try {
ClientAuthnDTO authnData = new ClientAuthnDTO();
authnData.setInFlightCtx(loginInput.getInFlightCtx());

Map<String, Object> data = new HashMap<>();
data.put(ClientAuthnParameter.CLIENT_APP_ID.name(), loginInput.getAppId());

Expand Down Expand Up @@ -621,8 +616,7 @@ private static SFLoginOutput newSession(
}

data.put(ClientAuthnParameter.CLIENT_APP_VERSION.name(), loginInput.getAppVersion());

authnData.setData(data);
ClientAuthnDTO authnData = new ClientAuthnDTO(data, loginInput.getInFlightCtx());
String json = mapper.writeValueAsString(authnData);

postRequest = new HttpPost(loginURI);
Expand Down Expand Up @@ -691,8 +685,8 @@ private static SFLoginOutput newSession(
// If we need to retry, we need to get a new Okta token
tokenOrSamlResponse = getSamlResponseUsingOkta(loginInput);
data.put(ClientAuthnParameter.RAW_SAML_RESPONSE.name(), tokenOrSamlResponse);
authnData.setData(data);
String updatedJson = mapper.writeValueAsString(authnData);
ClientAuthnDTO updatedAuthnData = new ClientAuthnDTO(data, loginInput.getInFlightCtx());
String updatedJson = mapper.writeValueAsString(updatedAuthnData);

StringEntity updatedInput = new StringEntity(updatedJson, StandardCharsets.UTF_8);
updatedInput.setContentType("application/json");
Expand Down Expand Up @@ -1378,8 +1372,7 @@ private static JsonNode federatedFlowStep1(SFLoginInput loginInput) throws Snowf
data.put(ClientAuthnParameter.CLIENT_APP_ID.name(), loginInput.getAppId());
data.put(ClientAuthnParameter.CLIENT_APP_VERSION.name(), loginInput.getAppVersion());

ClientAuthnDTO authnData = new ClientAuthnDTO();
authnData.setData(data);
ClientAuthnDTO authnData = new ClientAuthnDTO(data, null);
String json = mapper.writeValueAsString(authnData);

// attach the login info json body to the post request
Expand Down
5 changes: 1 addition & 4 deletions src/main/java/net/snowflake/client/core/SessionUtilExternalBrowser.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,6 @@
import net.snowflake.client.jdbc.SnowflakeSQLException;
import net.snowflake.client.log.SFLogger;
import net.snowflake.client.log.SFLoggerFactory;
import net.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.common.core.ClientAuthnParameter;
import net.snowflake.common.core.SqlState;
import org.apache.http.NameValuePair;
import org.apache.http.client.methods.HttpPost;
Expand Down Expand Up @@ -175,7 +173,6 @@ private String getSSOUrl(int port) throws SFException, SnowflakeSQLException {

HttpPost postRequest = this.handlers.build(fedUrlUri);

ClientAuthnDTO authnData = new ClientAuthnDTO();
Map<String, Object> data = new HashMap<>();

data.put(ClientAuthnParameter.AUTHENTICATOR.name(), authenticator);
Expand All @@ -185,7 +182,7 @@ private String getSSOUrl(int port) throws SFException, SnowflakeSQLException {
data.put(ClientAuthnParameter.CLIENT_APP_ID.name(), loginInput.getAppId());
data.put(ClientAuthnParameter.CLIENT_APP_VERSION.name(), loginInput.getAppVersion());

authnData.setData(data);
ClientAuthnDTO authnData = new ClientAuthnDTO(data, null);
String json = mapper.writeValueAsString(authnData);

// attach the login info json body to the post request
Expand Down
1 change: 0 additions & 1 deletion src/test/java/net/snowflake/client/core/SessionUtilExternalBrowserTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@
import net.snowflake.client.jdbc.SnowflakeBasicDataSource;
import net.snowflake.client.jdbc.SnowflakeSQLException;
import net.snowflake.client.jdbc.SnowflakeSQLLoggedException;
import net.snowflake.common.core.ClientAuthnDTO;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.hamcrest.MatcherAssert;
Expand Down
1 change: 0 additions & 1 deletion src/test/java/net/snowflake/client/core/SessionUtilLatestIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@
import net.snowflake.client.jdbc.BaseJDBCTest;
import net.snowflake.client.jdbc.ErrorCode;
import net.snowflake.client.jdbc.SnowflakeSQLException;
import net.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.common.core.SqlState;
import org.apache.commons.io.IOUtils;
import org.apache.http.Header;
Expand Down
7 changes: 3 additions & 4 deletions src/test/java/net/snowflake/client/jdbc/ConnectionLatestIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,8 @@
import net.snowflake.client.annotations.DontRunOnGithubActions;
import net.snowflake.client.annotations.RunOnAWS;
import net.snowflake.client.category.TestTags;
import net.snowflake.client.core.ClientAuthnDTO;
import net.snowflake.client.core.ClientAuthnParameter;
import net.snowflake.client.core.HttpClientSettingsKey;
import net.snowflake.client.core.HttpUtil;
import net.snowflake.client.core.ObjectMapperFactory;
Expand All @@ -66,8 +68,6 @@
import net.snowflake.client.jdbc.telemetryOOB.TelemetryService;
import net.snowflake.client.log.SFLogger;
import net.snowflake.client.log.SFLoggerFactory;
import net.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.common.core.ClientAuthnParameter;
import net.snowflake.common.core.SqlState;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
Expand Down Expand Up @@ -1252,8 +1252,7 @@ public void testAuthenticatorEndpointWithDashInAccountName() throws Exception {

Map<String, Object> data =
Collections.singletonMap(ClientAuthnParameter.ACCOUNT_NAME.name(), "snowhouse-local");
ClientAuthnDTO authnData = new ClientAuthnDTO();
authnData.setData(data);
ClientAuthnDTO authnData = new ClientAuthnDTO(data, null);

ObjectMapper mapper = ObjectMapperFactory.getObjectMapper();
String json = mapper.writeValueAsString(authnData);
Expand Down
3 changes: 2 additions & 1 deletion src/test/java/net/snowflake/client/jdbc/SSOConnectionTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,14 @@
import java.sql.DriverManager;
import java.util.ArrayList;
import java.util.Properties;

import net.snowflake.client.core.ClientAuthnDTO;
import net.snowflake.client.core.HttpClientSettingsKey;
import net.snowflake.client.core.HttpUtil;
import net.snowflake.client.core.SFException;
import net.snowflake.client.core.SFLoginInput;
import net.snowflake.client.core.SessionUtil;
import net.snowflake.client.core.SessionUtilExternalBrowser;
import net.snowflake.common.core.ClientAuthnDTO;
import org.apache.commons.io.IOUtils;
import org.apache.http.client.methods.HttpPost;
import org.junit.jupiter.api.Test;
Expand Down
2 changes: 1 addition & 1 deletion src/test/java/net/snowflake/client/jdbc/SnowflakeDriverIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
import net.snowflake.client.annotations.DontRunOnGithubActions;
import net.snowflake.client.annotations.DontRunOnTestaccount;
import net.snowflake.client.category.TestTags;
import net.snowflake.common.core.ClientAuthnDTO;
import net.snowflake.client.core.ClientAuthnDTO;
import net.snowflake.common.core.SqlState;
import org.apache.commons.io.FileUtils;
import org.junit.jupiter.api.AfterAll;
Expand Down

0 comments on commit 1ae7fba

Please sign in to comment.