-
Notifications
You must be signed in to change notification settings - Fork 171
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into SNOW-1524152-implement-setQueryTimeout-for…
…-async-queries
- Loading branch information
Showing
9 changed files
with
232 additions
and
79 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
94 changes: 94 additions & 0 deletions
94
src/test/java/net/snowflake/client/authentication/OauthLatestIT.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,94 @@ | ||
| package net.snowflake.client.authentication; | ||
|
|
||
| import static net.snowflake.client.authentication.AuthConnectionParameters.getOauthConnectionParameters; | ||
| import static org.hamcrest.CoreMatchers.is; | ||
| import static org.hamcrest.MatcherAssert.assertThat; | ||
|
|
||
| import com.fasterxml.jackson.databind.JsonNode; | ||
| import com.fasterxml.jackson.databind.ObjectMapper; | ||
| import java.io.DataOutputStream; | ||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
| import java.net.HttpURLConnection; | ||
| import java.net.URL; | ||
| import java.nio.charset.StandardCharsets; | ||
| import java.util.Base64; | ||
| import java.util.List; | ||
| import java.util.Properties; | ||
| import java.util.stream.Collectors; | ||
| import java.util.stream.Stream; | ||
| import net.snowflake.client.category.TestTags; | ||
| import org.junit.jupiter.api.BeforeEach; | ||
| import org.junit.jupiter.api.Tag; | ||
| import org.junit.jupiter.api.Test; | ||
|
|
||
| @Tag(TestTags.AUTHENTICATION) | ||
| public class OauthLatestIT { | ||
|
|
||
| AuthTestHelper authTestHelper; | ||
|
|
||
| @BeforeEach | ||
| public void setUp() throws IOException { | ||
| authTestHelper = new AuthTestHelper(); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldAuthenticateUsingOauth() throws IOException { | ||
| authTestHelper.connectAndExecuteSimpleQuery(getOauthConnectionParameters(getToken()), null); | ||
| authTestHelper.verifyExceptionIsNotThrown(); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldThrowErrorForInvalidToken() { | ||
| authTestHelper.connectAndExecuteSimpleQuery(getOauthConnectionParameters("invalidToken"), null); | ||
| authTestHelper.verifyExceptionIsThrown("Invalid OAuth access token. "); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldThrowErrorForMismatchedOauthUsername() throws IOException { | ||
| Properties properties = getOauthConnectionParameters(getToken()); | ||
| properties.put("user", "differentUsername"); | ||
| authTestHelper.connectAndExecuteSimpleQuery(properties, null); | ||
| authTestHelper.verifyExceptionIsThrown( | ||
| "The user you were trying to authenticate as differs from the user tied to the access token."); | ||
| } | ||
|
|
||
| private String getToken() throws IOException { | ||
| List<String> data = | ||
| Stream.of( | ||
| "username=" + System.getenv("SNOWFLAKE_AUTH_TEST_OKTA_USER"), | ||
| "password=" + System.getenv("SNOWFLAKE_AUTH_TEST_OKTA_PASS"), | ||
| "grant_type=password", | ||
| "scope=session:role:" + System.getenv("SNOWFLAKE_AUTH_TEST_ROLE").toLowerCase()) | ||
| .collect(Collectors.toList()); | ||
|
|
||
| String auth = | ||
| System.getenv("SNOWFLAKE_AUTH_TEST_OAUTH_CLIENT_ID") | ||
| + ":" | ||
| + System.getenv("SNOWFLAKE_AUTH_TEST_OAUTH_CLIENT_SECRET"); | ||
| String encodedAuth = Base64.getEncoder().encodeToString(auth.getBytes(StandardCharsets.UTF_8)); | ||
|
|
||
| URL url = new URL(System.getenv("SNOWFLAKE_AUTH_TEST_OAUTH_URL")); | ||
| HttpURLConnection connection = (HttpURLConnection) url.openConnection(); | ||
| connection.setRequestMethod("POST"); | ||
| connection.setRequestProperty( | ||
| "Content-Type", "application/x-www-form-urlencoded;charset=UTF-8"); | ||
| connection.setRequestProperty("Authorization", "Basic " + encodedAuth); | ||
| connection.setDoOutput(true); | ||
|
|
||
| try (DataOutputStream out = new DataOutputStream(connection.getOutputStream())) { | ||
| out.writeBytes(String.join("&", data)); | ||
| out.flush(); | ||
| } | ||
|
|
||
| int responseCode = connection.getResponseCode(); | ||
| assertThat("Failed to get access token, response code: " + responseCode, responseCode, is(200)); | ||
|
|
||
| ObjectMapper mapper = new ObjectMapper(); | ||
| JsonNode jsonNode; | ||
| try (InputStream inputStream = connection.getInputStream()) { | ||
| jsonNode = mapper.readTree(inputStream); | ||
| } | ||
| return jsonNode.get("access_token").asText(); | ||
| } | ||
| } |
74 changes: 74 additions & 0 deletions
74
src/test/java/net/snowflake/client/authentication/OktaAuthLatestIT.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| package net.snowflake.client.authentication; | ||
|
|
||
| import static net.snowflake.client.authentication.AuthConnectionParameters.SSO_USER; | ||
| import static net.snowflake.client.authentication.AuthConnectionParameters.getOktaConnectionParameters; | ||
|
|
||
| import java.io.IOException; | ||
| import java.util.Properties; | ||
| import net.snowflake.client.category.TestTags; | ||
| import org.junit.jupiter.api.BeforeEach; | ||
| import org.junit.jupiter.api.Disabled; | ||
| import org.junit.jupiter.api.Tag; | ||
| import org.junit.jupiter.api.Test; | ||
|
|
||
| @Tag(TestTags.AUTHENTICATION) | ||
| class OktaAuthLatestIT { | ||
|
|
||
| AuthTestHelper authTestHelper; | ||
|
|
||
| @BeforeEach | ||
| public void setUp() throws IOException { | ||
| authTestHelper = new AuthTestHelper(); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldAuthenticateUsingOkta() { | ||
| authTestHelper.connectAndExecuteSimpleQuery(getOktaConnectionParameters(), null); | ||
| authTestHelper.verifyExceptionIsNotThrown(); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldAuthenticateUsingOktaWithOktaUsernameParam() { | ||
| Properties properties = getOktaConnectionParameters(); | ||
| properties.replace("user", "differentUsername"); | ||
| authTestHelper.connectAndExecuteSimpleQuery(properties, "oktausername=" + SSO_USER); | ||
| authTestHelper.verifyExceptionIsNotThrown(); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldThrowErrorForWrongOktaCredentials() { | ||
| Properties properties = getOktaConnectionParameters(); | ||
| properties.put("user", "invalidUsername"); | ||
| properties.put("password", "fakepassword"); | ||
| authTestHelper.connectAndExecuteSimpleQuery(properties, null); | ||
| authTestHelper.verifyExceptionIsThrown( | ||
| "JDBC driver encountered communication error. Message: HTTP status=401."); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldThrowErrorForWrongOktaCredentialsInOktaUsernameParam() { | ||
| Properties properties = getOktaConnectionParameters(); | ||
| properties.replace("user", "differentUsername"); | ||
| authTestHelper.connectAndExecuteSimpleQuery(properties, "oktausername=invalidUser"); | ||
| authTestHelper.verifyExceptionIsThrown( | ||
| "JDBC driver encountered communication error. Message: HTTP status=401."); | ||
| } | ||
|
|
||
| @Test | ||
| void shouldThrowErrorForWrongOktaUrl() { | ||
| Properties properties = getOktaConnectionParameters(); | ||
| properties.put("authenticator", "https://invalid.okta.com/"); | ||
| authTestHelper.connectAndExecuteSimpleQuery(properties, null); | ||
| authTestHelper.verifyExceptionIsThrown( | ||
| "The specified authenticator is not accepted by your Snowflake account configuration. Please contact your local system administrator to get the correct URL to use."); | ||
| } | ||
|
|
||
| @Test | ||
| @Disabled // todo SNOW-1852279 implement error handling for invalid URL | ||
| void shouldThrowErrorForWrongUrlWithoutOktaPath() { | ||
| Properties properties = getOktaConnectionParameters(); | ||
| properties.put("authenticator", "https://invalid.abc.com/"); | ||
| authTestHelper.connectAndExecuteSimpleQuery(properties, null); | ||
| authTestHelper.verifyExceptionIsThrown("todo"); | ||
| } | ||
| } |
Oops, something went wrong.