SNOW-618478: Introduce unified property for private key file and base…

…64 bytes Adds private_key_pwd session property that may be used interchangeably with existing private_key_file_pwd. Marks private_key_file_pwd property as deprecated as in the future it'll be completely replaced with private_key_pwd. Rename usages of privateKeyFilePwd to privateKeyPwd to clarify that from now it may refer not only to the file but also private_key_base64.
snowflakedb · Aug 14, 2024 · ea2c44a · ea2c44a
1 parent f22fce4
commit ea2c44a
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 14 deletions.
diff --git a/src/main/java/net/snowflake/client/core/SFSession.java b/src/main/java/net/snowflake/client/core/SFSession.java
@@ -593,7 +593,9 @@ public synchronized void open() throws SFException, SnowflakeSQLException {
         SFLoggerUtil.isVariableProvided(
             (String) connectionPropertiesMap.get(SFSessionProperty.PRIVATE_KEY_BASE64)),
         SFLoggerUtil.isVariableProvided(
-            (String) connectionPropertiesMap.getOrDefault(SFSessionProperty.PRIVATE_KEY_PWD,
+            (String)
+                connectionPropertiesMap.getOrDefault(
+                    SFSessionProperty.PRIVATE_KEY_PWD,
                     connectionPropertiesMap.get(SFSessionProperty.PRIVATE_KEY_FILE_PWD))),
         connectionPropertiesMap.get(SFSessionProperty.ENABLE_DIAGNOSTICS),
         connectionPropertiesMap.get(SFSessionProperty.DIAGNOSTICS_ALLOWLIST_FILE),
@@ -645,7 +647,9 @@ public synchronized void open() throws SFException, SnowflakeSQLException {
         .setPrivateKeyBase64(
             (String) connectionPropertiesMap.get(SFSessionProperty.PRIVATE_KEY_BASE64))
         .setPrivateKeyPwd(
-            (String) connectionPropertiesMap.getOrDefault(SFSessionProperty.PRIVATE_KEY_PWD,
+            (String)
+                connectionPropertiesMap.getOrDefault(
+                    SFSessionProperty.PRIVATE_KEY_PWD,
                     connectionPropertiesMap.get(SFSessionProperty.PRIVATE_KEY_FILE_PWD)))
         .setApplication((String) connectionPropertiesMap.get(SFSessionProperty.APPLICATION))
         .setServiceName(getServiceName())

diff --git a/src/main/java/net/snowflake/client/core/SFSessionProperty.java b/src/main/java/net/snowflake/client/core/SFSessionProperty.java
@@ -56,8 +56,9 @@ public enum SFSessionProperty {
   PRIVATE_KEY_FILE("private_key_file", false, String.class),
   PRIVATE_KEY_BASE64("private_key_base64", false, String.class),
   /**
-   * @deprecated Use {@link #PRIVATE_KEY_PWD} for clarity. The given password will be used to decrypt
-   * the private key value independent of whether that value is supplied as a file or base64 string
+   * @deprecated Use {@link #PRIVATE_KEY_PWD} for clarity. The given password will be used to
+   *     decrypt the private key value independent of whether that value is supplied as a file or
+   *     base64 string
    */
   @Deprecated
   PRIVATE_KEY_FILE_PWD("private_key_file_pwd", false, String.class),

diff --git a/src/main/java/net/snowflake/client/core/SessionUtilKeyPair.java b/src/main/java/net/snowflake/client/core/SessionUtilKeyPair.java
@@ -102,8 +102,7 @@ class SessionUtilKeyPair {
     }
 
     ensurePrivateKeyProvidedInOnlyOneProperty(privateKey, privateKeyFile, privateKeyBase64);
-    this.privateKey =
-        buildPrivateKey(privateKey, privateKeyFile, privateKeyBase64, privateKeyPwd);
+    this.privateKey = buildPrivateKey(privateKey, privateKeyFile, privateKeyBase64, privateKeyPwd);
 
     // construct public key from raw bytes
     if (this.privateKey instanceof RSAPrivateCrtKey) {
@@ -143,10 +142,7 @@ private static void ensurePrivateKeyProvidedInOnlyOneProperty(
   }
 
   private PrivateKey buildPrivateKey(
-      PrivateKey privateKey,
-      String privateKeyFile,
-      String privateKeyBase64,
-      String privateKeyPwd)
+      PrivateKey privateKey, String privateKeyFile, String privateKeyBase64, String privateKeyPwd)
       throws SFException {
     if (!Strings.isNullOrEmpty(privateKeyBase64)) {
       logger.trace("Reading private key from base64 string");
@@ -279,8 +275,7 @@ public static int getTimeout() {
     return jwtAuthTimeout;
   }
 
-  private PrivateKey extractPrivateKeyWithBouncyCastle(
-      byte[] privateKeyBytes, String privateKeyPwd)
+  private PrivateKey extractPrivateKeyWithBouncyCastle(byte[] privateKeyBytes, String privateKeyPwd)
       throws IOException, PKCSException, OperatorCreationException {
     logger.trace("Extracting private key using Bouncy Castle provider");
     PrivateKeyInfo privateKeyInfo = null;

diff --git a/src/test/java/net/snowflake/client/core/SessionUtilLatestIT.java b/src/test/java/net/snowflake/client/core/SessionUtilLatestIT.java
@@ -89,8 +89,7 @@ private SFLoginInput initMockLoginInput() {
         .thenReturn(ClientAuthnDTO.AuthenticatorType.SNOWFLAKE_JWT.name());
     when(loginInput.getPrivateKeyFile())
         .thenReturn(systemGetEnv("SNOWFLAKE_TEST_PRIVATE_KEY_FILE"));
-    when(loginInput.getPrivateKeyPwd())
-        .thenReturn(systemGetEnv("SNOWFLAKE_TEST_PRIVATE_KEY_PWD"));
+    when(loginInput.getPrivateKeyPwd()).thenReturn(systemGetEnv("SNOWFLAKE_TEST_PRIVATE_KEY_PWD"));
     when(loginInput.getUserName()).thenReturn(systemGetEnv("SNOWFLAKE_TEST_USER"));
     when(loginInput.getAccountName()).thenReturn("testaccount");
     when(loginInput.getAppId()).thenReturn("testid");