eldar-eln-bigabid commented on code in PR #30418:
URL: https://github.com/apache/airflow/pull/30418#discussion_r1155360136
##########
airflow/providers/neo4j/hooks/neo4j.py:
##########
@@ -61,12 +61,29 @@ def get_conn(self) -> Driver:
is_encrypted = self.connection.extra_dejson.get("encrypted", False)
- self.client = GraphDatabase.driver(
- uri, auth=(self.connection.login, self.connection.password),
encrypted=is_encrypted
- )
+ self.client = self.get_client(self.connection, is_encrypted, uri)
return self.client
+ def get_client(self, conn: Connection, encrypted: bool, uri: str) ->
Driver:
+ """
+ Function to determine that relevant driver based on extras.
+ :param conn: Connection object.
+ :param encrypted: boolean if encrypted connection or not.
+ :return: Neo4jDriver
+ """
+ # Self signed certificates
+ ssc = conn.extra_dejson.get("certs_self_signed", False)
+
+ # Only certificates signed by CA.
+ trusted_ca = conn.extra_dejson.get("certs_trusted_ca", False)
+
+ if trusted_ca or ssc:
+ driver = GraphDatabase.driver(uri, auth=(conn.login,
conn.password))
+ else:
+ driver = GraphDatabase.driver(uri, auth=(conn.login,
conn.password), encrypted=encrypted)
Review Comment:
@hussein-awala
I thought that too when we were trying to connect to Neo4j. But When using
the `encrypted` parameter, whether `encrypted=False` or `encrypted=None`, it
raises the exception as in the issue I opened when using a self-signed
certificate or trusted_certificates.
The exception:
neo4j.exceptions.ConfigurationError: The config settings "encrypted",
"trust", "trusted_certificates", and "ssl_context" can only be used with the
URI schemes ['bolt', 'neo4j']. Use the other URI schemes ['bolt+ssc', 'bolt+s',
'neo4j+ssc', 'neo4j+s'] for setting encryption settings.
This is also the source of the exception in the driver that clearly stats
that in the first row:
` if (security_type in [SECURITY_TYPE_SELF_SIGNED_CERTIFICATE,
SECURITY_TYPE_SECURE]
and ("encrypted" in config.keys()
or "trust" in config.keys()
or "trusted_certificates" in config.keys()
or "ssl_context" in config.keys())):
from ..exceptions import ConfigurationError
# TODO: 6.0 - remove "trust" from error message
raise ConfigurationError(
'The config settings "encrypted", "trust", '
'"trusted_certificates", and "ssl_context" can only be '
"used with the URI schemes {!r}. Use the other URI "
"schemes {!r} for setting encryption settings."
.format(
[
URI_SCHEME_BOLT,
URI_SCHEME_NEO4J,
],
[
URI_SCHEME_BOLT_SELF_SIGNED_CERTIFICATE,
URI_SCHEME_BOLT_SECURE,
URI_SCHEME_NEO4J_SELF_SIGNED_CERTIFICATE,
URI_SCHEME_NEO4J_SECURE,
]
)
)`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
