F21 commented on issue #41: add support for bearer token authentication. URL: https://github.com/apache/calcite-avatica-go/pull/41#issuecomment-508418729 @trusch Thanks for opening this PR! The Go client uses the [Java client](https://calcite.apache.org/avatica/docs/client_reference.html) as its reference implementation. As such, I am somewhat hesitant to add support for bearer tokens to the DSN. For example, if someone wants to use mutual TLS authentication in the future, we would need to overload the DSN with more parameters (I think the DSN as a string is a flaw in the design of the `database/sql` interface in Go). Also, as the Avatica server itself does not support OAuth authentication, I feel that this approach is orthogonal to the Go client. Since Go 1.10, there is a [driver.Connector](https://golang.org/pkg/database/sql/driver/#Connector) interface. This allows one to pass parameters other than strings to the driver. See [`go-mssqldb`'s implementation](https://godoc.org/github.com/denisenkom/go-mssqldb#ex-Connector). I feel that in our case, we can have the connector struct expose a public property that takes a `http.Client` for a general solution to your use-case. As the user of the library can now pass in their own `http.Client`, it's now possible to: - Use the [oauth2 package](https://godoc.org/golang.org/x/oauth2) which directly returns a `http.Client` with OAuth support baked in. - Decorate the round tripper to append the OAuth bearer token: https://stackoverflow.com/a/51326483/624884 - Do all sorts of things such as TLS mutual auth etc.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
