[
https://issues.apache.org/jira/browse/HIVE-29731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Attila Turoczy updated HIVE-29731:
----------------------------------
Description:
Add native token acquisition and refresh support to the Hive JDBC driver and
Beeline.
Supported flows should include:
* OAuth 2.0 Device Authorization Flow
* Authorization Code Flow with PKCE
* Client Credentials Flow for service accounts
* Explicit bearer-token configuration for CI/CD and automation
The client implementation should support:
* Browser-based interactive login
* Headless login
* Secure local token caching
* Automatic access-token refresh
* Clear errors for expired or rejected tokens
* Configurable issuer, client ID, audience, and scopes
Example usage:
{{beeline --url jdbc:hive2://host/default --auth=oauth
--oidc-issuer=[https://login.example.com|https://login.example.com/]
--client-id=hive-cli}}
was:
Add native token acquisition and refresh support to the Hive JDBC driver and
Beeline.
Supported flows should include:
* OAuth 2.0 Device Authorization Flow
* Authorization Code Flow with PKCE
* Client Credentials Flow for service accounts
* Explicit bearer-token configuration for CI/CD and automation
The client implementation should support:
* Browser-based interactive login
* Headless login
* Secure local token caching
* Automatic access-token refresh
* Clear errors for expired or rejected tokens
* Configurable issuer, client ID, audience, and scopes
Example usage:
{{beeline \
--url jdbc:hive2://host/default \
--auth=oauth \
--oidc-issuer=https://login.example.com \
--client-id=hive-cli}}
> Native OAuth support in Beeline and the Hive JDBC driver
> --------------------------------------------------------
>
> Key: HIVE-29731
> URL: https://issues.apache.org/jira/browse/HIVE-29731
> Project: Hive
> Issue Type: New Feature
> Components: Beeline
> Reporter: Attila Turoczy
> Priority: Major
> Labels: cloud
>
> Add native token acquisition and refresh support to the Hive JDBC driver and
> Beeline.
> Supported flows should include:
> * OAuth 2.0 Device Authorization Flow
> * Authorization Code Flow with PKCE
> * Client Credentials Flow for service accounts
> * Explicit bearer-token configuration for CI/CD and automation
> The client implementation should support:
> * Browser-based interactive login
> * Headless login
> * Secure local token caching
> * Automatic access-token refresh
> * Clear errors for expired or rejected tokens
> * Configurable issuer, client ID, audience, and scopes
> Example usage:
> {{beeline --url jdbc:hive2://host/default --auth=oauth
> --oidc-issuer=[https://login.example.com|https://login.example.com/]
> --client-id=hive-cli}}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)