[ 
https://issues.apache.org/jira/browse/HIVE-29731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Attila Turoczy updated HIVE-29731:
----------------------------------
    Description: 
Add native token acquisition and refresh support to the Hive JDBC driver and 
Beeline.

Supported flows should include:
 * OAuth 2.0 Device Authorization Flow

 * Authorization Code Flow with PKCE

 * Client Credentials Flow for service accounts

 * Explicit bearer-token configuration for CI/CD and automation

The client implementation should support:
 * Browser-based interactive login

 * Headless login

 * Secure local token caching

 * Automatic access-token refresh

 * Clear errors for expired or rejected tokens

 * Configurable issuer, client ID, audience, and scopes

Example usage:

{{beeline --url jdbc:hive2://host/default --auth=oauth 
--oidc-issuer=[https://login.example.com|https://login.example.com/] 
--client-id=hive-cli}}

  was:
Add native token acquisition and refresh support to the Hive JDBC driver and 
Beeline.

Supported flows should include:
 * OAuth 2.0 Device Authorization Flow

 * Authorization Code Flow with PKCE

 * Client Credentials Flow for service accounts

 * Explicit bearer-token configuration for CI/CD and automation

The client implementation should support:
 * Browser-based interactive login

 * Headless login

 * Secure local token caching

 * Automatic access-token refresh

 * Clear errors for expired or rejected tokens

 * Configurable issuer, client ID, audience, and scopes

Example usage:

{{beeline \
  --url jdbc:hive2://host/default \
  --auth=oauth \
  --oidc-issuer=https://login.example.com \
  --client-id=hive-cli}}


> Native OAuth support in Beeline and the Hive JDBC driver
> --------------------------------------------------------
>
>                 Key: HIVE-29731
>                 URL: https://issues.apache.org/jira/browse/HIVE-29731
>             Project: Hive
>          Issue Type: New Feature
>          Components: Beeline
>            Reporter: Attila Turoczy
>            Priority: Major
>              Labels: cloud
>
> Add native token acquisition and refresh support to the Hive JDBC driver and 
> Beeline.
> Supported flows should include:
>  * OAuth 2.0 Device Authorization Flow
>  * Authorization Code Flow with PKCE
>  * Client Credentials Flow for service accounts
>  * Explicit bearer-token configuration for CI/CD and automation
> The client implementation should support:
>  * Browser-based interactive login
>  * Headless login
>  * Secure local token caching
>  * Automatic access-token refresh
>  * Clear errors for expired or rejected tokens
>  * Configurable issuer, client ID, audience, and scopes
> Example usage:
> {{beeline --url jdbc:hive2://host/default --auth=oauth 
> --oidc-issuer=[https://login.example.com|https://login.example.com/] 
> --client-id=hive-cli}}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to