dpgaspar commented on code in PR #21322:
URL: https://github.com/apache/superset/pull/21322#discussion_r962869406
##########
superset/db_engine_specs/snowflake.py:
##########
@@ -279,3 +284,33 @@ def parameters_json_schema(cls) -> Any:
spec.components.schema(cls.__name__, schema=cls.parameters_schema)
return spec.to_dict()["components"]["schemas"][cls.__name__]
+
+ @staticmethod
+ def update_params_from_encrypted_extra(
+ database: "Database",
+ params: Dict[str, Any],
+ ) -> None:
+ if not database.encrypted_extra:
+ return
+ try:
+ encrypted_extra = json.loads(database.encrypted_extra)
+ auth_method = encrypted_extra.pop("auth_method", None)
+ auth_params = encrypted_extra.pop("auth_params", {})
+ if not auth_method:
+ return
+ connect_args = params.setdefault("connect_args", {})
+ if auth_method == "keypair":
+ with open(auth_params['privatekey_path'], "rb") as key:
+ p_key = serialization.load_pem_private_key(
+ key.read(),
+ password=auth_params['privatekey_pass'].encode(),
+ backend=default_backend()
+ )
+ pkb = p_key.private_bytes(
+ encoding=serialization.Encoding.DER,
+ format=serialization.PrivateFormat.PKCS8,
+ encryption_algorithm=serialization.NoEncryption())
+ connect_args["private_key"] = pkb
+ except json.JSONDecodeError as ex:
+ logger.error(ex, exc_info=True)
Review Comment:
nit: use logger.exception(ex). Also wonder if there is value on this
`try`/`except` block, since `load_perm_private_key` can raise and
`p_key.private_bytes` and also raise. We could just let it raise
##########
superset/db_engine_specs/snowflake.py:
##########
@@ -279,3 +284,33 @@ def parameters_json_schema(cls) -> Any:
spec.components.schema(cls.__name__, schema=cls.parameters_schema)
return spec.to_dict()["components"]["schemas"][cls.__name__]
+
+ @staticmethod
+ def update_params_from_encrypted_extra(
+ database: "Database",
+ params: Dict[str, Any],
+ ) -> None:
+ if not database.encrypted_extra:
+ return
+ try:
+ encrypted_extra = json.loads(database.encrypted_extra)
Review Comment:
nit: we can move the `except` block to here, since only `json.loads` will
raise `JSONDecodeError`. More readable and less nesting
##########
superset/db_engine_specs/snowflake.py:
##########
@@ -279,3 +284,33 @@ def parameters_json_schema(cls) -> Any:
spec.components.schema(cls.__name__, schema=cls.parameters_schema)
return spec.to_dict()["components"]["schemas"][cls.__name__]
+
+ @staticmethod
+ def update_params_from_encrypted_extra(
+ database: "Database",
+ params: Dict[str, Any],
+ ) -> None:
+ if not database.encrypted_extra:
+ return
+ try:
+ encrypted_extra = json.loads(database.encrypted_extra)
+ auth_method = encrypted_extra.pop("auth_method", None)
+ auth_params = encrypted_extra.pop("auth_params", {})
+ if not auth_method:
+ return
+ connect_args = params.setdefault("connect_args", {})
+ if auth_method == "keypair":
Review Comment:
we should add an `else` and support `ALLOWED_EXTRA_AUTHENTICATIONS`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
