GitHub user prochac created a discussion: Auth for Flight RPC/SQL
Hi, I'm kinda having a confusion how authentication is intended for these two. As obvious, I'm using Go and Arrow Go module. I'm implementing Arrow Flight SQL server, and need to use some auth mechanism. So far, I'm using [flight.BasicAuthValidator](https://pkg.go.dev/github.com/apache/arrow-go/[email protected]/arrow/flight#BasicAuthValidator) with combination with [flight.CreateServerBasicAuthMiddleware](https://pkg.go.dev/github.com/apache/arrow-go/v18/arrow/flight#CreateServerBasicAuthMiddleware) But I also found [flight.ServerAuthHandler](https://pkg.go.dev/github.com/apache/arrow-go/v18/arrow/flight#ServerAuthHandler) that can be set to embedded [flight.BaseFlightServer](https://pkg.go.dev/github.com/apache/arrow-go/v18/arrow/flight#BaseFlightServer), and then be used by `flight.Server` that must be exclusively created by [flight.NewServerWithMiddleware](https://pkg.go.dev/github.com/apache/arrow-go/v18/arrow/flight#NewServerWithMiddleware), as the interceptors aren't otherwise available. If I'm correct, the authentication is a matter of the [Flight RPC layer](https://arrow.apache.org/docs/format/Flight.html#authentication). Therefore, it confuses me, that the first method uses `Basic` `"authorization"` for `/Handshake`, and then it's being transformed to `Bearer` token, returned as `"authorization"` Trailer from server, and client switches the basic `"authorization"` to bearer on its side. Meanwhile, the `ServerAuthHandler` uses `"auth-token-bin"` key for metadata, and reads the "login" credentials from the payload into [flight.BasicAuth](https://pkg.go.dev/github.com/apache/arrow-go/v18/arrow/flight#BasicAuth) So the `BasicAuth` and `BasicAuthValidator` aren't even used together. What is the unified Auth mechanism for Flight RPC? Does Flight SQL use different? By my experience, all clients, like [Flight SQL JDBC driver](https://arrow.apache.org/docs/java/flight_sql_jdbc_driver.html), uses only the first method, using `"authorization"` header and trailer. GitHub link: https://github.com/apache/arrow-go/discussions/519 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
