Skip to content

Commit

Permalink
fix: Adding Kerberos auth configs from the trino-python-client
Browse files Browse the repository at this point in the history
  • Loading branch information
@BendettaSD @hovaesco
BendettaSD authored and hovaesco committed Sep 28, 2022
1 parent a268d99 commit e9194b1
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .changes/unreleased/Fixes-20220926-091442.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
kind: Fixes
body: Adding Kerberos auth configs from the trino-python-client
time: 2022-09-26T09:14:42.507437-07:00
custom:
Author: BendettaSD
Issue: ""
PR: "137"
5 changes: 5 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,11 @@ A dbt profile can be configured to run against Trino using the following configu
| krb5_config | Path to config for kerberos authentication | Optional (may be required if `method` is `kerberos`) | `/tmp/krb5.conf` |
| principal | Principal for kerberos authentication | Optional (may be required if `method` is `kerberos`) | `[email protected]` |
| service_name | Service name for kerberos authentication | Optional (default is `trino`) | `abc123` |
| mutual_authentication | Boolean flag for mutual authentication | Optional (may be required if `method` is `kerberos`) | `false` |
| force_preemptive | Boolean flag for preemptively initiate the Kerberos GSS exchange | Optional (may be required if `method` is `kerberos`) | `false` |
| hostname_override | Kerberos hostname for a host whose DNS name doesn't match | Optional (may be required if `method` is `kerberos`) | `EXAMPLE.COM` |
| sanitize_mutual_error_response | Boolean flag to strip content and headers from error responses | Optional (may be required if `method` is `kerberos`) | `true` |
| delegate | Boolean flag for credential delgation (GSS_C_DELEG_FLAG) | Optional (may be required if `method` is `kerberos`) | `false` |
| jwt_token | JWT token for authentication | Optional (required if `method` is `jwt`) | `none` or `abc123` |
| client_certificate | Path to client certificate to be used for certificate based authentication | Optional (required if `method` is `certificate`) | `/tmp/tls.crt` |
| client_private_key | Path to client private key to be used for certificate based authentication | Optional (required if `method` is `certificate`) | `/tmp/tls.key` |
Expand Down
10 changes: 10 additions & 0 deletions dbt/adapters/trino/connections.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,8 +169,13 @@ class TrinoKerberosCredentials(TrinoCredentials):
principal: Optional[str] = None
krb5_config: Optional[str] = None
service_name: Optional[str] = "trino"
mutual_authentication: Optional[bool] = False
cert: Optional[str] = None
http_headers: Optional[Dict[str, str]] = None
force_preemptive: Optional[bool] = False
hostname_override: Optional[str] = None
sanitize_mutual_error_response: Optional[bool] = True
delegate: Optional[bool] = False
session_properties: Dict[str, Any] = field(default_factory=dict)
prepared_statements_enabled: bool = PREPARED_STATEMENTS_ENABLED_DEFAULT
retries: Optional[int] = trino.constants.DEFAULT_MAX_ATTEMPTS
Expand All @@ -189,7 +194,12 @@ def trino_auth(self):
config=self.krb5_config,
service_name=self.service_name,
principal=self.principal,
mutual_authentication=self.mutual_authentication,
ca_bundle=self.cert,
force_preemptive=self.force_preemptive,
hostname_override=self.hostname_override,
sanitize_mutual_error_response=self.sanitize_mutual_error_response,
delegate=self.delegate,
)


Expand Down

0 comments on commit e9194b1

Please sign in to comment.