def test_auth_custom_auth(self): database = Mock() auth_class = Mock() auth_method = "custom_auth" auth_params = {"params1": "params1", "params2": "params2"} database.encrypted_extra = json.dumps({ "auth_method": auth_method, "auth_params": auth_params }) with patch.dict( "superset.config.ALLOWED_EXTRA_AUTHENTICATIONS", {"trino": { "custom_auth": auth_class }}, clear=True, ): params: Dict[str, Any] = {} TrinoEngineSpec.update_encrypted_extra_params(database, params) connect_args = params.setdefault("connect_args", {}) self.assertEqual(connect_args.get("http_scheme"), "https") auth_class.assert_called_once_with(**auth_params)
def test_auth_basic(self, auth: Mock): database = Mock() auth_params = {"username": "******", "password": "******"} database.encrypted_extra = json.dumps( {"auth_method": "basic", "auth_params": auth_params} ) params: Dict[str, Any] = {} TrinoEngineSpec.update_encrypted_extra_params(database, params) connect_args = params.setdefault("connect_args", {}) self.assertEqual(connect_args.get("http_scheme"), "https") auth.assert_called_once_with(**auth_params)
def test_auth_custom_auth_denied(self): database = Mock() auth_method = "my.module:TrinoAuthClass" auth_params = {"params1": "params1", "params2": "params2"} database.encrypted_extra = json.dumps({ "auth_method": auth_method, "auth_params": auth_params }) superset.config.ALLOWED_EXTRA_AUTHENTICATIONS = {} with pytest.raises(ValueError) as excinfo: TrinoEngineSpec.update_encrypted_extra_params(database, {}) assert str(excinfo.value) == ( f"For security reason, custom authentication '{auth_method}' " f"must be listed in 'ALLOWED_EXTRA_AUTHENTICATIONS' config")
def test_auth_kerberos(self, auth: Mock): database = Mock() auth_params = { "service_name": "superset", "mutual_authentication": False, "delegate": True, } database.encrypted_extra = json.dumps( {"auth_method": "kerberos", "auth_params": auth_params} ) params: Dict[str, Any] = {} TrinoEngineSpec.update_encrypted_extra_params(database, params) connect_args = params.setdefault("connect_args", {}) self.assertEqual(connect_args.get("http_scheme"), "https") auth.assert_called_once_with(**auth_params)