Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update OAuth examples #1228

Merged
merged 5 commits into from
Mar 26, 2024
Merged

Update OAuth examples #1228

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
6a9f145
Update OAuth examples
jkoskela Mar 26, 2024
00b79e8
Switch back to preferred_username for first azure example
jkoskela Mar 26, 2024
9bd9a46
Add issued-at back
jkoskela Mar 26, 2024
c77424b
Address comments
jkoskela Mar 26, 2024
1590ba1
Minor changes
jkoskela Mar 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 6 additions & 2 deletions samples/components/oauth/athena.okta.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
<?xml version="1.0" encoding="utf-8"?>
<pluginOAuthConfig>
<dbclass>athena</dbclass>
<!-- For external configs, prefix with "custom_". -->
<!-- For configs embedded in the connector package, don't prefix with "custom_". -->
<oauthConfigId>custom_athena_okta</oauthConfigId>
<!-- Config label added in 2023.2. Avoid if backwards compatibility is needed. -->
<configLabel>Okta</configLabel>
<clientIdDesktop>$clientID</clientIdDesktop>
<clientSecretDesktop>$clientSecret</clientSecretDesktop>
<redirectUrisDesktop>http://localhost:55556/Callback</redirectUrisDesktop>
Expand Down Expand Up @@ -33,7 +37,7 @@
</entry>
<entry>
<key>OAUTH_CAP_CLIENT_SECRET_IN_URL_QUERY_PARAM</key>
<value>true</value>
<value>false</value>
</entry>
<entry>
<key>OAUTH_CAP_SUPPORTS_GET_USERINFO_FROM_ID_TOKEN</key>
Expand Down Expand Up @@ -63,7 +67,7 @@
</entry>
<entry>
<key>username</key>
<value>preferred_username</value>
jkoskela marked this conversation as resolved.
Show resolved Hide resolved
<value>email</value>
</entry>
</accessTokenResponseMaps>
</pluginOAuthConfig>
73 changes: 73 additions & 0 deletions samples/components/oauth/redshift.azure.iam-idc.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
<?xml version="1.0" encoding="utf-8"?>
<pluginOAuthConfig>
<dbclass>redshift</dbclass>
<!-- For configs embedded in the connector package, don't prefix with "custom_". For external configs, always prefix with "custom_". -->
<oauthConfigId>custom_redshift_azure_iam_idc</oauthConfigId>
<clientIdDesktop>${clientID}</clientIdDesktop>
<clientSecretDesktop>${clientSecret}</clientSecretDesktop>
<redirectUrisDesktop>http://localhost:55556/Callback</redirectUrisDesktop>
<redirectUrisDesktop>http://localhost:55557/Callback</redirectUrisDesktop>
<redirectUrisDesktop>http://localhost:55558/Callback</redirectUrisDesktop>
<redirectUrisDesktop>http://localhost:55559/Callback</redirectUrisDesktop>
<!-- For multitenant apps use the common endpoint, for single tenant apps use the directory specific endpoint. -->
<authUri>https://login.microsoftonline.com/${tenant}/oauth2/v2.0/authorize</authUri>
<tokenUri>https://login.microsoftonline.com/${tenant}/oauth2/v2.0/token</tokenUri>
<scopes>openid</scopes>
<scopes>offline_access</scopes>
<scopes>email</scopes>
<!-- An example with a custom API, which was required at the time of writing for integration with AWS IAM IDC. -->
<scopes>api://${customAPI}/Redshift</scopes>
<capabilities>
<entry>
<key>OAUTH_CAP_REQUIRES_PROMPT_SELECT_ACCOUNT</key>
<value>true</value>
</entry>
<entry>
<key>OAUTH_CAP_REQUIRE_PKCE</key>
<value>true</value>
</entry>
<entry>
<key>OAUTH_CAP_PKCE_REQUIRES_CODE_CHALLENGE_METHOD</key>
<value>true</value>
</entry>
<entry>
<key>OAUTH_CAP_SUPPORTS_STATE</key>
<value>true</value>
</entry>
<entry>
<key>OAUTH_CAP_CLIENT_SECRET_IN_URL_QUERY_PARAM</key>
<value>true</value>
jkoskela marked this conversation as resolved.
Show resolved Hide resolved
</entry>
<entry>
<key>OAUTH_CAP_SUPPORTS_GET_USERINFO_FROM_ID_TOKEN</key>
<value>true</value>
</entry>
<!-- Depending on the Azure application, dynamic ports may not be allowed. Enable this if not allowed. -->
<entry>
<key>OAUTH_CAP_FIXED_PORT_IN_CALLBACK_URL</key>
<value>true</value>
</entry>
</capabilities>
<accessTokenResponseMaps>
<entry>
<key>ACCESSTOKEN</key>
<value>access_token</value>
</entry>
<entry>
<key>REFRESHTOKEN</key>
<value>refresh_token</value>
</entry>
<entry>
<key>id-token</key>
<value>id_token</value>
</entry>
<entry>
<key>username</key>
<value>email</value>
</entry>
<entry>
<key>access-token-expires-in</key>
<value>expires_in</value>
</entry>
jkoskela marked this conversation as resolved.
Show resolved Hide resolved
</accessTokenResponseMaps>
</pluginOAuthConfig>
24 changes: 14 additions & 10 deletions samples/components/oauth/redshift.azure.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,23 @@
<?xml version="1.0" encoding="utf-8"?>
<pluginOAuthConfig>
<dbclass>redshift</dbclass>
<!-- For external configs, prefix with "custom_". -->
<!-- For configs embedded in the connector package, don't prefix with "custom_". -->
<oauthConfigId>custom_redshift_azure</oauthConfigId>
<!-- Config label added in 2023.2. Avoid if backwards compatibility is needed. -->
<configLabel>Azure</configLabel>
<clientIdDesktop>$clientID</clientIdDesktop>
<clientSecretDesktop>$clientSecret</clientSecretDesktop>
<redirectUrisDesktop>http://localhost:55556/Callback</redirectUrisDesktop>
<redirectUrisDesktop>http://localhost:55557/Callback</redirectUrisDesktop>
<redirectUrisDesktop>http://localhost:55558/Callback</redirectUrisDesktop>
<redirectUrisDesktop>http://localhost:55559/Callback</redirectUrisDesktop>
<authUri>https://${msUrlBegin}/oauth2/v2.0/authorize</authUri>
<tokenUri>https://${msUrlBegin}/oauth2/v2.0/token</tokenUri>
<!-- For multitenant apps use the common endpoint, for single tenant apps use the directory specific endpoint. -->
<authUri>https://login.microsoftonline.com/${tenant}/oauth2/v2.0/authorize</authUri>
<tokenUri>https://login.microsoftonline.com/${tenant}/oauth2/v2.0/token</tokenUri>
<scopes>openid</scopes>
<scopes>email</scopes>
<scopes>profile</scopes>
jkoskela marked this conversation as resolved.
Show resolved Hide resolved
<scopes>offline_access</scopes>
<scopes></scopes>
<capabilities>
<entry>
<key>OAUTH_CAP_REQUIRES_PROMPT_SELECT_ACCOUNT</key>
Expand All @@ -34,12 +37,17 @@
</entry>
<entry>
<key>OAUTH_CAP_CLIENT_SECRET_IN_URL_QUERY_PARAM</key>
<value>true</value>
jkoskela marked this conversation as resolved.
Show resolved Hide resolved
<value>false</value>
</entry>
<entry>
<key>OAUTH_CAP_SUPPORTS_GET_USERINFO_FROM_ID_TOKEN</key>
<value>true</value>
</entry>
<!-- Depending on the Azure application, dynamic ports may not be allowed. Enable this if not allowed. -->
<entry>
<key>OAUTH_CAP_FIXED_PORT_IN_CALLBACK_URL</key>
<value>false</value>
</entry>
</capabilities>
<accessTokenResponseMaps>
<entry>
Expand All @@ -50,10 +58,6 @@
<key>REFRESHTOKEN</key>
<value>refresh_token</value>
</entry>
<entry>
<key>access-token-issue-time</key>
jkoskela marked this conversation as resolved.
Show resolved Hide resolved
<value>issued_at</value>
</entry>
<entry>
<key>access-token-expires-in</key>
<value>expires_in</value>
Expand All @@ -64,7 +68,7 @@
</entry>
<entry>
<key>username</key>
<value>preferred_username</value>
jkoskela marked this conversation as resolved.
Show resolved Hide resolved
<value>email</value>
</entry>
</accessTokenResponseMaps>
</pluginOAuthConfig>
Expand Down
Loading