Allow authentication over HTTP

README.md

@@ -365,6 +365,7 @@ It follows the interface for `KerberosAuthentication`, but is using
     )
     ```
 
+
 ## User impersonation
 
 In the case where user who submits the query is not the same as user who authenticates to Trino server (e.g in Superset),

tests/unit/sqlalchemy/test_dialect.py

@@ -58,7 +58,6 @@ def setup_method(self):
                     catalog="system",
                     user="user",
                     auth=BasicAuthentication("user", "pass"),
-                    http_scheme="https",
                     source="trino-rulez"
                 ),
             ),
@@ -80,7 +79,6 @@ def setup_method(self):
                     catalog="system",
                     user="user",
                     auth=CertificateAuthentication("/my/path/to/cert", "afdlsdfk%4#'"),
-                    http_scheme="https",
                     source="trino-sqlalchemy"
                 ),
             ),
@@ -100,7 +98,6 @@ def setup_method(self):
                     catalog="system",
                     user="user",
                     auth=JWTAuthentication("afdlsdfk%4#'"),
-                    http_scheme="https",
                     source="trino-sqlalchemy"
                 ),
             ),
@@ -168,7 +165,6 @@ def setup_method(self):
                     catalog="system",
                     user="[email protected]/my_role",
                     auth=BasicAuthentication("[email protected]/my_role", "pass /*&"),
-                    http_scheme="https",
                     source="trino-sqlalchemy",
                     session_properties={"query_max_run_time": "1d"},
                     http_headers={"trino": 1},
@@ -270,7 +266,6 @@ def test_trino_connection_basic_auth():
     url = make_url(f'trino://{username}:{password}@host')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], BasicAuthentication)
     assert cparams['auth']._username == username
     assert cparams['auth']._password == password
@@ -282,7 +277,6 @@ def test_trino_connection_jwt_auth():
     url = make_url(f'trino://host/?access_token={access_token}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], JWTAuthentication)
     assert cparams['auth'].token == access_token
 
@@ -294,7 +288,6 @@ def test_trino_connection_certificate_auth():
     url = make_url(f'trino://host/?cert={cert}&key={key}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], CertificateAuthentication)
     assert cparams['auth']._cert == cert
     assert cparams['auth']._key == key
@@ -307,13 +300,11 @@ def test_trino_connection_certificate_auth_cert_and_key_required():
     url = make_url(f'trino://host/?cert={cert}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert 'http_scheme' not in cparams
     assert 'auth' not in cparams
 
     url = make_url(f'trino://host/?key={key}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert 'http_scheme' not in cparams
     assert 'auth' not in cparams
 
 
@@ -322,5 +313,4 @@ def test_trino_connection_oauth2_auth():
     url = make_url('trino://host/?externalAuthentication=true')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], OAuth2Authentication)

trino/client.py

@@ -489,8 +489,6 @@ def __init__(
         self._exceptions = self.HTTP_EXCEPTIONS
         self._auth = auth
         if self._auth:
-            if self._http_scheme == constants.HTTP:
-                raise ValueError("cannot use authentication with HTTP")
             self._auth.set_http_session(self._http_session)
             self._exceptions += self._auth.get_exceptions()
 

trino/sqlalchemy/dialect.py

@@ -133,19 +133,15 @@ def create_connect_args(self, url: URL) -> Tuple[Sequence[Any], Mapping[str, Any
         if url.password:
             if not url.username:
                 raise ValueError("Username is required when specify password in connection URL")
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = BasicAuthentication(unquote_plus(url.username), unquote_plus(url.password))
 
         if "access_token" in url.query:
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = JWTAuthentication(unquote_plus(url.query["access_token"]))
 
         if "cert" in url.query and "key" in url.query:
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = CertificateAuthentication(unquote_plus(url.query['cert']), unquote_plus(url.query['key']))
 
         if "externalAuthentication" in url.query:
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = OAuth2Authentication()
 
         if "source" in url.query: