Add tests; maybe fix?

Author: sfc-gh-pczajka

src/snowflake/connector/aio/_connection.py

@@ -804,7 +804,11 @@ async def authenticate_with_retry(self, auth_instance) -> None:
                 #  SSO if it has expired
                 await self._reauthenticate()
             else:
-                await self._authenticate(auth_instance)
+                # TODO pczajka: check if this is correct
+                # For OAuth and other auth types, call their reauthenticate method
+                await auth_instance.reauthenticate(conn=self)
+                # The reauthenticate method will call authenticate_with_retry internally,
+                # so we don't need to call _authenticate again here
 
     async def autocommit(self, mode) -> None:
         """Sets autocommit mode to True, or False. Defaults to True."""

src/snowflake/connector/aio/auth/_auth.py

@@ -30,6 +30,7 @@
     ACCEPT_TYPE_APPLICATION_SNOWFLAKE,
     CONTENT_TYPE_APPLICATION_JSON,
     ID_TOKEN_INVALID_LOGIN_REQUEST_GS_CODE,
+    OAUTH_ACCESS_TOKEN_EXPIRED_GS_CODE,
     PYTHON_CONNECTOR_USER_AGENT,
     ReauthenticationRequest,
 )
@@ -282,6 +283,15 @@ async def post_request_wrapper(self, url, headers, body) -> None:
                         sqlstate=SQLSTATE_CONNECTION_WAS_NOT_ESTABLISHED,
                     )
                 )
+            elif errno == OAUTH_ACCESS_TOKEN_EXPIRED_GS_CODE:
+                raise ReauthenticationRequest(
+                    ProgrammingError(
+                        msg=ret["message"],
+                        errno=int(errno),
+                        sqlstate=SQLSTATE_CONNECTION_WAS_NOT_ESTABLISHED,
+                    )
+                )
+
             from . import AuthByKeyPair
 
             if isinstance(auth_instance, AuthByKeyPair):

src/snowflake/connector/aio/auth/_oauth_code.py

@@ -3,12 +3,15 @@
 from __future__ import annotations
 
 import logging
-from typing import Any
+from typing import TYPE_CHECKING, Any
 
 from ...auth.oauth_code import AuthByOauthCode as AuthByOauthCodeSync
 from ...token_cache import TokenCache
 from ._by_plugin import AuthByPlugin as AuthByPluginAsync
 
+if TYPE_CHECKING:
+    from .. import SnowflakeConnection
+
 logger = logging.getLogger(__name__)
 
 
@@ -57,7 +60,47 @@ async def prepare(self, **kwargs: Any) -> None:
         AuthByOauthCodeSync.prepare(self, **kwargs)
 
     async def reauthenticate(self, **kwargs: Any) -> dict[str, bool]:
-        return AuthByOauthCodeSync.reauthenticate(self, **kwargs)
+        """Override to use async connection properly."""
+        # TODO pczajka: check if this is correct
+
+        # Call the sync reset logic but handle the connection retry ourselves
+        self._reset_access_token()
+        if self._pop_cached_refresh_token():
+            logger.debug(
+                "OAuth refresh token is available, try to use it and get a new access token"
+            )
+            self._do_refresh_token(conn=kwargs.get("conn"))
+        # Use async authenticate_with_retry
+        if "conn" in kwargs:
+            await kwargs["conn"].authenticate_with_retry(self)
+        return {"success": True}
 
     async def update_body(self, body: dict[Any, Any]) -> None:
         AuthByOauthCodeSync.update_body(self, body)
+
+    def _handle_failure(
+        self,
+        *,
+        conn: SnowflakeConnection,
+        ret: dict[Any, Any],
+        **kwargs: Any,
+    ) -> None:
+        """Override to ensure proper error handling in async context."""
+        # Use sync error handling directly to avoid async/sync mismatch
+        from ...errors import DatabaseError, Error
+        from ...sqlstate import SQLSTATE_CONNECTION_WAS_NOT_ESTABLISHED
+
+        Error.errorhandler_wrapper(
+            conn,
+            None,
+            DatabaseError,
+            {
+                "msg": "Failed to connect to DB: {host}:{port}, {message}".format(
+                    host=conn._rest._host,
+                    port=conn._rest._port,
+                    message=ret["message"],
+                ),
+                "errno": int(ret.get("code", -1)),
+                "sqlstate": SQLSTATE_CONNECTION_WAS_NOT_ESTABLISHED,
+            },
+        )

src/snowflake/connector/aio/auth/_oauth_credentials.py

@@ -3,14 +3,17 @@
 from __future__ import annotations
 
 import logging
-from typing import Any
+from typing import TYPE_CHECKING, Any
 
 from ...auth.oauth_credentials import (
     AuthByOauthCredentials as AuthByOauthCredentialsSync,
 )
 from ...token_cache import TokenCache
 from ._by_plugin import AuthByPlugin as AuthByPluginAsync
 
+if TYPE_CHECKING:
+    from .. import SnowflakeConnection
+
 logger = logging.getLogger(__name__)
 
 
@@ -51,7 +54,47 @@ async def prepare(self, **kwargs: Any) -> None:
         AuthByOauthCredentialsSync.prepare(self, **kwargs)
 
     async def reauthenticate(self, **kwargs: Any) -> dict[str, bool]:
-        return AuthByOauthCredentialsSync.reauthenticate(self, **kwargs)
+        """Override to use async connection properly."""
+        # TODO pczajka: check if this is correct
+
+        # Call the sync reset logic but handle the connection retry ourselves
+        self._reset_access_token()
+        if self._pop_cached_refresh_token():
+            logger.debug(
+                "OAuth refresh token is available, try to use it and get a new access token"
+            )
+            self._do_refresh_token(conn=kwargs.get("conn"))
+        # Use async authenticate_with_retry
+        if "conn" in kwargs:
+            await kwargs["conn"].authenticate_with_retry(self)
+        return {"success": True}
 
     async def update_body(self, body: dict[Any, Any]) -> None:
         AuthByOauthCredentialsSync.update_body(self, body)
+
+    def _handle_failure(
+        self,
+        *,
+        conn: SnowflakeConnection,
+        ret: dict[Any, Any],
+        **kwargs: Any,
+    ) -> None:
+        """Override to ensure proper error handling in async context."""
+        # Use sync error handling directly to avoid async/sync mismatch
+        from ...errors import DatabaseError, Error
+        from ...sqlstate import SQLSTATE_CONNECTION_WAS_NOT_ESTABLISHED
+
+        Error.errorhandler_wrapper(
+            conn,
+            None,
+            DatabaseError,
+            {
+                "msg": "Failed to connect to DB: {host}:{port}, {message}".format(
+                    host=conn._rest._host,
+                    port=conn._rest._port,
+                    message=ret["message"],
+                ),
+                "errno": int(ret.get("code", -1)),
+                "sqlstate": SQLSTATE_CONNECTION_WAS_NOT_ESTABLISHED,
+            },
+        )

test/unit/aio/test_auth_oauth_code_async.py

@@ -0,0 +1,49 @@
+#!/usr/bin/env python
+#
+# Copyright (c) 2012-2023 Snowflake Computing Inc. All rights reserved.
+#
+
+from __future__ import annotations
+
+import os
+
+from snowflake.connector.aio.auth import AuthByOauthCode
+
+
+async def test_auth_oauth_code():
+    """Simple OAuth Code test."""
+    # Set experimental auth flag for the test
+    os.environ["SF_ENABLE_EXPERIMENTAL_AUTHENTICATION"] = "true"
+
+    auth = AuthByOauthCode(
+        application="test_app",
+        client_id="test_client_id",
+        client_secret="test_client_secret",
+        authentication_url="https://example.com/auth",
+        token_request_url="https://example.com/token",
+        redirect_uri="http://localhost:8080/callback",
+        scope="session:role:test_role",
+        pkce_enabled=True,
+        refresh_token_enabled=False,
+    )
+
+    body = {"data": {}}
+    await auth.update_body(body)
+
+    # Check that OAuth authenticator is set
+    assert body["data"]["AUTHENTICATOR"] == "OAUTH", body
+    # OAuth type should be set to authorization_code
+    assert body["data"]["OAUTH_TYPE"] == "authorization_code", body
+
+    # Clean up environment variable
+    del os.environ["SF_ENABLE_EXPERIMENTAL_AUTHENTICATION"]
+
+
+def test_mro():
+    """Ensure that methods from AuthByPluginAsync override those from AuthByPlugin."""
+    from snowflake.connector.aio.auth import AuthByPlugin as AuthByPluginAsync
+    from snowflake.connector.auth import AuthByPlugin as AuthByPluginSync
+
+    assert AuthByOauthCode.mro().index(AuthByPluginAsync) < AuthByOauthCode.mro().index(
+        AuthByPluginSync
+    )

test/unit/aio/test_auth_oauth_credentials_async.py

@@ -0,0 +1,46 @@
+#!/usr/bin/env python
+#
+# Copyright (c) 2012-2023 Snowflake Computing Inc. All rights reserved.
+#
+
+from __future__ import annotations
+
+import os
+
+from snowflake.connector.aio.auth import AuthByOauthCredentials
+
+
+async def test_auth_oauth_credentials():
+    """Simple OAuth Credentials test."""
+    # Set experimental auth flag for the test
+    os.environ["SF_ENABLE_EXPERIMENTAL_AUTHENTICATION"] = "true"
+
+    auth = AuthByOauthCredentials(
+        application="test_app",
+        client_id="test_client_id",
+        client_secret="test_client_secret",
+        token_request_url="https://example.com/token",
+        scope="session:role:test_role",
+        refresh_token_enabled=False,
+    )
+
+    body = {"data": {}}
+    await auth.update_body(body)
+
+    # Check that OAuth authenticator is set
+    assert body["data"]["AUTHENTICATOR"] == "OAUTH", body
+    # OAuth type should be set to client_credentials
+    assert body["data"]["OAUTH_TYPE"] == "client_credentials", body
+
+    # Clean up environment variable
+    del os.environ["SF_ENABLE_EXPERIMENTAL_AUTHENTICATION"]
+
+
+def test_mro():
+    """Ensure that methods from AuthByPluginAsync override those from AuthByPlugin."""
+    from snowflake.connector.aio.auth import AuthByPlugin as AuthByPluginAsync
+    from snowflake.connector.auth import AuthByPlugin as AuthByPluginSync
+
+    assert AuthByOauthCredentials.mro().index(
+        AuthByPluginAsync
+    ) < AuthByOauthCredentials.mro().index(AuthByPluginSync)