diff --git a/poetry.lock b/poetry.lock index 1bc396c9d..b68d1a3fb 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.1.3 and should not be changed by hand. [[package]] name = "astroid" @@ -6,6 +6,7 @@ version = "3.2.4" description = "An abstract syntax tree for Python with inference support." optional = false python-versions = ">=3.8.0" +groups = ["dev"] files = [ {file = "astroid-3.2.4-py3-none-any.whl", hash = "sha256:413658a61eeca6202a59231abb473f932038fbcbf1666587f66d482083413a25"}, {file = "astroid-3.2.4.tar.gz", hash = "sha256:0e14202810b30da1b735827f78f5157be2bbd4a7a59b7707ca0bfc2fb4c0063a"}, @@ -20,6 +21,7 @@ version = "22.12.0" description = "The uncompromising code formatter." optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "black-22.12.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9eedd20838bd5d75b80c9f5487dbcb06836a43833a37846cf1d8c1cc01cef59d"}, {file = "black-22.12.0-cp310-cp310-win_amd64.whl", hash = "sha256:159a46a4947f73387b4d83e87ea006dbb2337eab6c879620a3ba52699b1f4351"}, @@ -55,6 +57,7 @@ version = "2025.1.31" description = "Python package for providing Mozilla's CA Bundle." optional = false python-versions = ">=3.6" +groups = ["main"] files = [ {file = "certifi-2025.1.31-py3-none-any.whl", hash = "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"}, {file = "certifi-2025.1.31.tar.gz", hash = "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651"}, @@ -66,6 +69,7 @@ version = "3.4.1" description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." optional = false python-versions = ">=3.7" +groups = ["main"] files = [ {file = "charset_normalizer-3.4.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de"}, {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176"}, @@ -167,6 +171,7 @@ version = "8.1.8" description = "Composable command line interface toolkit" optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "click-8.1.8-py3-none-any.whl", hash = "sha256:63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2"}, {file = "click-8.1.8.tar.gz", hash = "sha256:ed53c9d8990d83c2a27deae68e4ee337473f6330c040a31d4225c9574d16096a"}, @@ -181,6 +186,8 @@ version = "0.4.6" description = "Cross-platform colored terminal text." optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" +groups = ["dev"] +markers = "sys_platform == \"win32\" or platform_system == \"Windows\"" files = [ {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, @@ -192,6 +199,7 @@ version = "0.3.9" description = "serialize all of Python" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "dill-0.3.9-py3-none-any.whl", hash = "sha256:468dff3b89520b474c0397703366b7b95eebe6303f108adf9b19da1f702be87a"}, {file = "dill-0.3.9.tar.gz", hash = "sha256:81aa267dddf68cbfe8029c42ca9ec6a4ab3b22371d1c450abc54422577b4512c"}, @@ -207,6 +215,7 @@ version = "2.0.0" description = "An implementation of lxml.xmlfile for the standard library" optional = false python-versions = ">=3.8" +groups = ["main"] files = [ {file = "et_xmlfile-2.0.0-py3-none-any.whl", hash = "sha256:7a91720bc756843502c3b7504c77b8fe44217c85c537d85037f0f536151b2caa"}, {file = "et_xmlfile-2.0.0.tar.gz", hash = "sha256:dab3f4764309081ce75662649be815c4c9081e88f0837825f90fd28317d4da54"}, @@ -218,6 +227,8 @@ version = "1.2.2" description = "Backport of PEP 654 (exception groups)" optional = false python-versions = ">=3.7" +groups = ["dev"] +markers = "python_version <= \"3.10\"" files = [ {file = "exceptiongroup-1.2.2-py3-none-any.whl", hash = "sha256:3111b9d131c238bec2f8f516e123e14ba243563fb135d3fe885990585aa7795b"}, {file = "exceptiongroup-1.2.2.tar.gz", hash = "sha256:47c2edf7c6738fafb49fd34290706d1a1a2f4d1c6df275526b62cbb4aa5393cc"}, @@ -232,6 +243,7 @@ version = "3.10" description = "Internationalized Domain Names in Applications (IDNA)" optional = false python-versions = ">=3.6" +groups = ["main"] files = [ {file = "idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"}, {file = "idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9"}, @@ -246,6 +258,7 @@ version = "2.1.0" description = "brain-dead simple config-ini parsing" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "iniconfig-2.1.0-py3-none-any.whl", hash = "sha256:9deba5723312380e77435581c6bf4935c94cbfab9b1ed33ef8d238ea168eb760"}, {file = "iniconfig-2.1.0.tar.gz", hash = "sha256:3abbd2e30b36733fee78f9c7f7308f2d0050e88f0087fd25c2645f63c773e1c7"}, @@ -257,6 +270,7 @@ version = "5.13.2" description = "A Python utility / library to sort Python imports." optional = false python-versions = ">=3.8.0" +groups = ["dev"] files = [ {file = "isort-5.13.2-py3-none-any.whl", hash = "sha256:8ca5e72a8d85860d5a3fa69b8745237f2939afe12dbf656afbcb47fe72d947a6"}, {file = "isort-5.13.2.tar.gz", hash = "sha256:48fdfcb9face5d58a4f6dde2e72a1fb8dcaf8ab26f95ab49fab84c2ddefb0109"}, @@ -271,6 +285,7 @@ version = "4.3.3" description = "LZ4 Bindings for Python" optional = false python-versions = ">=3.8" +groups = ["main"] files = [ {file = "lz4-4.3.3-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:b891880c187e96339474af2a3b2bfb11a8e4732ff5034be919aa9029484cd201"}, {file = "lz4-4.3.3-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:222a7e35137d7539c9c33bb53fcbb26510c5748779364014235afc62b0ec797f"}, @@ -321,6 +336,7 @@ version = "0.7.0" description = "McCabe checker, plugin for flake8" optional = false python-versions = ">=3.6" +groups = ["dev"] files = [ {file = "mccabe-0.7.0-py2.py3-none-any.whl", hash = "sha256:6c2d30ab6be0e4a46919781807b4f0d834ebdd6c6e3dca0bda5a15f863427b6e"}, {file = "mccabe-0.7.0.tar.gz", hash = "sha256:348e0240c33b60bbdf4e523192ef919f28cb2c3d7d5c7794f74009290f236325"}, @@ -332,6 +348,7 @@ version = "1.14.1" description = "Optional static typing for Python" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "mypy-1.14.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:52686e37cf13d559f668aa398dd7ddf1f92c5d613e4f8cb262be2fb4fedb0fcb"}, {file = "mypy-1.14.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:1fb545ca340537d4b45d3eecdb3def05e913299ca72c290326be19b3804b39c0"}, @@ -391,6 +408,7 @@ version = "1.0.0" description = "Type system extensions for programs checked with the mypy type checker." optional = false python-versions = ">=3.5" +groups = ["dev"] files = [ {file = "mypy_extensions-1.0.0-py3-none-any.whl", hash = "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d"}, {file = "mypy_extensions-1.0.0.tar.gz", hash = "sha256:75dbf8955dc00442a438fc4d0666508a9a97b6bd41aa2f0ffe9d2f2725af0782"}, @@ -402,6 +420,8 @@ version = "1.24.4" description = "Fundamental package for array computing in Python" optional = false python-versions = ">=3.8" +groups = ["main", "dev"] +markers = "python_version < \"3.10\"" files = [ {file = "numpy-1.24.4-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:c0bfb52d2169d58c1cdb8cc1f16989101639b34c7d3ce60ed70b19c63eba0b64"}, {file = "numpy-1.24.4-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:ed094d4f0c177b1b8e7aa9cba7d6ceed51c0e569a5318ac0ca9a090680a6a1b1"}, @@ -439,6 +459,8 @@ version = "2.2.4" description = "Fundamental package for array computing in Python" optional = false python-versions = ">=3.10" +groups = ["main", "dev"] +markers = "python_version >= \"3.10\"" files = [ {file = "numpy-2.2.4-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:8146f3550d627252269ac42ae660281d673eb6f8b32f113538e0cc2a9aed42b9"}, {file = "numpy-2.2.4-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:e642d86b8f956098b564a45e6f6ce68a22c2c97a04f5acd3f221f57b8cb850ae"}, @@ -503,6 +525,7 @@ version = "3.2.2" description = "A generic, spec-compliant, thorough implementation of the OAuth request-signing logic" optional = false python-versions = ">=3.6" +groups = ["main"] files = [ {file = "oauthlib-3.2.2-py3-none-any.whl", hash = "sha256:8139f29aac13e25d502680e9e19963e83f16838d48a0d71c287fe40e7067fbca"}, {file = "oauthlib-3.2.2.tar.gz", hash = "sha256:9859c40929662bec5d64f34d01c99e093149682a3f38915dc0655d5a633dd918"}, @@ -519,6 +542,7 @@ version = "3.1.5" description = "A Python library to read/write Excel 2010 xlsx/xlsm files" optional = false python-versions = ">=3.8" +groups = ["main"] files = [ {file = "openpyxl-3.1.5-py2.py3-none-any.whl", hash = "sha256:5282c12b107bffeef825f4617dc029afaf41d0ea60823bbb665ef3079dc79de2"}, {file = "openpyxl-3.1.5.tar.gz", hash = "sha256:cf0e3cf56142039133628b5acffe8ef0c12bc902d2aadd3e0fe5878dc08d1050"}, @@ -533,6 +557,7 @@ version = "24.2" description = "Core utilities for Python packages" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "packaging-24.2-py3-none-any.whl", hash = "sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759"}, {file = "packaging-24.2.tar.gz", hash = "sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f"}, @@ -544,6 +569,8 @@ version = "2.0.3" description = "Powerful data structures for data analysis, time series, and statistics" optional = false python-versions = ">=3.8" +groups = ["main"] +markers = "python_version < \"3.10\"" files = [ {file = "pandas-2.0.3-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e4c7c9f27a4185304c7caf96dc7d91bc60bc162221152de697c98eb0b2648dd8"}, {file = "pandas-2.0.3-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:f167beed68918d62bffb6ec64f2e1d8a7d297a038f86d4aed056b9493fca407f"}, @@ -573,11 +600,7 @@ files = [ ] [package.dependencies] -numpy = [ - {version = ">=1.20.3", markers = "python_version < \"3.10\""}, - {version = ">=1.21.0", markers = "python_version >= \"3.10\" and python_version < \"3.11\""}, - {version = ">=1.23.2", markers = "python_version >= \"3.11\""}, -] +numpy = {version = ">=1.20.3", markers = "python_version < \"3.10\""} python-dateutil = ">=2.8.2" pytz = ">=2020.1" tzdata = ">=2022.1" @@ -611,6 +634,8 @@ version = "2.2.3" description = "Powerful data structures for data analysis, time series, and statistics" optional = false python-versions = ">=3.9" +groups = ["main"] +markers = "python_version >= \"3.10\"" files = [ {file = "pandas-2.2.3-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:1948ddde24197a0f7add2bdc4ca83bf2b1ef84a1bc8ccffd95eda17fd836ecb5"}, {file = "pandas-2.2.3-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:381175499d3802cde0eabbaf6324cce0c4f5d52ca6f8c377c29ad442f50f6348"}, @@ -657,7 +682,11 @@ files = [ ] [package.dependencies] -numpy = {version = ">=1.26.0", markers = "python_version >= \"3.12\""} +numpy = [ + {version = ">=1.22.4", markers = "python_version < \"3.11\""}, + {version = ">=1.26.0", markers = "python_version >= \"3.12\""}, + {version = ">=1.23.2", markers = "python_version == \"3.11\""}, +] python-dateutil = ">=2.8.2" pytz = ">=2020.1" tzdata = ">=2022.7" @@ -693,6 +722,7 @@ version = "0.12.1" description = "Utility library for gitignore style pattern matching of file paths." optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08"}, {file = "pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712"}, @@ -704,6 +734,7 @@ version = "4.3.6" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a `user data dir`." optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "platformdirs-4.3.6-py3-none-any.whl", hash = "sha256:73e575e1408ab8103900836b97580d5307456908a03e92031bab39e4554cc3fb"}, {file = "platformdirs-4.3.6.tar.gz", hash = "sha256:357fb2acbc885b0419afd3ce3ed34564c13c9b95c89360cd9563f73aa5e2b907"}, @@ -720,6 +751,7 @@ version = "1.5.0" description = "plugin and hook calling mechanisms for python" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "pluggy-1.5.0-py3-none-any.whl", hash = "sha256:44e1ad92c8ca002de6377e165f3e0f1be63266ab4d554740532335b9d75ea669"}, {file = "pluggy-1.5.0.tar.gz", hash = "sha256:2cffa88e94fdc978c4c574f15f9e59b7f4201d439195c3715ca9e2486f1d0cf1"}, @@ -735,6 +767,8 @@ version = "17.0.0" description = "Python library for Apache Arrow" optional = true python-versions = ">=3.8" +groups = ["main"] +markers = "python_version < \"3.10\" and extra == \"pyarrow\"" files = [ {file = "pyarrow-17.0.0-cp310-cp310-macosx_10_15_x86_64.whl", hash = "sha256:a5c8b238d47e48812ee577ee20c9a2779e6a5904f1708ae240f53ecbee7c9f07"}, {file = "pyarrow-17.0.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:db023dc4c6cae1015de9e198d41250688383c3f9af8f565370ab2b4cb5f62655"}, @@ -786,6 +820,8 @@ version = "19.0.1" description = "Python library for Apache Arrow" optional = true python-versions = ">=3.9" +groups = ["main"] +markers = "python_version >= \"3.10\" and extra == \"pyarrow\"" files = [ {file = "pyarrow-19.0.1-cp310-cp310-macosx_12_0_arm64.whl", hash = "sha256:fc28912a2dc924dddc2087679cc8b7263accc71b9ff025a1362b004711661a69"}, {file = "pyarrow-19.0.1-cp310-cp310-macosx_12_0_x86_64.whl", hash = "sha256:fca15aabbe9b8355800d923cc2e82c8ef514af321e18b437c3d782aa884eaeec"}, @@ -834,12 +870,51 @@ files = [ [package.extras] test = ["cffi", "hypothesis", "pandas", "pytest", "pytz"] +[[package]] +name = "pyjwt" +version = "2.9.0" +description = "JSON Web Token implementation in Python" +optional = false +python-versions = ">=3.8" +groups = ["main"] +markers = "python_version < \"3.10\"" +files = [ + {file = "PyJWT-2.9.0-py3-none-any.whl", hash = "sha256:3b02fb0f44517787776cf48f2ae25d8e14f300e6d7545a4315cee571a415e850"}, + {file = "pyjwt-2.9.0.tar.gz", hash = "sha256:7e1e5b56cc735432a7369cbfa0efe50fa113ebecdc04ae6922deba8b84582d0c"}, +] + +[package.extras] +crypto = ["cryptography (>=3.4.0)"] +dev = ["coverage[toml] (==5.0.4)", "cryptography (>=3.4.0)", "pre-commit", "pytest (>=6.0.0,<7.0.0)", "sphinx", "sphinx-rtd-theme", "zope.interface"] +docs = ["sphinx", "sphinx-rtd-theme", "zope.interface"] +tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"] + +[[package]] +name = "pyjwt" +version = "2.10.1" +description = "JSON Web Token implementation in Python" +optional = false +python-versions = ">=3.9" +groups = ["main"] +markers = "python_version >= \"3.10\"" +files = [ + {file = "PyJWT-2.10.1-py3-none-any.whl", hash = "sha256:dcdd193e30abefd5debf142f9adfcdd2b58004e644f25406ffaebd50bd98dacb"}, + {file = "pyjwt-2.10.1.tar.gz", hash = "sha256:3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9381953"}, +] + +[package.extras] +crypto = ["cryptography (>=3.4.0)"] +dev = ["coverage[toml] (==5.0.4)", "cryptography (>=3.4.0)", "pre-commit", "pytest (>=6.0.0,<7.0.0)", "sphinx", "sphinx-rtd-theme", "zope.interface"] +docs = ["sphinx", "sphinx-rtd-theme", "zope.interface"] +tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"] + [[package]] name = "pylint" version = "3.2.7" description = "python code static checker" optional = false python-versions = ">=3.8.0" +groups = ["dev"] files = [ {file = "pylint-3.2.7-py3-none-any.whl", hash = "sha256:02f4aedeac91be69fb3b4bea997ce580a4ac68ce58b89eaefeaf06749df73f4b"}, {file = "pylint-3.2.7.tar.gz", hash = "sha256:1b7a721b575eaeaa7d39db076b6e7743c993ea44f57979127c517c6c572c803e"}, @@ -851,7 +926,7 @@ colorama = {version = ">=0.4.5", markers = "sys_platform == \"win32\""} dill = [ {version = ">=0.2", markers = "python_version < \"3.11\""}, {version = ">=0.3.7", markers = "python_version >= \"3.12\""}, - {version = ">=0.3.6", markers = "python_version >= \"3.11\" and python_version < \"3.12\""}, + {version = ">=0.3.6", markers = "python_version == \"3.11\""}, ] isort = ">=4.2.5,<5.13.0 || >5.13.0,<6" mccabe = ">=0.6,<0.8" @@ -870,6 +945,7 @@ version = "7.4.4" description = "pytest: simple powerful testing with Python" optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "pytest-7.4.4-py3-none-any.whl", hash = "sha256:b090cdf5ed60bf4c45261be03239c2c1c22df034fbffe691abe93cd80cea01d8"}, {file = "pytest-7.4.4.tar.gz", hash = "sha256:2cf0005922c6ace4a3e2ec8b4080eb0d9753fdc93107415332f50ce9e7994280"}, @@ -892,6 +968,7 @@ version = "0.5.2" description = "A py.test plugin that parses environment files before running tests" optional = false python-versions = "*" +groups = ["dev"] files = [ {file = "pytest-dotenv-0.5.2.tar.gz", hash = "sha256:2dc6c3ac6d8764c71c6d2804e902d0ff810fa19692e95fe138aefc9b1aa73732"}, {file = "pytest_dotenv-0.5.2-py3-none-any.whl", hash = "sha256:40a2cece120a213898afaa5407673f6bd924b1fa7eafce6bda0e8abffe2f710f"}, @@ -907,6 +984,7 @@ version = "2.9.0.post0" description = "Extensions to the standard Python datetime module" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" +groups = ["main"] files = [ {file = "python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3"}, {file = "python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427"}, @@ -921,6 +999,7 @@ version = "1.0.1" description = "Read key-value pairs from a .env file and set them as environment variables" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "python-dotenv-1.0.1.tar.gz", hash = "sha256:e324ee90a023d808f1959c46bcbc04446a10ced277783dc6ee09987c37ec10ca"}, {file = "python_dotenv-1.0.1-py3-none-any.whl", hash = "sha256:f7b63ef50f1b690dddf550d03497b66d609393b40b564ed0d674909a68ebf16a"}, @@ -935,6 +1014,7 @@ version = "2025.2" description = "World timezone definitions, modern and historical" optional = false python-versions = "*" +groups = ["main"] files = [ {file = "pytz-2025.2-py2.py3-none-any.whl", hash = "sha256:5ddf76296dd8c44c26eb8f4b6f35488f3ccbf6fbbd7adee0b7262d43f0ec2f00"}, {file = "pytz-2025.2.tar.gz", hash = "sha256:360b9e3dbb49a209c21ad61809c7fb453643e048b38924c765813546746e81c3"}, @@ -946,6 +1026,7 @@ version = "2.32.3" description = "Python HTTP for Humans." optional = false python-versions = ">=3.8" +groups = ["main"] files = [ {file = "requests-2.32.3-py3-none-any.whl", hash = "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6"}, {file = "requests-2.32.3.tar.gz", hash = "sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760"}, @@ -967,6 +1048,7 @@ version = "1.17.0" description = "Python 2 and 3 compatibility utilities" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" +groups = ["main"] files = [ {file = "six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274"}, {file = "six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"}, @@ -978,6 +1060,7 @@ version = "0.20.0" description = "Python bindings for the Apache Thrift RPC system" optional = false python-versions = "*" +groups = ["main"] files = [ {file = "thrift-0.20.0.tar.gz", hash = "sha256:4dd662eadf6b8aebe8a41729527bd69adf6ceaa2a8681cbef64d1273b3e8feba"}, ] @@ -996,6 +1079,8 @@ version = "2.2.1" description = "A lil' TOML parser" optional = false python-versions = ">=3.8" +groups = ["dev"] +markers = "python_version <= \"3.10\"" files = [ {file = "tomli-2.2.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:678e4fa69e4575eb77d103de3df8a895e1591b48e740211bd1067378c69e8249"}, {file = "tomli-2.2.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:023aa114dd824ade0100497eb2318602af309e5a55595f76b626d6d9f3b7b0a6"}, @@ -1037,6 +1122,7 @@ version = "0.13.2" description = "Style preserving TOML library" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "tomlkit-0.13.2-py3-none-any.whl", hash = "sha256:7a974427f6e119197f670fbbbeae7bef749a6c14e793db934baefc1b5f03efde"}, {file = "tomlkit-0.13.2.tar.gz", hash = "sha256:fff5fe59a87295b278abd31bec92c15d9bc4a06885ab12bcea52c71119392e79"}, @@ -1048,6 +1134,7 @@ version = "4.13.0" description = "Backported and Experimental Type Hints for Python 3.8+" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "typing_extensions-4.13.0-py3-none-any.whl", hash = "sha256:c8dd92cc0d6425a97c18fbb9d1954e5ff92c1ca881a309c45f06ebc0b79058e5"}, {file = "typing_extensions-4.13.0.tar.gz", hash = "sha256:0a4ac55a5820789d87e297727d229866c9650f6521b64206413c4fbada24d95b"}, @@ -1059,6 +1146,7 @@ version = "2025.2" description = "Provider of IANA time zone data" optional = false python-versions = ">=2" +groups = ["main"] files = [ {file = "tzdata-2025.2-py2.py3-none-any.whl", hash = "sha256:1a403fada01ff9221ca8044d701868fa132215d84beb92242d9acd2147f667a8"}, {file = "tzdata-2025.2.tar.gz", hash = "sha256:b60a638fcc0daffadf82fe0f57e53d06bdec2f36c4df66280ae79bce6bd6f2b9"}, @@ -1070,13 +1158,14 @@ version = "2.2.3" description = "HTTP library with thread-safe connection pooling, file post, and more." optional = false python-versions = ">=3.8" +groups = ["main"] files = [ {file = "urllib3-2.2.3-py3-none-any.whl", hash = "sha256:ca899ca043dcb1bafa3e262d73aa25c465bfb49e0bd9dd5d59f1d0acba2f8fac"}, {file = "urllib3-2.2.3.tar.gz", hash = "sha256:e7d814a81dad81e6caf2ec9fdedb284ecc9c73076b62654547cc64ccdcae26e9"}, ] [package.extras] -brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)"] +brotli = ["brotli (>=1.0.9) ; platform_python_implementation == \"CPython\"", "brotlicffi (>=0.8.0) ; platform_python_implementation != \"CPython\""] h2 = ["h2 (>=4,<5)"] socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] zstd = ["zstandard (>=0.18.0)"] @@ -1085,6 +1174,6 @@ zstd = ["zstandard (>=0.18.0)"] pyarrow = ["pyarrow", "pyarrow"] [metadata] -lock-version = "2.0" +lock-version = "2.1" python-versions = "^3.8.0" -content-hash = "0bd6a6a019693a69a3da5ae312cea625ea73dfc5832b1e4051c7c7d1e76553d8" +content-hash = "0305d9a30397e4baa3d02d0a920989a901ba08749b93bd1c433886f151ed2cdc" diff --git a/pyproject.toml b/pyproject.toml index 54fd263a1..9b862d7ac 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -20,16 +20,18 @@ requests = "^2.18.1" oauthlib = "^3.1.0" openpyxl = "^3.0.10" urllib3 = ">=1.26" +python-dateutil = "^2.8.0" pyarrow = [ { version = ">=14.0.1", python = ">=3.8,<3.13", optional=true }, { version = ">=18.0.0", python = ">=3.13", optional=true } ] -python-dateutil = "^2.8.0" +pyjwt = "^2.0.0" + [tool.poetry.extras] pyarrow = ["pyarrow"] -[tool.poetry.dev-dependencies] +[tool.poetry.group.dev.dependencies] pytest = "^7.1.2" mypy = "^1.10.1" pylint = ">=2.12.0" diff --git a/src/databricks/sql/auth/auth.py b/src/databricks/sql/auth/auth.py index 347934ee4..04c93e020 100755 --- a/src/databricks/sql/auth/auth.py +++ b/src/databricks/sql/auth/auth.py @@ -1,4 +1,3 @@ -from enum import Enum from typing import Optional, List from databricks.sql.auth.authenticators import ( @@ -6,14 +5,9 @@ AccessTokenAuthProvider, ExternalAuthProvider, DatabricksOAuthProvider, + AzureServicePrincipalCredentialProvider, ) - - -class AuthType(Enum): - DATABRICKS_OAUTH = "databricks-oauth" - AZURE_OAUTH = "azure-oauth" - # other supported types (access_token) can be inferred - # we can add more types as needed later +from databricks.sql.auth.common import AuthType class ClientContext: @@ -24,6 +18,9 @@ def __init__( auth_type: Optional[str] = None, oauth_scopes: Optional[List[str]] = None, oauth_client_id: Optional[str] = None, + oauth_client_secret: Optional[str] = None, + azure_tenant_id: Optional[str] = None, + azure_workspace_resource_id: Optional[str] = None, oauth_redirect_port_range: Optional[List[int]] = None, use_cert_as_auth: Optional[str] = None, tls_client_cert_file: Optional[str] = None, @@ -35,6 +32,9 @@ def __init__( self.auth_type = auth_type self.oauth_scopes = oauth_scopes self.oauth_client_id = oauth_client_id + self.oauth_client_secret = oauth_client_secret + self.azure_tenant_id = azure_tenant_id + self.azure_workspace_resource_id = azure_workspace_resource_id self.oauth_redirect_port_range = oauth_redirect_port_range self.use_cert_as_auth = use_cert_as_auth self.tls_client_cert_file = tls_client_cert_file @@ -45,7 +45,17 @@ def __init__( def get_auth_provider(cfg: ClientContext): if cfg.credentials_provider: return ExternalAuthProvider(cfg.credentials_provider) - if cfg.auth_type in [AuthType.DATABRICKS_OAUTH.value, AuthType.AZURE_OAUTH.value]: + elif cfg.auth_type == AuthType.AZURE_SP_M2M.value: + return ExternalAuthProvider( + AzureServicePrincipalCredentialProvider( + cfg.hostname, + cfg.oauth_client_id, + cfg.oauth_client_secret, + cfg.azure_tenant_id, + cfg.azure_workspace_resource_id, + ) + ) + elif cfg.auth_type in [AuthType.DATABRICKS_OAUTH.value, AuthType.AZURE_OAUTH.value]: assert cfg.oauth_redirect_port_range is not None assert cfg.oauth_client_id is not None assert cfg.oauth_scopes is not None @@ -103,9 +113,15 @@ def get_client_id_and_redirect_port(use_azure_auth: bool): def get_python_sql_connector_auth_provider(hostname: str, **kwargs): auth_type = kwargs.get("auth_type") - (client_id, redirect_port_range) = get_client_id_and_redirect_port( - auth_type == AuthType.AZURE_OAUTH.value - ) + client_id = kwargs.get("oauth_client_id") + redirect_port_range = kwargs.get("oauth_redirect_port_range") + + if auth_type == AuthType.AZURE_SP_M2M.value: + pass + else: + (client_id, redirect_port_range) = get_client_id_and_redirect_port( + auth_type == AuthType.AZURE_OAUTH.value + ) if kwargs.get("username") or kwargs.get("password"): raise ValueError( "Username/password authentication is no longer supported. " @@ -119,9 +135,12 @@ def get_python_sql_connector_auth_provider(hostname: str, **kwargs): use_cert_as_auth=kwargs.get("_use_cert_as_auth"), tls_client_cert_file=kwargs.get("_tls_client_cert_file"), oauth_scopes=PYSQL_OAUTH_SCOPES, - oauth_client_id=kwargs.get("oauth_client_id") or client_id, + oauth_client_id=client_id, + oauth_client_secret=kwargs.get("oauth_client_secret"), + azure_tenant_id=kwargs.get("azure_tenant_id"), + azure_workspace_resource_id=kwargs.get("azure_workspace_resource_id"), oauth_redirect_port_range=[kwargs["oauth_redirect_port"]] - if kwargs.get("oauth_client_id") and kwargs.get("oauth_redirect_port") + if client_id and kwargs.get("oauth_redirect_port") else redirect_port_range, oauth_persistence=kwargs.get("experimental_oauth_persistence"), credentials_provider=kwargs.get("credentials_provider"), diff --git a/src/databricks/sql/auth/authenticators.py b/src/databricks/sql/auth/authenticators.py index 64eb91bb0..24de54c86 100644 --- a/src/databricks/sql/auth/authenticators.py +++ b/src/databricks/sql/auth/authenticators.py @@ -1,15 +1,21 @@ import abc -import base64 import logging -from typing import Callable, Dict, List - -from databricks.sql.auth.oauth import OAuthManager -from databricks.sql.auth.endpoint import get_oauth_endpoints, infer_cloud_from_host +from typing import Callable, Dict, List, Optional +from databricks.sql.common.http import HttpHeader +from databricks.sql.auth.oauth import ( + OAuthManager, + RefreshableTokenSource, + ClientCredentialsTokenSource, +) +from databricks.sql.auth.endpoint import get_oauth_endpoints +from databricks.sql.auth.common import AuthType, get_effective_azure_login_app_id # Private API: this is an evolving interface and it will change in the future. # Please must not depend on it in your applications. from databricks.sql.experimental.oauth_persistence import OAuthToken, OAuthPersistence +logger = logging.getLogger(__name__) + class AuthProvider: def add_headers(self, request_headers: Dict[str, str]): @@ -146,3 +152,80 @@ def add_headers(self, request_headers: Dict[str, str]): headers = self._header_factory() for k, v in headers.items(): request_headers[k] = v + + +class AzureServicePrincipalCredentialProvider(CredentialsProvider): + """ + A credential provider for Azure Service Principal authentication with Databricks. + + This class implements the CredentialsProvider protocol to authenticate requests + to Databricks REST APIs using Azure Active Directory (AAD) service principal + credentials. It handles OAuth 2.0 client credentials flow to obtain access tokens + from Azure AD and automatically refreshes them when they expire. + + Attributes: + hostname (str): The Databricks workspace hostname. + oauth_client_id (str): The Azure service principal's client ID. + oauth_client_secret (str): The Azure service principal's client secret. + azure_tenant_id (str): The Azure AD tenant ID. + azure_workspace_resource_id (str, optional): The Azure workspace resource ID. + """ + + AZURE_AAD_ENDPOINT = "https://login.microsoftonline.com" + AZURE_TOKEN_ENDPOINT = "oauth2/token" + + AZURE_MANAGED_RESOURCE = "https://management.core.windows.net/" + + DATABRICKS_AZURE_SP_TOKEN_HEADER = "X-Databricks-Azure-SP-Management-Token" + DATABRICKS_AZURE_WORKSPACE_RESOURCE_ID_HEADER = ( + "X-Databricks-Azure-Workspace-Resource-Id" + ) + + def __init__( + self, + hostname, + oauth_client_id, + oauth_client_secret, + azure_tenant_id, + azure_workspace_resource_id=None, + ): + self.hostname = hostname + self.oauth_client_id = oauth_client_id + self.oauth_client_secret = oauth_client_secret + self.azure_tenant_id = azure_tenant_id + self.azure_workspace_resource_id = azure_workspace_resource_id + + def auth_type(self) -> str: + return AuthType.AZURE_SP_M2M.value + + def get_token_source(self, resource: str) -> RefreshableTokenSource: + return ClientCredentialsTokenSource( + token_url=f"{self.AZURE_AAD_ENDPOINT}/{self.azure_tenant_id}/{self.AZURE_TOKEN_ENDPOINT}", + oauth_client_id=self.oauth_client_id, + oauth_client_secret=self.oauth_client_secret, + extra_params={"resource": resource}, + ) + + def __call__(self, *args, **kwargs) -> HeaderFactory: + inner = self.get_token_source( + resource=get_effective_azure_login_app_id(self.hostname) + ) + cloud = self.get_token_source(resource=self.AZURE_MANAGED_RESOURCE) + + def header_factory() -> Dict[str, str]: + inner_token = inner.get_token() + cloud_token = cloud.get_token() + + headers = { + HttpHeader.AUTHORIZATION.value: f"{inner_token.token_type} {inner_token.access_token}", + self.DATABRICKS_AZURE_SP_TOKEN_HEADER: cloud_token.access_token, + } + + if self.azure_workspace_resource_id: + headers[ + self.DATABRICKS_AZURE_WORKSPACE_RESOURCE_ID_HEADER + ] = self.azure_workspace_resource_id + + return headers + + return header_factory diff --git a/src/databricks/sql/auth/common.py b/src/databricks/sql/auth/common.py new file mode 100644 index 000000000..e14968909 --- /dev/null +++ b/src/databricks/sql/auth/common.py @@ -0,0 +1,28 @@ +from enum import Enum +from typing import Optional + + +class AuthType(Enum): + DATABRICKS_OAUTH = "databricks-oauth" + AZURE_OAUTH = "azure-oauth" + AZURE_SP_M2M = "azure-sp-m2m" + + +def get_effective_azure_login_app_id(hostname) -> str: + """ + Get the effective Azure login app ID for a given hostname. + This function determines the appropriate Azure login app ID based on the hostname. + If the hostname does not match any of these domains, it returns the default Databricks resource ID. + + """ + azure_app_ids = { + ".dev.azuredatabricks.net": "62a912ac-b58e-4c1d-89ea-b2dbfc7358fc", + ".staging.azuredatabricks.net": "4a67d088-db5c-48f1-9ff2-0aace800ae68", + } + + for domain, app_id in azure_app_ids.items(): + if domain in hostname: + return app_id + + # default databricks resource id + return "2ff814a6-3304-4ab8-85cb-cd0e6f879c1d" diff --git a/src/databricks/sql/auth/oauth.py b/src/databricks/sql/auth/oauth.py index 806df08fe..cc653a58e 100644 --- a/src/databricks/sql/auth/oauth.py +++ b/src/databricks/sql/auth/oauth.py @@ -6,19 +6,63 @@ import webbrowser from datetime import datetime, timezone from http.server import HTTPServer -from typing import List +from typing import List, Optional import oauthlib.oauth2 import requests from oauthlib.oauth2.rfc6749.errors import OAuth2Error from requests.exceptions import RequestException - +from databricks.sql.common.http import HttpMethod, DatabricksHttpClient, HttpHeader +from databricks.sql.common.http import OAuthResponse from databricks.sql.auth.oauth_http_handler import OAuthHttpSingleRequestHandler from databricks.sql.auth.endpoint import OAuthEndpointCollection +from abc import abstractmethod, ABC +from urllib.parse import urlencode +import jwt +import time logger = logging.getLogger(__name__) +class Token: + """ + A class to represent a token. + + Attributes: + access_token (str): The access token string. + token_type (str): The type of token (e.g., "Bearer"). + refresh_token (str): The refresh token string. + """ + + def __init__(self, access_token: str, token_type: str, refresh_token: str): + self.access_token = access_token + self.token_type = token_type + self.refresh_token = refresh_token + + def is_expired(self): + try: + decoded_token = jwt.decode( + self.access_token, options={"verify_signature": False} + ) + exp_time = decoded_token.get("exp") + current_time = time.time() + buffer_time = 30 # 30 seconds buffer + return exp_time and (exp_time - buffer_time) <= current_time + except Exception as e: + logger.error("Failed to decode token: %s", e) + return e + + +class RefreshableTokenSource(ABC): + @abstractmethod + def get_token(self) -> Token: + pass + + @abstractmethod + def refresh(self) -> Token: + pass + + class IgnoreNetrcAuth(requests.auth.AuthBase): """This auth method is a no-op. @@ -258,3 +302,63 @@ def get_tokens(self, hostname: str, scope=None): client, token_request_url, redirect_url, code, verifier ) return self.__get_tokens_from_response(oauth_response) + + +class ClientCredentialsTokenSource(RefreshableTokenSource): + """ + A token source that uses client credentials to get a token from the token endpoint. + It will refresh the token if it is expired. + + Attributes: + token_url (str): The URL of the token endpoint. + oauth_client_id (str): The client ID. + oauth_client_secret (str): The client secret. + """ + + def __init__( + self, + token_url, + oauth_client_id, + oauth_client_secret, + extra_params: dict = {}, + ): + self.oauth_client_id = oauth_client_id + self.oauth_client_secret = oauth_client_secret + self.token_url = token_url + self.extra_params = extra_params + self.token: Optional[Token] = None + self._http_client = DatabricksHttpClient.get_instance() + + def get_token(self) -> Token: + if self.token is None or self.token.is_expired(): + self.token = self.refresh() + return self.token + + def refresh(self) -> Token: + headers = { + HttpHeader.CONTENT_TYPE.value: "application/x-www-form-urlencoded", + } + data = urlencode( + { + "grant_type": "client_credentials", + "client_id": self.oauth_client_id, + "client_secret": self.oauth_client_secret, + **self.extra_params, + } + ) + + response = self._http_client.execute( + method=HttpMethod.POST, url=self.token_url, headers=headers, data=data + ) + + if response.status_code == 200: + oauth_response = OAuthResponse(**response.json()) + return Token( + oauth_response.access_token, + oauth_response.token_type, + oauth_response.refresh_token, + ) + else: + raise Exception( + f"Failed to get token: {response.status_code} {response.text}" + ) diff --git a/src/databricks/sql/common/http.py b/src/databricks/sql/common/http.py new file mode 100644 index 000000000..5a67dbddd --- /dev/null +++ b/src/databricks/sql/common/http.py @@ -0,0 +1,65 @@ +import requests +from requests.adapters import HTTPAdapter +from urllib3.util.retry import Retry +from enum import Enum +import threading +from dataclasses import dataclass + +# Enums for HTTP Methods +class HttpMethod(str, Enum): + GET = "GET" + POST = "POST" + PUT = "PUT" + DELETE = "DELETE" + + +# HTTP request headers +class HttpHeader(str, Enum): + CONTENT_TYPE = "Content-Type" + AUTHORIZATION = "Authorization" + + +# Dataclass for OAuthHTTP Response +@dataclass +class OAuthResponse: + token_type: str = "" + expires_in: int = 0 + ext_expires_in: int = 0 + expires_on: int = 0 + not_before: int = 0 + resource: str = "" + access_token: str = "" + refresh_token: str = "" + + +# Singleton class for common Http Client +class DatabricksHttpClient: + ## TODO: Unify all the http clients in the PySQL Connector + + _instance = None + _lock = threading.Lock() + + def __init__(self): + self.session = requests.Session() + adapter = HTTPAdapter( + pool_connections=5, + pool_maxsize=10, + max_retries=Retry(total=10, backoff_factor=0.1), + ) + self.session.mount("https://", adapter) + self.session.mount("http://", adapter) + + @classmethod + def get_instance(cls) -> "DatabricksHttpClient": + if cls._instance is None: + with cls._lock: + if cls._instance is None: + cls._instance = DatabricksHttpClient() + return cls._instance + + def execute(self, method: HttpMethod, url: str, **kwargs) -> requests.Response: + with self.session.request(method.value, url, **kwargs) as response: + return response + + def close(self): + self.session.close() diff --git a/tests/unit/test_auth.py b/tests/unit/test_auth.py index d5b06bbf5..e60a7e704 100644 --- a/tests/unit/test_auth.py +++ b/tests/unit/test_auth.py @@ -1,20 +1,25 @@ import unittest import pytest from typing import Optional -from unittest.mock import patch - +from unittest.mock import patch, MagicMock +import jwt from databricks.sql.auth.auth import ( AccessTokenAuthProvider, AuthProvider, ExternalAuthProvider, AuthType, ) +import time +from datetime import datetime, timedelta from databricks.sql.auth.auth import ( get_python_sql_connector_auth_provider, PYSQL_OAUTH_CLIENT_ID, ) -from databricks.sql.auth.oauth import OAuthManager -from databricks.sql.auth.authenticators import DatabricksOAuthProvider +from databricks.sql.auth.oauth import OAuthManager, Token, ClientCredentialsTokenSource +from databricks.sql.auth.authenticators import ( + DatabricksOAuthProvider, + AzureServicePrincipalCredentialProvider, +) from databricks.sql.auth.endpoint import ( CloudType, InHouseOAuthEndpointCollection, @@ -190,3 +195,103 @@ def test_get_python_sql_connector_default_auth(self, mock__initial_get_token): auth_provider = get_python_sql_connector_auth_provider(hostname) self.assertTrue(type(auth_provider).__name__, "DatabricksOAuthProvider") self.assertTrue(auth_provider._client_id, PYSQL_OAUTH_CLIENT_ID) + + +class TestClientCredentialsTokenSource: + @pytest.fixture + def indefinite_token(self): + secret_key = "mysecret" + expires_in_100_years = int(time.time()) + (100 * 365 * 24 * 60 * 60) + + payload = {"sub": "user123", "role": "admin", "exp": expires_in_100_years} + + access_token = jwt.encode(payload, secret_key, algorithm="HS256") + return Token(access_token, "Bearer", "refresh_token") + + @pytest.fixture + def http_response(self): + def status_response(response_status_code): + mock_response = MagicMock() + mock_response.status_code = response_status_code + mock_response.json.return_value = { + "access_token": "abc123", + "token_type": "Bearer", + "refresh_token": None, + } + return mock_response + + return status_response + + @pytest.fixture + def token_source(self): + return ClientCredentialsTokenSource( + token_url="https://token_url.com", + oauth_client_id="client_id", + oauth_client_secret="client_secret", + ) + + def test_no_token_refresh__when_token_is_not_expired( + self, token_source, indefinite_token + ): + with patch.object(token_source, "refresh") as mock_get_token: + mock_get_token.return_value = indefinite_token + + # Mulitple calls for token + token1 = token_source.get_token() + token2 = token_source.get_token() + token3 = token_source.get_token() + + assert token1 == token2 == token3 + assert token1.access_token == indefinite_token.access_token + assert token1.token_type == indefinite_token.token_type + assert token1.refresh_token == indefinite_token.refresh_token + + # should refresh only once as token is not expired + assert mock_get_token.call_count == 1 + + def test_get_token_success(self, token_source, http_response): + with patch.object(token_source._http_client, "execute") as mock_execute: + mock_execute.return_value = http_response(200) + token = token_source.get_token() + + # Assert + assert isinstance(token, Token) + assert token.access_token == "abc123" + assert token.token_type == "Bearer" + assert token.refresh_token is None + + def test_get_token_failure(self, token_source, http_response): + with patch.object(token_source._http_client, "execute") as mock_execute: + mock_execute.return_value = http_response(400) + with pytest.raises(Exception) as e: + token_source.get_token() + assert "Failed to get token: 400" in str(e.value) + + +class TestAzureServicePrincipalCredentialProvider: + @pytest.fixture + def credential_provider(self): + return AzureServicePrincipalCredentialProvider( + hostname="hostname", + oauth_client_id="client_id", + oauth_client_secret="client_secret", + azure_tenant_id="tenant_id", + ) + + def test_provider_credentials(self, credential_provider): + + test_token = Token("access_token", "Bearer", "refresh_token") + + with patch.object( + credential_provider, "get_token_source" + ) as mock_get_token_source: + mock_get_token_source.return_value = MagicMock() + mock_get_token_source.return_value.get_token.return_value = test_token + + headers = credential_provider()() + + assert headers["Authorization"] == f"Bearer {test_token.access_token}" + assert ( + headers["X-Databricks-Azure-SP-Management-Token"] + == test_token.access_token + ) diff --git a/tests/unit/test_thrift_field_ids.py b/tests/unit/test_thrift_field_ids.py index d4cd8168d..a4bba439d 100644 --- a/tests/unit/test_thrift_field_ids.py +++ b/tests/unit/test_thrift_field_ids.py @@ -16,27 +16,29 @@ class TestThriftFieldIds: # Known exceptions that exceed the field ID limit KNOWN_EXCEPTIONS = { - ('TExecuteStatementReq', 'enforceEmbeddedSchemaCorrectness'): 3353, - ('TSessionHandle', 'serverProtocolVersion'): 3329, + ("TExecuteStatementReq", "enforceEmbeddedSchemaCorrectness"): 3353, + ("TSessionHandle", "serverProtocolVersion"): 3329, } def test_all_thrift_field_ids_are_within_allowed_range(self): """ Validates that all field IDs in Thrift-generated classes are within the allowed range. - + This test prevents field ID conflicts and ensures compatibility with different Thrift implementations and protocols. """ violations = [] - + # Get all classes from the ttypes module for name, obj in inspect.getmembers(ttypes): - if (inspect.isclass(obj) and - hasattr(obj, 'thrift_spec') and - obj.thrift_spec is not None): - + if ( + inspect.isclass(obj) + and hasattr(obj, "thrift_spec") + and obj.thrift_spec is not None + ): + self._check_class_field_ids(obj, name, violations) - + if violations: error_message = self._build_error_message(violations) pytest.fail(error_message) @@ -44,44 +46,47 @@ def test_all_thrift_field_ids_are_within_allowed_range(self): def _check_class_field_ids(self, cls, class_name, violations): """ Checks all field IDs in a Thrift class and reports violations. - + Args: cls: The Thrift class to check class_name: Name of the class for error reporting violations: List to append violation messages to """ thrift_spec = cls.thrift_spec - + if not isinstance(thrift_spec, (tuple, list)): return - + for spec_entry in thrift_spec: if spec_entry is None: continue - + # Thrift spec format: (field_id, field_type, field_name, ...) if isinstance(spec_entry, (tuple, list)) and len(spec_entry) >= 3: field_id = spec_entry[0] field_name = spec_entry[2] - + # Skip known exceptions if (class_name, field_name) in self.KNOWN_EXCEPTIONS: continue - + if isinstance(field_id, int) and field_id >= self.MAX_ALLOWED_FIELD_ID: violations.append( "{} field '{}' has field ID {} (exceeds maximum of {})".format( - class_name, field_name, field_id, self.MAX_ALLOWED_FIELD_ID - 1 + class_name, + field_name, + field_id, + self.MAX_ALLOWED_FIELD_ID - 1, ) ) def _build_error_message(self, violations): """ Builds a comprehensive error message for field ID violations. - + Args: violations: List of violation messages - + Returns: Formatted error message """ @@ -90,8 +95,8 @@ def _build_error_message(self, violations): "This can cause compatibility issues and conflicts with reserved ID ranges.\n" "Violations found:\n".format(self.MAX_ALLOWED_FIELD_ID - 1) ) - + for violation in violations: error_message += " - {}\n".format(violation) - - return error_message \ No newline at end of file + + return error_message