Skip to content
Snippets Groups Projects
Unverified Commit 3eea4928 authored by metabase-bot[bot]'s avatar metabase-bot[bot] Committed by GitHub
Browse files

Updates Snowflake driver to decode uploaded private key file (#31357) (#31412)


Updates Snowflake driver to decode uploaded private key file data if necessary

Co-authored-by: default avatarjohn-metabase <92878045+john-metabase@users.noreply.github.com>
parent ba3f095a
No related branches found
No related tags found
No related merge requests found
...@@ -16,7 +16,7 @@ driver: ...@@ -16,7 +16,7 @@ driver:
- user - user
- password - password
- name: private-key - name: private-key
display-name: RSA private key (PEM) display-name: RSA private key (PKCS#8/.p8)
type: secret type: secret
secret-kind: pem-cert secret-kind: pem-cert
- name: warehouse - name: warehouse
......
...@@ -20,6 +20,7 @@ ...@@ -20,6 +20,7 @@
[metabase.driver.sql.util :as sql.u] [metabase.driver.sql.util :as sql.u]
[metabase.driver.sql.util.unprepare :as unprepare] [metabase.driver.sql.util.unprepare :as unprepare]
[metabase.driver.sync :as driver.s] [metabase.driver.sync :as driver.s]
[metabase.driver.util :as driver.u]
[metabase.models.secret :as secret] [metabase.models.secret :as secret]
[metabase.query-processor.error-type :as qp.error-type] [metabase.query-processor.error-type :as qp.error-type]
[metabase.query-processor.store :as qp.store] [metabase.query-processor.store :as qp.store]
...@@ -98,10 +99,13 @@ ...@@ -98,10 +99,13 @@
private-key-file (handle-conn-uri user account private-key-file))) private-key-file (handle-conn-uri user account private-key-file)))
private-key-value private-key-value
(let [private-key-str (if (bytes? private-key-value) (let [private-key-str (if (bytes? private-key-value)
(String. ^bytes private-key-value StandardCharsets/UTF_8) (String. ^bytes private-key-value StandardCharsets/UTF_8)
private-key-value) private-key-value)
private-key-file (secret/value->file! {:connection-property-name "private-key-file" :value private-key-str})] private-key-file-val (cond-> private-key-str
(re-find driver.u/data-url-pattern private-key-str) driver.u/decode-uploaded)
private-key-file (secret/value->file! {:connection-property-name "private-key-file"
:value private-key-file-val})]
(handle-conn-uri details user account private-key-file)))) (handle-conn-uri details user account private-key-file))))
(defmethod sql-jdbc.conn/connection-details->spec :snowflake (defmethod sql-jdbc.conn/connection-details->spec :snowflake
......
...@@ -384,11 +384,14 @@ ...@@ -384,11 +384,14 @@
(assoc :visible-if v-ifs*)))) (assoc :visible-if v-ifs*))))
final-props))) final-props)))
(def data-url-pattern
"A regex to match data-URL-encoded files uploaded via the frontend"
#"^data:[^;]+;base64,")
(defn decode-uploaded (defn decode-uploaded
"Decode `uploaded-data` as an uploaded field. "Returns bytes from encoded frontend file upload string."
Optionally strip the Base64 MIME prefix." ^bytes [^String uploaded-data]
^bytes [uploaded-data] (u/decode-base64-to-bytes (str/replace uploaded-data data-url-pattern "")))
(u/decode-base64-to-bytes (str/replace uploaded-data #"^data:[^;]+;base64," "")))
(defn db-details-client->server (defn db-details-client->server
"Currently, this transforms client side values for the various back into :type :secret for storage on the server. "Currently, this transforms client side values for the various back into :type :secret for storage on the server.
......
...@@ -226,7 +226,8 @@ ...@@ -226,7 +226,8 @@
:keystore-options "uploaded" :keystore-options "uploaded"
;; because treat-before-posting is base64 in the config for this property, simulate that happening ;; because treat-before-posting is base64 in the config for this property, simulate that happening
:keystore-value (->> (.getBytes ks-val StandardCharsets/UTF_8) :keystore-value (->> (.getBytes ks-val StandardCharsets/UTF_8)
(.encodeToString (Base64/getEncoder))) (.encodeToString (Base64/getEncoder))
(str "data:application/octet-stream;base64,"))
:keystore-password-value "my-keystore-pw"} :keystore-password-value "my-keystore-pw"}
transformed (driver.u/db-details-client->server :secret-test-driver db-details)] transformed (driver.u/db-details-client->server :secret-test-driver db-details)]
;; compare all fields except `:keystore-value` as a single map ;; compare all fields except `:keystore-value` as a single map
...@@ -238,6 +239,11 @@ ...@@ -238,6 +239,11 @@
;; the keystore-value should have been base64 decoded because of treat-before-posting being base64 (see above) ;; the keystore-value should have been base64 decoded because of treat-before-posting being base64 (see above)
(is (mt/secret-value-equals? ks-val (:keystore-value transformed)))))) (is (mt/secret-value-equals? ks-val (:keystore-value transformed))))))
(deftest decode-uploaded-test
(are [expected base64] (= expected (String. (driver.u/decode-uploaded base64) "UTF-8"))
"hi" "aGk="
"hi" "data:application/octet-stream;base64,aGk="))
(deftest semantic-version-gte-test (deftest semantic-version-gte-test
(testing "semantic-version-gte works as expected" (testing "semantic-version-gte works as expected"
(is (true? (driver.u/semantic-version-gte [5 0] [4 0]))) (is (true? (driver.u/semantic-version-gte [5 0] [4 0])))
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment