Merge pull request #110 from Tmonster/fix-v1.4-andium

Merge main into v1.4-andium

Author: samansmink

duckdb

@@ -111,9 +111,13 @@ unique_ptr<BaseSecret> CreateS3SecretFunctions::CreateSecretFunctionInternal(Cli
 		} else if (lower_name == "requester_pays") {
 			if (named_param.second.type() != LogicalType::BOOLEAN) {
 				throw InvalidInputException("Invalid type past to secret option: '%s', found '%s', expected: 'BOOLEAN'",
-											lower_name, named_param.second.type().ToString());
+				                            lower_name, named_param.second.type().ToString());
 			}
 			secret->secret_map["requester_pays"] = Value::BOOLEAN(named_param.second.GetValue<bool>());
+		} else if (lower_name == "bearer_token" && input.type == "gcs") {
+			secret->secret_map["bearer_token"] = named_param.second.ToString();
+			// Mark it as sensitive
+			secret->redact_keys.insert("bearer_token");
 		} else {
 			throw InvalidInputException("Unknown named parameter passed to CreateSecretFunctionInternal: " +
 			                            lower_name);
@@ -191,7 +195,7 @@ void CreateS3SecretFunctions::SetBaseNamedParams(CreateSecretFunction &function,
 	function.named_parameters["use_ssl"] = LogicalType::BOOLEAN;
 	function.named_parameters["kms_key_id"] = LogicalType::VARCHAR;
 	function.named_parameters["url_compatibility_mode"] = LogicalType::BOOLEAN;
-    function.named_parameters["requester_pays"] = LogicalType::BOOLEAN;
+	function.named_parameters["requester_pays"] = LogicalType::BOOLEAN;
 
 	// Whether a secret refresh attempt should be made when the secret appears to be incorrect
 	function.named_parameters["refresh"] = LogicalType::VARCHAR;
@@ -210,6 +214,10 @@ void CreateS3SecretFunctions::SetBaseNamedParams(CreateSecretFunction &function,
 	if (type == "r2") {
 		function.named_parameters["account_id"] = LogicalType::VARCHAR;
 	}
+
+	if (type == "gcs") {
+		function.named_parameters["bearer_token"] = LogicalType::VARCHAR;
+	}
 }
 
 void CreateS3SecretFunctions::RegisterCreateSecretFunction(ExtensionLoader &loader, string type) {

extension/httpfs/create_secret_functions.cpp

@@ -263,7 +263,8 @@ unique_ptr<HTTPResponse> HTTPFileSystem::GetRangeRequest(FileHandle &handle, str
 HTTPFileHandle::HTTPFileHandle(FileSystem &fs, const OpenFileInfo &file, FileOpenFlags flags,
                                unique_ptr<HTTPParams> params_p)
     : FileHandle(fs, file.path, flags), params(std::move(params_p)), http_params(params->Cast<HTTPFSParams>()),
-      flags(flags), length(0), force_full_download(false), buffer_available(0), buffer_idx(0), file_offset(0), buffer_start(0), buffer_end(0) {
+      flags(flags), length(0), force_full_download(false), buffer_available(0), buffer_idx(0), file_offset(0),
+      buffer_start(0), buffer_end(0) {
 	// check if the handle has extended properties that can be set directly in the handle
 	// if we have these properties we don't need to do a head request to obtain them later
 	if (file.extended_info) {

extension/httpfs/httpfs.cpp

@@ -9,7 +9,7 @@ unique_ptr<HTTPClient> HTTPFSUtil::InitializeClient(HTTPParams &http_params, con
 
 unordered_map<string, string> HTTPFSUtil::ParseGetParameters(const string &text) {
 	unordered_map<string, string> result;
-	//TODO: HTTPFSUtil::ParseGetParameters is currently not implemented
+	// TODO: HTTPFSUtil::ParseGetParameters is currently not implemented
 	return result;
 }
 

extension/httpfs/httpfs_client_wasm.cpp

@@ -12,23 +12,23 @@
 namespace duckdb {
 
 static void SetHttpfsClientImplementation(DBConfig &config, const string &value) {
-		if (config.http_util && config.http_util->GetName() == "WasmHTTPUtils") {
-			if (value == "wasm" || value == "default") {
-				// Already handled, do not override
-				return;
-			}
-			throw InvalidInputException("Unsupported option for httpfs_client_implementation, only `wasm` and "
-			                            "`default` are currently supported for duckdb-wasm");
-		}
-		if (value == "httplib" || value == "default") {
-			if (!config.http_util || config.http_util->GetName() != "HTTPFSUtil") {
-				config.http_util = make_shared_ptr<HTTPFSUtil>();
-			}
+	if (config.http_util && config.http_util->GetName() == "WasmHTTPUtils") {
+		if (value == "wasm" || value == "default") {
+			// Already handled, do not override
 			return;
 		}
-		throw InvalidInputException("Unsupported option for httpfs_client_implementation, only `curl`, `httplib` and "
-		                            "`default` are currently supported");
+		throw InvalidInputException("Unsupported option for httpfs_client_implementation, only `wasm` and "
+		                            "`default` are currently supported for duckdb-wasm");
+	}
+	if (value == "httplib" || value == "default") {
+		if (!config.http_util || config.http_util->GetName() != "HTTPFSUtil") {
+			config.http_util = make_shared_ptr<HTTPFSUtil>();
+		}
+		return;
 	}
+	throw InvalidInputException("Unsupported option for httpfs_client_implementation, only `curl`, `httplib` and "
+	                            "`default` are currently supported");
+}
 
 static void LoadInternal(ExtensionLoader &loader) {
 	auto &instance = loader.GetDatabaseInstance();

extension/httpfs/httpfs_extension.cpp

@@ -30,7 +30,8 @@ struct S3AuthParams {
 	string url_style;
 	bool use_ssl = true;
 	bool s3_url_compatibility_mode = false;
-    bool requester_pays = false;
+	bool requester_pays = false;
+	string oauth2_bearer_token; // OAuth2 bearer token for GCS
 
 	static S3AuthParams ReadFrom(optional_ptr<FileOpener> opener, FileOpenerInfo &info);
 };
@@ -46,7 +47,6 @@ struct AWSEnvironmentCredentialsProvider {
 	static constexpr const char *DUCKDB_KMS_KEY_ID_ENV_VAR = "DUCKDB_S3_KMS_KEY_ID";
 	static constexpr const char *DUCKDB_REQUESTER_PAYS_ENV_VAR = "DUCKDB_S3_REQUESTER_PAYS";
 
-
 	explicit AWSEnvironmentCredentialsProvider(DBConfig &config) : config(config) {};
 
 	DBConfig &config;
@@ -228,6 +228,7 @@ class S3FileSystem : public HTTPFileSystem {
 
 	static string GetS3BadRequestError(S3AuthParams &s3_auth_params);
 	static string GetS3AuthError(S3AuthParams &s3_auth_params);
+	static string GetGCSAuthError(S3AuthParams &s3_auth_params);
 	static HTTPException GetS3Error(S3AuthParams &s3_auth_params, const HTTPResponse &response, const string &url);
 
 protected: