SNOW-2110470: Check if integ test would work

Author: sfc-gh-fpawlowski

.github/workflows/build_test.yml

@@ -172,16 +172,16 @@ jobs:
         run: python -m pip install tox>=4
       - name: Run tests
        # To run a single test on GHA use the below command:
-        run: python -m tox run -e `echo py${PYTHON_VERSION/\./}-single-ci | sed 's/ /,/g'`
-#        run: python -m tox run -e `echo py${PYTHON_VERSION/\./}-{extras,unit,integ,pandas,sso}-ci | sed 's/ /,/g'`
+#        run: python -m tox run -e `echo py${PYTHON_VERSION/\./}-single-ci | sed 's/ /,/g'`
+        run: python -m tox run -e `echo py${PYTHON_VERSION/\./}-{extras,unit,integ,pandas,sso}-ci | sed 's/ /,/g'`
 
         env:
           PYTHON_VERSION: ${{ matrix.python-version }}
           cloud_provider: ${{ matrix.cloud-provider }}
           PYTEST_ADDOPTS: --color=yes --tb=short
           TOX_PARALLEL_NO_SPINNER: 1
          # To specify the test name (in single test mode) pass this env variable:
-          SINGLE_TEST_NAME: test/auth/test_snowflake_authorization_code.py::test_snowflake_authorization_code_local_application_successful
+#          SINGLE_TEST_NAME: test/path/filename.py::test_name
         shell: bash
       - name: Combine coverages
         run: python -m tox run -e coverage --skip-missing-interpreters false

src/snowflake/connector/auth/oauth_credentials.py

@@ -29,8 +29,10 @@ def __init__(
         scope: str,
         token_cache: TokenCache | None = None,
         refresh_token_enabled: bool = False,
+        connection: SnowflakeConnection | None = None,
         **kwargs,
     ) -> None:
+        self._validate_client_credentials_present(client_id, client_secret, connection)
         super().__init__(
             client_id=client_id,
             client_secret=client_secret,

src/snowflake/connector/connection.py

@@ -92,8 +92,6 @@
     ER_INVALID_VALUE,
     ER_INVALID_WIF_SETTINGS,
     ER_NO_ACCOUNT_NAME,
-    ER_NO_CLIENT_ID,
-    ER_NO_CLIENT_SECRET,
     ER_NO_NUMPY,
     ER_NO_PASSWORD,
     ER_NO_USER,
@@ -1203,7 +1201,6 @@ def __open_connection(self):
                     backoff_generator=self._backoff_generator,
                 )
             elif self._authenticator == OAUTH_AUTHORIZATION_CODE:
-                self._check_oauth_parameters()
                 if self._role and (self._oauth_scope == ""):
                     # if role is known then let's inject it into scope
                     self._oauth_scope = _OAUTH_DEFAULT_SCOPE.format(role=self._role)
@@ -1231,7 +1228,6 @@ def __open_connection(self):
                     enable_single_use_refresh_tokens=self._oauth_enable_single_use_refresh_tokens,
                 )
             elif self._authenticator == OAUTH_CLIENT_CREDENTIALS:
-                self._check_oauth_parameters()
                 if self._role and (self._oauth_scope == ""):
                     # if role is known then let's inject it into scope
                     self._oauth_scope = _OAUTH_DEFAULT_SCOPE.format(role=self._role)
@@ -1249,6 +1245,7 @@ def __open_connection(self):
                         else None
                     ),
                     refresh_token_enabled=self._oauth_enable_refresh_tokens,
+                    connection=self,
                 )
             elif self._authenticator == USR_PWD_MFA_AUTHENTICATOR:
                 self._session_parameters[PARAMETER_CLIENT_REQUEST_MFA_TOKEN] = (
@@ -2236,54 +2233,6 @@ def _check_experimental_authentication_flag(self) -> None:
                 },
             )
 
-    def _check_oauth_parameters(self) -> None:
-        if self._oauth_client_id is None:
-            Error.errorhandler_wrapper(
-                self,
-                None,
-                ProgrammingError,
-                {
-                    "msg": "Oauth code flow requirement 'client_id' is empty",
-                    "errno": ER_NO_CLIENT_ID,
-                },
-            )
-        if self._oauth_client_secret is None:
-            Error.errorhandler_wrapper(
-                self,
-                None,
-                ProgrammingError,
-                {
-                    "msg": "Oauth code flow requirement 'client_secret' is empty",
-                    "errno": ER_NO_CLIENT_SECRET,
-                },
-            )
-        if (
-            self._oauth_authorization_url
-            and not self._oauth_authorization_url.startswith("https://")
-        ):
-            Error.errorhandler_wrapper(
-                self,
-                None,
-                ProgrammingError,
-                {
-                    "msg": "OAuth supports only authorization urls that use 'https' scheme",
-                    "errno": ER_INVALID_VALUE,
-                },
-            )
-        if self._oauth_redirect_uri and not (
-            self._oauth_redirect_uri.startswith("http://")
-            or self._oauth_redirect_uri.startswith("https://")
-        ):
-            Error.errorhandler_wrapper(
-                self,
-                None,
-                ProgrammingError,
-                {
-                    "msg": "OAuth supports only authorization urls that use 'http(s)' scheme",
-                    "errno": ER_INVALID_VALUE,
-                },
-            )
-
     @staticmethod
     def _detect_application() -> None | str:
         if ENV_VAR_PARTNER in os.environ.keys():

test/unit/test_oauth_token.py

@@ -121,9 +121,12 @@ def remove(self, key: TokenKey) -> None:
 
 @pytest.fixture()
 def omit_oauth_urls_check():
+    def get_first_two_args(authorization_url: str, redirect_uri: str, *args, **kwargs):
+        return authorization_url, redirect_uri
+
     with mock.patch(
-        "snowflake.connector.SnowflakeConnection._check_oauth_parameters",
-        return_value=None,
+        "snowflake.connector.auth.oauth_code.AuthByOauthCode._validate_oauth_code_uris",
+        side_effect=get_first_two_args,
     ):
         yield