Add OAuth2 support to IbisTrinoConnection

[nakulgan]

Add support for OAuth2 authentication in IbisTrinoConnection.

• Add OAuth2Authentication interface to handle OAuth2 authentication in wren-ui/src/apollo/server/adaptors/ibisAdaptor.ts.
• Update IbisTrinoConnectionInfo interface to include optional auth field for OAuth2 authentication.
• Add fields for OAuth2 client ID, client secret, and token URL in TrinoProperties component in wren-ui/src/components/pages/setup/dataSources/TrinoProperties.tsx.
• Update form submission logic to include OAuth2 fields in TrinoProperties component.

Summary by CodeRabbit

• New Features

  • Enhanced Trino connection setup to support OAuth2 authentication.
  • Added new form fields for entering OAuth2 Client ID, Client Secret, and Token URL during configuration.

• Tests

  • Introduced new test cases to validate OAuth2 authentication for Trino connections.

[coderabbitai]

Walkthrough

The pull request introduces OAuth2 authentication support. A new OAuth2Authentication interface is added to the server-side code and integrated into the IbisTrinoConnectionInfo interface. On the UI side, three new form items for OAuth2 configuration (Client ID, Client Secret, and Token URL) are added to the Trino properties setup page. Additionally, tests are created to validate the new functionality. This enhances configuration flexibility without altering existing functionality.

Changes

File(s)	Change Summary
wren-ui/src/apollo/server/.../ibisAdaptor.ts	Added new OAuth2Authentication interface with clientId, clientSecret, and tokenUrl. Updated IbisTrinoConnectionInfo to optionally include an auth property of type OAuth2Authentication.
wren-ui/src/components/pages/setup/dataSources/TrinoProperties.tsx	Introduced three new form items for OAuth2: "OAuth2 Client ID", "OAuth2 Client Secret", and "OAuth2 Token URL", each accompanied by labels, names, placeholders, and validation rules.
wren-ui/e2e/specs/connectTrino.spec.ts	Added a test case for connecting to a Trino data source using OAuth2, including input for the new OAuth2 fields and verifying successful navigation after submission.
wren-ui/src/apollo/server/adaptors/tests/ibisAdaptor.test.ts	Introduced a new mock connection object for OAuth2 and added a test case to verify the getConstraints method's behavior with OAuth2 connection information.

Possibly related PRs

• Feature: Enhance trino connector #1207: Modifications involve similar interface adjustments to IbisTrinoConnectionInfo, particularly around handling of multiple schemas, indicating a direct code-level connection.

Suggested reviewers

• onlyjackfrost
• andreashimin

Poem

In the burrow of code, I happily rap,
Adding OAuth twists for a secure Trino map.
Client ID, Secret, and Token dance with glee,
Hop through these fields, setting configuration free.
Hoppy days ahead in our code-filled spree! 🐇💻

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

wren-ui/src/apollo/server/adaptors/ibisAdaptor.ts (1)

67-71: Consider adding URL validation and type constraints for OAuth2 fields.

The OAuth2Authentication interface looks good, but could benefit from additional type safety:

 export interface OAuth2Authentication {
   clientId: string;
   clientSecret: string;
-  tokenUrl: string;
+  tokenUrl: string & { __brand: 'URL' }; // Type brand for URL validation
 }

wren-ui/src/components/pages/setup/dataSources/TrinoProperties.tsx (1)

92-127: Consider UX improvements for OAuth2 configuration.

The OAuth2 form fields implementation is good, but could benefit from these improvements:

1. Add conditional rendering to show OAuth2 fields only when OAuth2 authentication is selected
2. Add URL format validation for the token URL field
3. Add helper text to explain the OAuth2 configuration process

+// Add a new form item for auth type selection
+<Form.Item
+  label="Authentication Type"
+  name="authType"
+  initialValue="basic"
+>
+  <Select>
+    <Select.Option value="basic">Basic Auth</Select.Option>
+    <Select.Option value="oauth2">OAuth2</Select.Option>
+  </Select>
+</Form.Item>

+// Wrap OAuth2 fields in a conditional
+<Form.Item
+  noStyle
+  shouldUpdate={(prevValues, currentValues) => 
+    prevValues.authType !== currentValues.authType
+  }
+>
+  {({ getFieldValue }) =>
+    getFieldValue('authType') === 'oauth2' && (
       <Form.Item
         label="OAuth2 Client ID"
         name="clientId"
         rules={[
           {
             required: true, // Make required when OAuth2 is selected
             message: ERROR_TEXTS.CONNECTION.CLIENT_ID.REQUIRED,
           },
         ]}
+        tooltip="The client ID provided by your OAuth2 provider"
       >
         <Input placeholder="OAuth2 Client ID" />
       </Form.Item>
       // ... other OAuth2 fields
+    )
+  }
+</Form.Item>

// Add URL validation for token URL
<Form.Item
  label="OAuth2 Token URL"
  name="tokenUrl"
  rules={[
    {
      required: false,
      message: ERROR_TEXTS.CONNECTION.TOKEN_URL.REQUIRED,
    },
+   {
+     type: 'url',
+     message: 'Please enter a valid URL',
+   },
  ]}
+  tooltip="The token endpoint URL of your OAuth2 provider"
>
  <Input placeholder="OAuth2 Token URL" />
</Form.Item>

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 33d8c19 and 58c3ffe.

📒 Files selected for processing (2)

• wren-ui/src/apollo/server/adaptors/ibisAdaptor.ts (2 hunks)
• wren-ui/src/components/pages/setup/dataSources/TrinoProperties.tsx (1 hunks)

🔇 Additional comments (3)

wren-ui/src/apollo/server/adaptors/ibisAdaptor.ts (1)

56-56: LGTM! Good use of optional auth field.

The optional auth field maintains backward compatibility while adding OAuth2 support.

wren-ui/src/components/pages/setup/dataSources/TrinoProperties.tsx (2)

114-114: Good use of Input.Password for sensitive data.

Properly using Input.Password component for the client secret ensures the sensitive value is masked.

---

92-127:

❓ Verification inconclusive

Verify OAuth2 field validation messages.

Ensure that the error message constants referenced in the OAuth2 form fields are defined in the ERROR_TEXTS object.

---

🏁 Script executed:

#!/bin/bash
# Check if OAuth2-related error messages are defined
rg -A 3 "CONNECTION\." src/utils/error.ts | grep -E "CLIENT_ID|CLIENT_SECRET|TOKEN_URL"

Length of output: 148

---

Verify Existing OAuth2 Error Message Constants
The script couldn’t locate src/utils/error.ts, so it’s unclear whether the ERROR_TEXTS.CONNECTION keys (for CLIENT_ID, CLIENT_SECRET, and TOKEN_URL) are defined anywhere in the codebase. Please manually verify that these error message constants exist—either in an alternative file or under a different structure—and update the reference if necessary.

• Check the repository for the definition of the ERROR_TEXTS object (e.g., using a command like rg -n "export const ERROR_TEXTS" .).
• If the OAuth2-specific keys are missing, add them accordingly.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

wren-ui/e2e/specs/connectTrino.spec.ts (1)

37-63: Enhance OAuth2 test coverage.

While the happy path is covered, consider adding the following test cases for more robust coverage:

1. Verify that OAuth2 fields are properly displayed/hidden based on authentication type selection
2. Add negative test cases for invalid OAuth2 configurations
3. Verify form validation rules for OAuth2 fields

test('OAuth2 fields validation', async ({ page }) => {
  await page.goto('/setup/connection');
  await page.locator('button').filter({ hasText: 'Trino' }).click();
  
  // Test required fields
  await page.getByRole('button', { name: 'Next' }).click();
  await expect(page.getByText('Client ID is required')).toBeVisible();
  
  // Test invalid token URL
  await page.getByLabel('OAuth2 Token URL').fill('invalid-url');
  await expect(page.getByText('Invalid URL format')).toBeVisible();
});

wren-ui/src/apollo/server/adaptors/tests/ibisAdaptor.test.ts (1)

289-315: Enhance OAuth2 test coverage.

Consider adding the following test cases for more comprehensive coverage:

1. Error scenarios for OAuth2 authentication (e.g., invalid token URL)
2. Multiple schema configurations
3. SSL configuration with OAuth2

it('should handle OAuth2 authentication errors', async () => {
  const mockError = { response: { data: 'Invalid token URL' } };
  mockedAxios.post.mockRejectedValue(mockError);

  await expect(
    ibisAdaptor.getConstraints(
      DataSourceName.TRINO,
      mockOAuth2TrinoConnectionInfo
    )
  ).rejects.toThrow('Invalid token URL');
});

it('should handle multiple schemas with OAuth2', async () => {
  const multiSchemaOAuth2Info = {
    ...mockOAuth2TrinoConnectionInfo,
    schemas: 'catalog1.schema1,catalog2.schema2'
  };
  // Test implementation
});

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 58c3ffe and c4f02f2.

📒 Files selected for processing (2)

• wren-ui/e2e/specs/connectTrino.spec.ts (1 hunks)
• wren-ui/src/apollo/server/adaptors/tests/ibisAdaptor.test.ts (2 hunks)

🔇 Additional comments (1)

wren-ui/src/apollo/server/adaptors/tests/ibisAdaptor.test.ts (1)

93-103: LGTM! Well-structured mock object.

The mock OAuth2 connection info object is well-structured and includes all necessary OAuth2 fields.