Skip to content

feat: Trino oauth support #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

feat: Trino oauth support #8

wants to merge 2 commits into from

Conversation

@equiet
Copy link
Member

@equiet equiet commented Oct 31, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features
    • Added Trino OAuth authentication support for SQL connections. When connecting to Trino with OAuth credentials, the system now automatically handles credential injection for seamless authentication.

devin-ai-integration bot and others added 2 commits October 30, 2025 21:54
@devin-ai-integration @equiet
feat: add OAuth token support for Trino connections
0417ff0 
Add support for using OAuth Bearer tokens when connecting to Trino databases.
When TRINO_OAUTH_TOKEN environment variable is set, the connection will use
Bearer authentication instead of basic auth.

This enables federated authentication flows where OAuth tokens are managed
externally and passed to the SQL execution layer via environment variables.

Co-Authored-By: jakub@deepnote.com <jakub.jurovych@gmail.com>
@devin-ai-integration @equiet
fix: use JWTAuthentication instead of BearerAuthentication
19f0af6 
The trino library provides JWTAuthentication for Bearer token auth,
not BearerAuthentication. This fixes a runtime error that would occur
when trying to use OAuth tokens with Trino connections.

Co-Authored-By: jakub@deepnote.com <jakub.jurovych@gmail.com>
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 31, 2025
edited
Loading

📝 Walkthrough

Walkthrough

The change adds Trino OAuth authentication support to SQL connection initialization. When a Trino database connection is detected (URL scheme trino://) and the TRINO_OAUTH_TOKEN environment variable is available, the code now constructs a JWT authentication object and injects it into connection parameters. A new private helper function _build_params_for_trino_oauth() handles credential assembly, integrating into the existing parameter-building flow alongside BigQuery OAuth. No public API changes or modifications to error handling occur.

Pre-merge checks

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The pull request title "feat: Trino oauth support" directly and accurately describes the main change in the changeset. The PR adds Trino OAuth handling to the SQL execution module, including a new helper function for building OAuth credentials, which aligns precisely with what the title conveys. The title is concise, clear, and specific enough for a teammate reviewing the repository history to immediately understand the primary objective without ambiguity.

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link

github-actions bot commented Oct 31, 2025

📦 Python package built successfully!

  • Version: 1.0.0.dev6+1802f08
  • Wheel: deepnote_toolkit-1.0.0.dev6+1802f08-py3-none-any.whl
  • Install: 
    pip install "deepnote-toolkit @ https://deepnote-staging-runtime-artifactory.s3.amazonaws.com/deepnote-toolkit-packages/1.0.0.dev6%2B1802f08/deepnote_toolkit-1.0.0.dev6%2B1802f08-py3-none-any.whl"

@codecov
Copy link

codecov bot commented Oct 31, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 20.00000% with 12 lines in your changes missing coverage. Please review.
✅ Project coverage is 76.45%. Comparing base (1b4d41d) to head (19f0af6).
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
deepnote_toolkit/sql/sql_execution.py 20.00% 12 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main       #8      +/-   ##
==========================================
- Coverage   76.60%   76.45%   -0.16%     
==========================================
  Files          99       99              
  Lines        5476     5491      +15     
  Branches      748      750       +2     
==========================================
+ Hits         4195     4198       +3     
- Misses       1281     1293      +12

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

coderabbitai[bot]
coderabbitai bot requested changes Oct 31, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1b4d41d and 19f0af6.

📒 Files selected for processing (1)
  • deepnote_toolkit/sql/sql_execution.py (2 hunks)
🧰 Additional context used
🪛 Ruff (0.14.2)
deepnote_toolkit/sql/sql_execution.py

466-466: Missing return type annotation for private function _build_params_for_trino_oauth

(ANN202)

471-471: Create your own exception

(TRY002)

471-471: Avoid specifying long messages outside the exception class

(TRY003)

🔇 Additional comments (1)
deepnote_toolkit/sql/sql_execution.py (1)

110-114: Trino dependency confirmed—code approved.

Trino is declared in main dependencies at line 95 of pyproject.toml as "trino[sqlalchemy]>=0.327.0,<=0.330.0". The OAuth detection logic at lines 110-114 correctly mirrors the BigQuery pattern, and the helper function includes proper defensive error handling. The redundant token check (at lines 110 and 470) is benign.

@deepnote-bot
Copy link

deepnote-bot commented Oct 31, 2025

🚀 Review App Deployment Started

📝 Description 🌐 Link / Info
🌍 Review application ra-8
🔑 Sign-in URL Click to sign-in
📊 Application logs View logs
🔄 Actions Click to redeploy
🚀 ArgoCD deployment View deployment
Last deployed 2025-10-31 05:04:34 (UTC)
📜 Deployed commit 62552543c69d520114d2d0a0477e750a5ea29797
🛠️ Toolkit version 1802f08

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@equiet @deepnote-bot