[client-v1,client-v2, auth] Implemented authentication via http basic auth

chernser commented 2 weeks ago

Summary

Password can be passed as value of the X-ClickHouse-Key header docs. But header values have some limitations about what characters can be used (learned from practical tests and https://www.rfc-editor.org/rfc/rfc7230#section-3.2.6) what would require escaping special chars. Basic authentication helps to avoid all this and is standard authentication mechanism. This PR changes both clients (v1, v2).

New configuration parameter is added:

com.clickhouse.client.http.config.ClickHouseHttpOption#USE_BASIC_AUTHENTICATION - allows to switch using ClickHouse X- headers to authenticate. Default is using basic auth.

Closes: https://github.com/ClickHouse/clickhouse-java/issues/1305

Checklist

Delete items not relevant to your PR:

[x] Unit and integration tests covering the common scenarios were added
[x] A human-readable description of the changes was provided to include in CHANGELOG
[ ] For significant changes, documentation in https://github.com/ClickHouse/clickhouse-docs was updated with further explanations or tutorials

mzitnik commented 2 weeks ago

@chernser please validate discussed

sonarcloud[bot] commented 2 weeks ago

Quality Gate passed

Issues
8 New issues
0 Accepted issues

Measures
0 Security Hotspots
84.1% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

ClickHouse / clickhouse-java