search

Snowflake-Labs / sqltools-snowflake-driver

A Snowflake driver for the SQLTools VSCode extension.
MIT License
35 stars 15 forks source link

externalbrowser authenticator for SSO #13

Closed bharathjs93 closed 3 years ago

bharathjs93 commented 3 years ago

Hello, I'd like to know any plans about implementing external browser authenticator for SSO.

koszti commented 3 years ago

There are plans adding it, but it highly depends on when the externalbrowser authentication feature will be available in the upstream snowflake-nodejs-connector driver.

Good news is that last week this PR added external browser authentication to the nodejs connector. We need to wait until snowflake officially releasing the new driver but at the same time we can start testing and developing it.

yapnel commented 3 years ago

I am also awaiting for this feature too

koszti commented 3 years ago

I created a new auth-externalbrowser-sso branch and added this commit to test the unreleased SSO authenticator feature of the upstream snowflake nodejs connector. The branch modifies the connection form and implements the EXTERNALBROWSER authentication method. Unfortunately I receive this error:

390133: SAML response is invalid or matching user is not found. Contact your local system administrator.

My snowflake instance is using OKTA, I'm sure it's configured and working fine with other snowflake clients.

This might be a bug in the the SSO feature of the upstream nodejs driver. It's also possible that it working well with many Identity Providers but it doesn't like OKTA. I think we need to wait until SSO support will be documented and released officially by Snowflake.

Repo: https://github.com/snowflakedb/snowflake-connector-nodejs Documentation: https://docs.snowflake.com/en/user-guide/nodejs-driver-use.html

yapnel commented 3 years ago

Hi the latest 1.6 version is out. No info of what is released. Are you able to test it please? @koszti

koszti commented 3 years ago

Thanks, it's promising and I started working on it. It requires to bump the snowflake-sdk in the upstream snowflake-promise package first. I sent PR at https://github.com/natesilva/snowflake-promise/pull/8 and hopefully will get merged very soon.

koszti commented 3 years ago

tested locally and browser based SSO is working with the latest snowflake sdk package. To support it properly in the SQL client we need to make another a small change in the snowflake-promise package. PR sent to https://github.com/natesilva/snowflake-promise/pull/9.

koszti commented 3 years ago

New version with browser based SSO auth (0.4.0) is published to VSCode Marketplace and it's ready to upgrade.