not able to pass through key-pair authentication

[gduan2000]

hi friend, I am getting 394300 error code using cert authentication. I was following the filetransfer.rs example.

here is the trace log (sensitive info removed) TRACE reqwest::connect::verbose > b888b296 write: b"POST /session/v1/login-request?clientStartTime=1709568967&requestId=afa6ed12-0a1b-4b38-ba09-f8942cbc0c56&request_guid=301edce3-2d84-4fe1-9033-8620c1dcaf47&warehouse=MY_WH_02&databaseName=MY_DB&schemaName=MY_SCHEMA&roleName=MY_ROLE HTTP/1.1\r\naccept: application/json\r\ncontent-type: application/json\r\nuser-agent: Rust/0.0.1\r\naccept-encoding: gzip\r\nhost: mycompany.region.privatelink.snowflakecomputing.com\r\ncontent-length: 1181\r\n\r\n{\"data\":{\"CLIENT_APP_ID\":\"Go\",\"CLIENT_APP_VERSION\":\"1.6.22\",\"SVN_REVISION\":\"\",\"ACCOUNT_NAME\":\"MYCOMPANY.REGION.PRIVATELINK\",\"LOGIN_NAME\":\"MY_USER_ACCOUNT@MY-COMPANY.COM\",\"SESSION_PARAMETERS\":{\"CLIENT_VALIDATE_DEFAULT_PARAMETERS\":true},\"CLIENT_ENVIRONMENT\":{\"APPLICATION\":\"Rust\",\"OS\":\"darwin\",\"OS_VERSION\":\"gc-arm64\",\"OCSP_MODE\":\"FAIL_OPEN\"},\"AUTHENTICATOR\":\"SNOWFLAKE_JWT\",\"TOKEN\":\"REMOVED_SEE_DECODED_BELOW\"}}"

TRACE reqwest::connect::verbose > 2f4d7fdc read: b"HTTP/1.1 200 OK\r\nDate: Mon, 04 Mar 2024 15:32:28 GMT\r\nContent-Type: application/json\r\nContent-Length: 134\r\nConnection: keep-alive\r\nKeep-Alive: timeout=175\r\nCache-Control: no-cache, no-store, no-transform\r\nVary: Accept-Encoding, User-Agent\r\nX-Frame-Options: deny\r\nX-Content-Type-Options: nosniff\r\nX-XSS-Protection: 1; mode=block\r\nExpect-CT: enforce, max-age=3600\r\n\r\n{\n \"data\" : {\n \"authnMethod\" : \"KEYPAIR\"\n},\n \"code\" : \"394300\",\n \"message\" : \"!394300!\",\n \"success\" : false,\n \"headers\" : null\n}"

decoded JWT token looks like this: { "iss": "MYCOMPANY.REGION.PRIVATELINK.MY_USER_ACCOUNT@MY-COMPANY.COM.SHA256:FINGERPRINT_MATCHES_USER_FINGERPRINT_IN_SNOWFLAKE", "sub": "MYCOMPANY.REGION.PRIVATELINK.MY_USER_ACCOUNT@MY-COMPANY.COM", "iat": 1709566347, "exp": 1709652747 }

any suggestions? thanks!

[andrusha]

This could be helpful https://docs.snowflake.com/en/user-guide/key-pair-auth-troubleshooting#list-of-errors

394300 JWT_TOKEN_INVALID_USER_IN_ISSUER The user name specified in the issuer does not exist in the Snowflake account. For possible solutions, see Common Errors and Solutions.

https://docs.snowflake.com/en/user-guide/key-pair-auth-troubleshooting#jwt-token-invalid-user-in-issuer

[gduan2000]

Thanks andrusha

the user is in snowflake and it is a valid account. now a I have passed the JWT authentication, I am trying to PUT a file. and getting following error,

Error: Following feature is not implemented yet: PUT local file requests for Azure

[gduan2000]

never mind, I saw the code, it is not implemented for Azure.

[andrusha]

With object_store it shouldn't be particularly difficult to do, all the necessary parameters are already parsed in, but I never had a chance to test it with the Azure or know the intricacies of it. Contributions are welcome.