amazon-redshift-python-driver icon indicating copy to clipboard operation
amazon-redshift-python-driver copied to clipboard
verified publisher icon aws

Different redirect url than http://localhost:7890/redshift/

Open kromanow94 opened this issue 1 year ago • 2 comments

Driver version

redshift-connector 2.0.917

Redshift version

Not related.

Client Operating System

Ubuntu 22.04.2 LTS running code-server on Kubeflow Notebook in AWS EKS.

Python version

Python 3.10.6

Table schema

Not related.

Problem description

  1. Expected behaviour: Login with following script should work:

    import redshift_connector

conn: redshift_connector.Connection = redshift_connector.connect(
    iam=True,
    database=redacted,
    host=redacted,
    cluster_identifier=redacted,
    credentials_provider='BrowserSamlCredentialsProvider',
    login_url=corporate_sso_login_url,
    region=region,
    preferred_role=redacted
)

    This results with a successful login with the IdP but the redirect to the http://localhost:7890/redshift/ is not suitable for me because the redshift_connector is running on a remote server with code-server.

  2. Actual behaviour: It should be possible to define different redirect url.

  3. Error message/stack trace: image

  4. Any other details that can be helpful: I'm thinking of some solution using proxy but then the redirect url would have to point to the proxy server.

    Also, code-server has the functionality to create a proxy for open ports. For example, running the script above creates an endpoint like https://kubeflow.example.com/notebook/nb_ns/nb_name/proxy/7890/.

    Any other ideas on how this scenario can be handled are very much welcomed.

Python Driver trace logs

Not related.

kromanow94 avatar Feb 06 '24 13:02 kromanow94

Hey @kromanow94,

Thanks for reaching out regarding this. For reference, here is where we implement BrowserSamlCredentialsProvider. The problematic piece of code is the run_server() method, which hardcodes HOST to localhost. One work around to implement a class which extends BrowserSamlCredentialsProvider and modify the run_server() method to use a different value for HOST, and if needed PORT. Unfortunately this is a bit messy given how run_server() is implemented. for example

class myPlugin(BrowserSamlCredentialsProvider):
  def run_server(self, listen_port, idp_response_timeout) -> str:
    HOST = "your_host"
   PORT = "your_port"
   # rest of method


redshift_connector.connect(
    ...,
    credentials_provider="your.path.to.myPlugin",
   ...,

Brooke-white avatar Feb 06 '24 17:02 Brooke-white

Hey @Brooke-white ,

Thanks for explaining. I'll give it a try. Thanks!

kromanow94 avatar Feb 08 '24 08:02 kromanow94

@Brooke-white wouldn't you agree that maybe this should be possible to pass as additional argument (host,port) as part of the redshift_connector?

misteliy avatar Jul 31 '24 11:07 misteliy