Fix AWS authentication for Tableau on Mac (#9)

* add changes to enable using AWS authentication with Tableau -update code where necessary to address Mac warnings * remove build artifacts * match Lyndon's change for min function * address build warnings * build fix
amazon-archives · Mar 10, 2020 · c8573e2 · c8573e2
1 parent cff6c55
commit c8573e2
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 25 deletions.
diff --git a/run_test_runner.sh b/run_test_runner.sh
diff --git a/src/IntegrationTests/ITODBCAwsAuth/test_odbc_aws_auth.cpp b/src/IntegrationTests/ITODBCAwsAuth/test_odbc_aws_auth.cpp
@@ -22,22 +22,22 @@
 std::wstring dsn_name = L"test_aws_auth_dsn";
 std::wstring aws_auth_conn_string =
     L"Driver={Elasticsearch};DataBase=database_name;"
-    L"Server=https://"
+    L"Host=https://"
     L"search-sept-cdg-david-test-domain-gouok3seqeupz64smuvfxyddui.eu-west-3."
     L"es.amazonaws.com;"
-    L"AuthenticationMode=AWS_SIGV4;Region=eu-west-3";
+    L"Auth=AWS_SIGV4;Region=eu-west-3;LogLevel=1";
 std::wstring aws_auth_conn_string_invalid_region =
     L"Driver={Elasticsearch};DataBase=database_name;"
-    L"Server=https://"
+    L"Host=https://"
     L"search-sept-cdg-david-test-domain-gouok3seqeupz64smuvfxyddui.eu-west-3."
     L"es.amazonaws.com;"
-    L"AuthenticationMode=AWS_SIGV4;Region=us-west-3";
+    L"Auth=AWS_SIGV4;Region=us-west-3;LogLevel=1";
 std::wstring aws_auth_conn_string_invalid_authtype =
     L"Driver={Elasticsearch};DataBase=database_name;"
-    L"Server=https://"
+    L"Host=https://"
     L"search-sept-cdg-david-test-domain-gouok3seqeupz64smuvfxyddui.eu-west-3."
     L"es.amazonaws.com;"
-    L"AuthenticationMode=AWS;Region=eu-west-3";
+    L"Auth=AWS;Region=eu-west-3;LogLevel=1";
 
 class TestAwsAuthConnection : public testing::Test {
    public:

diff --git a/src/UnitTests/UTConn/test_conn.cpp b/src/UnitTests/UTConn/test_conn.cpp
@@ -32,6 +32,7 @@ const std::string invalid_host = "10.1.1.189";
 const std::string invalid_port = "920";
 const std::string invalid_user = "amin";
 const std::string invalid_pw = "amin";
+const std::string invalid_region = "bad-region";
 runtime_options valid_opt_val = {{valid_host, valid_port, "1"},
                                  {"BASIC", valid_user, valid_pw, valid_region},
                                  {use_ssl, false, "", "", "", ""}};

diff --git a/src/elasticodbc/CMakeLists.txt b/src/elasticodbc/CMakeLists.txt
@@ -66,7 +66,7 @@ if(WIN32)
 	target_link_libraries(elasticodbc wsock32 ws2_32 msvcrt winmm user32 gdi32 legacy_stdio_definitions aws-cpp-sdk-core kernel32 advapi32 secur32 XOleHlp Wldap32 crypt32 Normaliz odbccp32 odbc32)
 elseif(APPLE)
 	# Apple specific
-	target_link_libraries(elasticodbc iodbc iodbcinst aws-cpp-sdk-core )
+	target_link_libraries(elasticodbc iodbc iodbcinst aws-cpp-sdk-core)
 elseif(UNIX)
 	# Unix specific
 	include_directories(/usr/src/linux-headers-5.0.0-27/include)

diff --git a/src/elasticodbc/es_communication.cpp b/src/elasticodbc/es_communication.cpp
@@ -38,6 +38,7 @@ static const std::string PLUGIN_ENDPOINT_FORMAT_JSON =
 static const std::string OPENDISTRO_SQL_PLUGIN_NAME = "opendistro_sql";
 static const std::string ALLOCATION_TAG = "AWS_SIGV4_AUTH";
 static const std::string SERVICE_NAME = "es";
+static const std::string ESODBC_PROFILE_NAME = "elasticsearchodbc";
 static const std::string JSON_SCHEMA =
     "{"  // This was generated from the example elasticsearch data
     "\"type\": \"object\","
@@ -240,6 +241,21 @@ void ESCommunication::IssueRequest(
             request_type,
             Aws::Utils::Stream::DefaultResponseStreamFactoryMethod);
 
+    // Set header type
+    if (!content_type.empty())
+        request->SetHeaderValue(Aws::Http::CONTENT_TYPE_HEADER, ctype);
+
+    // Set body
+    if (!query.empty()) {
+        rabbit::object body;
+        body["query"] = query;
+        std::shared_ptr< Aws::StringStream > aws_ss =
+            Aws::MakeShared< Aws::StringStream >("RabbitStream");
+        *aws_ss << std::string(body.str());
+        request->AddContentBody(aws_ss);
+        request->SetContentLength(std::to_string(body.str().size()));
+    }
+
     // Handle authentication
     if (m_rt_opts.auth.auth_type == AUTHTYPE_BASIC) {
         std::string userpw_str =
@@ -251,31 +267,16 @@ void ESCommunication::IssueRequest(
             Aws::Utils::HashingUtils::Base64Encode(userpw_arr);
         request->SetAuthorization("Basic " + hashed_userpw);
     } else if (m_rt_opts.auth.auth_type == AUTHTYPE_IAM) {
-        std::shared_ptr< Aws::Auth::EnvironmentAWSCredentialsProvider >
+        std::shared_ptr< Aws::Auth::ProfileConfigFileAWSCredentialsProvider >
             credential_provider =
-                Aws::MakeShared< Aws::Auth::EnvironmentAWSCredentialsProvider >(
-                    ALLOCATION_TAG.c_str());
+                Aws::MakeShared< Aws::Auth::ProfileConfigFileAWSCredentialsProvider >(
+                    ALLOCATION_TAG.c_str(), ESODBC_PROFILE_NAME.c_str());
         Aws::Client::AWSAuthV4Signer signer(credential_provider,
                                             SERVICE_NAME.c_str(),
                                             m_rt_opts.auth.region.c_str());
         signer.SignRequest(*request);
     }
 
-    // Set header type
-    if (!content_type.empty())
-        request->SetHeaderValue(Aws::Http::CONTENT_TYPE_HEADER, ctype);
-
-    // Set body
-    if (!query.empty()) {
-        rabbit::object body;
-        body["query"] = query;
-        std::shared_ptr< Aws::StringStream > aws_ss =
-            Aws::MakeShared< Aws::StringStream >("RabbitStream");
-        *aws_ss << std::string(body.str());
-        request->AddContentBody(aws_ss);
-        request->SetContentLength(std::to_string(body.str().size()));
-    }
-
     // Issue request
     response = m_http_client->MakeRequest(request);
 }