fix: OBO auth + SQL warehouse auto-detection for Databricks Apps

- Fix middleware to read user token from x-forwarded-access-token header
  (not Authorization), per Databricks Apps auth docs
- Force auth_type="pat" in OBO client to prevent SDK from preferring
  oauth-m2m when DATABRICKS_CLIENT_ID is set in environment
- Add SQL warehouse auto-detection: if SQL_WAREHOUSE_ID is not set,
  discover a running Pro/Serverless warehouse the user has access to
- Update app.yaml to pull SQL_WAREHOUSE_ID from app resource via valueFrom
- Add structured logging to middleware showing OBO vs SP auth path
- Remove frontend/dist/ from git tracking (build artifact, deployed via sync)
- Improve error messages for missing warehouse access

Author: sean-zhang-dbx

.databricksignore

@@ -51,5 +51,20 @@ README.md
 .venv/
 venv/
 
-# MLflow local runs
+# MLflow local runs and database
 mlruns/
+mlflow.db
+
+# Other non-runtime files
+*.md
+!backend/references/schema.md
+CODEOWNERS.txt
+LICENSE.md
+NOTICE.md
+SECURITY.md
+notebooks/
+scripts/
+sql/
+.databricks/
+.gitleaksignore
+.gitignore

.gitignore

@@ -20,7 +20,9 @@ __pycache__/
 .Python
 build/
 develop-eggs/
-# NOTE: dist/ is NOT ignored because frontend/dist/ needs to be deployed
+# frontend/dist/ is ignored in git (build artifact) but NOT in .databricksignore
+# so it still gets synced to the workspace for deployment.
+frontend/dist/
 # The .databricksignore file controls what gets synced to Databricks Apps
 downloads/
 eggs/
@@ -209,13 +211,14 @@ sketch
 
 **/uv.lock
 **/mlruns/
+mlflow.db
 **/.vite/
 **/.databricks
 **/.claude
 **/.env.local
 
 # Frontend build artifacts (Vite)
-# NOTE: frontend/dist/ is NOT ignored - it must be deployed to Databricks Apps
+# frontend/dist/ is deployed via databricks sync (not git)
 **/dist-ssr/
 
 # Frontend debug logs

.gitleaksignore

@@ -1,3 +1,6 @@
-frontend/dist/assets/index-CZvr7nrv.js:vault-service-token:8
-frontend/dist/assets/index-BEGK0X5-.js:vault-service-token:8
-frontend/dist/assets/index-DfyblZUj.js:vault-service-token:8
+# False positives from Vite-bundled React build artifacts (minified JS)
+dba8a46670f71554d7c6f85b8156c6ff8b927154:frontend/dist/assets/index-DfyblZUj.js:vault-service-token:8
+dba8a46670f71554d7c6f85b8156c6ff8b927154:frontend/dist/assets/index-BEGK0X5-.js:vault-service-token:8
+faff5e63c36691d4cd42c63cdd9c47c7a6e0fc71:frontend/dist/assets/index-BEGK0X5-.js:vault-service-token:8
+faff5e63c36691d4cd42c63cdd9c47c7a6e0fc71:frontend/dist/assets/index-Dkgq7VUt.js:vault-service-token:8
+fa428d65a8d509b4b544de096ccbcff4ef4a3d1a:frontend/dist/assets/index-Dkgq7VUt.js:vault-service-token:8

app.yaml

@@ -38,10 +38,12 @@ env:
     value: "databricks-claude-sonnet-4-6"
 
   # ---------------------------------------------------------------------------
-  # SQL Warehouse (required for GenieIQ benchmark execution)
+  # SQL Warehouse — pulled from the app resource named "sql-warehouse".
+  # Configure the warehouse resource in the Databricks Apps UI.
+  # Falls back to auto-detect if empty.
   # ---------------------------------------------------------------------------
   - name: SQL_WAREHOUSE_ID
-    value: ""  # Required: your SQL warehouse ID
+    valueFrom: sql-warehouse
 
   # ---------------------------------------------------------------------------
   # Genie Space target directory (where new spaces are created)

backend/genie_creator.py

@@ -308,8 +308,8 @@ def create_genie_space(
     warehouse_id = get_sql_warehouse_id()
     if not warehouse_id:
         raise ValueError(
-            "SQL_WAREHOUSE_ID must be configured to create Genie Spaces. "
-            "Set it to your SQL Warehouse ID."
+            "No SQL warehouse available. Ensure you have access to at least "
+            "one running Pro or Serverless SQL warehouse."
         )
 
     t0 = _time.monotonic()

backend/main.py

@@ -65,14 +65,51 @@ def _validate_mlflow_experiment() -> bool:
 from starlette.requests import Request
 from starlette.responses import Response
 
-from backend.services.auth import is_running_on_databricks_apps
+from backend.services.auth import is_running_on_databricks_apps, set_obo_user_token, clear_obo_user_token
 from backend.routers.analysis import router as analysis_router
 from backend.routers.spaces import router as spaces_router
 from backend.routers.admin import router as admin_router
 from backend.routers.auth import router as auth_router
 from backend.routers.create import router as create_router
 
 
+class OBOAuthMiddleware(BaseHTTPMiddleware):
+    """Extract the user's access token and set a per-request OBO client.
+
+    On Databricks Apps the platform forwards the user's OAuth token in the
+    ``x-forwarded-access-token`` header (NOT the standard Authorization
+    header).  We store it in a ContextVar so that every
+    ``get_workspace_client()`` call in the request path returns a client
+    authenticated as the user — not the service principal.
+
+    Ref: https://docs.databricks.com/aws/en/dev-tools/databricks-apps/auth#user-authorization
+
+    For streaming endpoints (SSE), the ContextVar is NOT cleared after
+    ``call_next`` because the response body streams lazily. Instead,
+    streaming handlers must call ``set_obo_user_token`` themselves from
+    within the generator (the token is stashed on ``request.state``).
+    """
+
+    async def dispatch(self, request: Request, call_next) -> Response:
+        if request.url.path.startswith("/api/"):
+            token = request.headers.get("x-forwarded-access-token", "")
+            if token:
+                set_obo_user_token(token)
+                logger.info("OBO: using user token for %s", request.url.path)
+            else:
+                logger.info("OBO: no x-forwarded-access-token, using SP for %s", request.url.path)
+            request.state.user_token = token
+        else:
+            request.state.user_token = ""
+
+        response = await call_next(request)
+
+        is_streaming = getattr(response, "media_type", "") == "text/event-stream"
+        if not is_streaming:
+            clear_obo_user_token()
+        return response
+
+
 class SecurityHeadersMiddleware(BaseHTTPMiddleware):
     """Add security headers to all responses."""
 
@@ -99,6 +136,7 @@ async def dispatch(self, request: Request, call_next) -> Response:
         logger.warning(f"MLflow git-based version tracking not configured: {e}")
 
 app.add_middleware(SecurityHeadersMiddleware)
+app.add_middleware(OBOAuthMiddleware)
 
 if not is_running_on_databricks_apps():
     app.add_middleware(

backend/routers/create.py

@@ -3,7 +3,7 @@
 """
 import json
 import logging
-from fastapi import APIRouter, HTTPException
+from fastapi import APIRouter, HTTPException, Request
 from fastapi.responses import StreamingResponse
 from pydantic import BaseModel, Field
 
@@ -122,7 +122,7 @@ class AgentChatRequest(BaseModel):
 
 
 @router.post("/agent/chat")
-async def agent_chat(body: AgentChatRequest):
+async def agent_chat(body: AgentChatRequest, request: Request):
     """Conversational endpoint for the Create Genie agent.
 
     Returns a streaming SSE response with typed events:
@@ -138,6 +138,7 @@ async def agent_chat(body: AgentChatRequest):
     from backend.services.create_agent_session import (
         create_session, get_session_async, persist_session,
     )
+    from backend.services.auth import set_obo_user_token, clear_obo_user_token
 
     agent = get_create_agent()
 
@@ -152,12 +153,21 @@ async def agent_chat(body: AgentChatRequest):
     if body.selections:
         user_message += f"\n\n[User selections: {json.dumps(body.selections)}]"
 
+    # Capture the user token so the streaming generator can re-establish
+    # the OBO context (ContextVars don't propagate into async generators
+    # that outlive the middleware's call_next).
+    user_token = getattr(request.state, "user_token", "")
+
     async def event_stream():
-        yield _sse_event("session", {"session_id": session.session_id})
-        async for event in agent.chat(session, user_message):
-            yield _sse_event(event["event"], event["data"])
-        # Persist session to Lakebase after the turn completes
-        await persist_session(session)
+        if user_token:
+            set_obo_user_token(user_token)
+        try:
+            yield _sse_event("session", {"session_id": session.session_id})
+            async for event in agent.chat(session, user_message):
+                yield _sse_event(event["event"], event["data"])
+            await persist_session(session)
+        finally:
+            clear_obo_user_token()
 
     return StreamingResponse(
         event_stream(),

backend/services/auth.py

@@ -1,34 +1,71 @@
 """
 Authentication utilities for Databricks Apps deployment.
 
-Uses service principal authentication when running on Databricks Apps,
-and falls back to PAT token or CLI authentication for local development.
+On Databricks Apps, uses OBO (On Behalf Of) — each request creates a
+WorkspaceClient with the user's forwarded token so all SDK calls (SQL,
+UC, serving endpoints) execute under the user's identity and permissions.
+
+Locally, falls back to PAT token or CLI profile (singleton client).
 """
 
 import logging
 import os
+from contextvars import ContextVar
 
 from databricks.sdk import WorkspaceClient
+from databricks.sdk.config import Config
 
 logger = logging.getLogger(__name__)
 
-# Singleton client — avoids re-reading ~/.databrickscfg on every call
+# Singleton client for local dev (or fallback when no user token is available)
 _client: WorkspaceClient | None = None
 _auth_logged = False
 
+# Per-request OBO client stored in a context variable
+_obo_client: ContextVar[WorkspaceClient | None] = ContextVar("_obo_client", default=None)
+
 
 def is_running_on_databricks_apps() -> bool:
     """Check if running on Databricks Apps (vs local development)."""
     return os.environ.get("DATABRICKS_APP_PORT") is not None
 
 
-def get_workspace_client() -> WorkspaceClient:
-    """Get a cached Databricks WorkspaceClient with appropriate authentication.
+def set_obo_user_token(token: str) -> None:
+    """Set the user's OBO token for the current request context.
 
-    The client is created once and reused for the lifetime of the process.
-    On Databricks Apps it uses the service principal; locally it uses
-    PAT token or CLI profile.
+    Call this from middleware/dependencies with the user's Authorization
+    header value. Creates a per-request WorkspaceClient that authenticates
+    as the user.
+
+    We must explicitly set ``auth_type="pat"`` because the Databricks Apps
+    environment has DATABRICKS_CLIENT_ID / DATABRICKS_CLIENT_SECRET set,
+    and the SDK would otherwise use oauth-m2m instead of the user's token.
     """
+    host = os.environ.get("DATABRICKS_HOST", "")
+    if not host:
+        default = _get_default_client()
+        host = default.config.host or ""
+
+    cfg = Config(
+        host=host,
+        token=token,
+        auth_type="pat",
+        # Prevent the SDK from reading env vars that would override the token
+        client_id=None,
+        client_secret=None,  # gitleaks:allow
+    )
+    client = WorkspaceClient(config=cfg)
+    _obo_client.set(client)
+    logger.debug("OBO client set for current request (host=%s, auth=%s)", host, cfg.auth_type)
+
+
+def clear_obo_user_token() -> None:
+    """Clear the per-request OBO client after the request completes."""
+    _obo_client.set(None)
+
+
+def _get_default_client() -> WorkspaceClient:
+    """Get the default singleton client (SP on Apps, CLI/PAT locally)."""
     global _client, _auth_logged
 
     if _client is None:
@@ -61,15 +98,27 @@ def get_workspace_client() -> WorkspaceClient:
     return _client
 
 
+def get_workspace_client() -> WorkspaceClient:
+    """Get the WorkspaceClient for the current context.
+
+    Returns the OBO (per-user) client if set, otherwise the default
+    singleton. This ensures all SDK calls in the request path use the
+    user's credentials when running on Databricks Apps.
+    """
+    obo = _obo_client.get()
+    if obo is not None:
+        return obo
+    return _get_default_client()
+
+
 def get_databricks_host() -> str:
     """Get the Databricks workspace host URL (without trailing slash)."""
-    client = get_workspace_client()
+    client = _get_default_client()
     host = client.config.host
     return host.rstrip("/") if host else ""
 
 
 def get_llm_api_key() -> str:
     """Get the API key for LLM serving endpoints."""
-    if is_running_on_databricks_apps():
-        return get_workspace_client().config.token or ""
-    return os.environ.get("DATABRICKS_TOKEN", "")
+    client = get_workspace_client()
+    return client.config.token or os.environ.get("DATABRICKS_TOKEN", "")