Implement OAuth2RedirectUrlPort

Author: vikrantpuppala

src/main/java/com/databricks/jdbc/api/IDatabricksConnectionContext.java

@@ -181,6 +181,9 @@ public interface IDatabricksConnectionContext {
    */
   String getOAuthRefreshToken();
 
+  /** Returns the list of OAuth2 redirect URL ports used for OAuth authentication. */
+  List<Integer> getOAuth2RedirectUrlPorts();
+
   String getGcpAuthType() throws DatabricksParsingException;
 
   String getGoogleServiceAccount();

src/main/java/com/databricks/jdbc/api/impl/DatabricksConnectionContext.java

@@ -664,6 +664,27 @@ public String getOAuthRefreshToken() {
         getParameter(DatabricksJdbcUrlParams.OAUTH_REFRESH_TOKEN_2));
   }
 
+  @Override
+  public List<Integer> getOAuth2RedirectUrlPorts() {
+    String portsStr = getParameter(DatabricksJdbcUrlParams.OAUTH_REDIRECT_URL_PORT);
+
+    try {
+      // Parse comma-separated list of ports
+      return Arrays.stream(portsStr.split(","))
+          .map(String::trim)
+          .filter(s -> !s.isEmpty())
+          .map(Integer::parseInt)
+          .collect(Collectors.toList());
+    } catch (NumberFormatException e) {
+      LOGGER.warn(
+          "Invalid port format in OAuth2RedirectUrlPort: {}. Using default port {}.",
+          portsStr,
+          DatabricksJdbcUrlParams.OAUTH_REDIRECT_URL_PORT.getDefaultValue());
+      return List.of(
+          Integer.parseInt(DatabricksJdbcUrlParams.OAUTH_REDIRECT_URL_PORT.getDefaultValue()));
+    }
+  }
+
   @Override
   public Boolean getUseEmptyMetadata() {
     String param = getParameter(DatabricksJdbcUrlParams.USE_EMPTY_METADATA);

src/main/java/com/databricks/jdbc/common/DatabricksJdbcUrlParams.java

@@ -33,6 +33,7 @@ public enum DatabricksJdbcUrlParams {
   AUTH_FLOW("auth_flow", "Authentication flow"),
   OAUTH_REFRESH_TOKEN("Auth_RefreshToken", "OAuth2 Refresh Token"),
   OAUTH_REFRESH_TOKEN_2("OAuthRefreshToken", "OAuth2 Refresh Token"), // Same as OAUTH_REFRESH_TOKEN
+  OAUTH_REDIRECT_URL_PORT("OAuth2RedirectUrlPort", "OAuth2 Redirect URL port", "8020"),
   PWD("pwd", "Password (used when AUTH_MECH = 3)", true),
   POLL_INTERVAL("asyncexecpollinterval", "Async execution poll interval", "200"),
   HTTP_PATH("httppath", "HTTP path", true),

src/main/java/com/databricks/jdbc/dbclient/impl/common/ClientConfigurator.java

@@ -21,8 +21,12 @@
 import com.databricks.sdk.core.ProxyConfig;
 import com.databricks.sdk.core.commons.CommonsHttpClient;
 import com.databricks.sdk.core.utils.Cloud;
+import java.io.IOException;
+import java.net.ServerSocket;
 import java.security.cert.*;
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.List;
 import java.util.stream.Collectors;
 import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
 
@@ -129,17 +133,82 @@ public void setupOAuthConfig() throws DatabricksParsingException {
 
   /** Setup the OAuth U2M authentication settings in the databricks config. */
   public void setupU2MConfig() throws DatabricksParsingException {
+    int redirectPort = findAvailablePort(connectionContext.getOAuth2RedirectUrlPorts());
+    String redirectUrl = String.format("http://localhost:%d", redirectPort);
+
     databricksConfig
         .setAuthType(DatabricksJdbcConstants.U2M_AUTH_TYPE)
         .setHost(connectionContext.getHostForOAuth())
         .setClientId(connectionContext.getClientId())
         .setClientSecret(connectionContext.getClientSecret())
-        .setOAuthRedirectUrl(DatabricksJdbcConstants.U2M_AUTH_REDIRECT_URL);
+        .setOAuthRedirectUrl(redirectUrl);
+
+    LOGGER.info("Using OAuth redirect URL: {}", redirectUrl);
+
     if (!databricksConfig.isAzure()) {
       databricksConfig.setScopes(connectionContext.getOAuthScopesForU2M());
     }
   }
 
+  /**
+   * Finds the first available port from the provided list of ports. If a single port is provided,
+   * it tries incremental ports (port, port+1, port+2, etc.) If multiple ports are provided, it
+   * tries each port in the list.
+   *
+   * @param initialPorts List of ports to try
+   * @return The first available port
+   * @throws DatabricksException if no available port is found
+   */
+  int findAvailablePort(List<Integer> initialPorts) {
+    List<Integer> portsToTry;
+
+    // If single port provided, generate sequence of ports to try
+    if (initialPorts.size() == 1) {
+      int startPort = initialPorts.get(0);
+      int maxAttempts = 20;
+      portsToTry = new ArrayList<>(maxAttempts);
+      for (int i = 0; i < maxAttempts; i++) {
+        portsToTry.add(startPort + i);
+      }
+      LOGGER.debug(
+          "Single port provided ({}), will try ports {} through {}",
+          startPort,
+          startPort,
+          startPort + maxAttempts - 1);
+    } else {
+      portsToTry = initialPorts;
+      LOGGER.debug("Multiple ports provided, will try: {}", portsToTry);
+    }
+
+    // Try each port in the list
+    for (int port : portsToTry) {
+      if (isPortAvailable(port)) {
+        return port;
+      }
+      LOGGER.debug("Port {} is not available, trying next port", port);
+    }
+
+    // No available ports found
+    LOGGER.error("No available ports found among: {}", portsToTry);
+    throw new DatabricksException(
+        "No available port found for OAuth redirect URL. Tried ports: " + portsToTry);
+  }
+
+  /**
+   * Checks if a port is available by trying to open a server socket on it.
+   *
+   * @param port Port to check
+   * @return true if the port is available, false otherwise
+   */
+  boolean isPortAvailable(int port) {
+    try (ServerSocket serverSocket = new ServerSocket(port)) {
+      serverSocket.setReuseAddress(true);
+      return true;
+    } catch (IOException e) {
+      return false;
+    }
+  }
+
   /** Setup the PAT authentication settings in the databricks config. */
   public void setupAccessTokenConfig() throws DatabricksParsingException {
     databricksConfig

src/test/java/com/databricks/jdbc/api/impl/DatabricksConnectionContextTest.java

@@ -450,4 +450,48 @@ void testLogLevels() {
     assertEquals(getLogLevel(5), LogLevel.DEBUG);
     assertEquals(getLogLevel(6), LogLevel.TRACE);
   }
+
+  @Test
+  public void testGetOAuth2RedirectUrlPorts() throws DatabricksSQLException {
+    // Test default value
+    Properties props = new Properties();
+    DatabricksConnectionContext context =
+        (DatabricksConnectionContext)
+            DatabricksConnectionContext.parse(TestConstants.VALID_URL_1, props);
+    List<Integer> ports = context.getOAuth2RedirectUrlPorts();
+    assertEquals(1, ports.size());
+    assertEquals(8020, ports.get(0)); // Default value
+
+    // Test single port
+    props = new Properties();
+    props.setProperty("OAuth2RedirectUrlPort", "9090");
+    context =
+        (DatabricksConnectionContext)
+            DatabricksConnectionContext.parse(TestConstants.VALID_URL_1, props);
+    ports = context.getOAuth2RedirectUrlPorts();
+    assertEquals(1, ports.size());
+    assertEquals(9090, ports.get(0));
+
+    // Test multiple ports
+    props = new Properties();
+    props.setProperty("OAuth2RedirectUrlPort", "9090,9091,9092");
+    context =
+        (DatabricksConnectionContext)
+            DatabricksConnectionContext.parse(TestConstants.VALID_URL_1, props);
+    ports = context.getOAuth2RedirectUrlPorts();
+    assertEquals(3, ports.size());
+    assertEquals(9090, ports.get(0));
+    assertEquals(9091, ports.get(1));
+    assertEquals(9092, ports.get(2));
+
+    // Test invalid format - should fallback to default
+    props = new Properties();
+    props.setProperty("OAuth2RedirectUrlPort", "invalid");
+    context =
+        (DatabricksConnectionContext)
+            DatabricksConnectionContext.parse(TestConstants.VALID_URL_1, props);
+    ports = context.getOAuth2RedirectUrlPorts();
+    assertEquals(1, ports.size());
+    assertEquals(8020, ports.get(0)); // Default value when format is invalid
+  }
 }

src/test/java/com/databricks/jdbc/dbclient/impl/common/ClientConfiguratorTest.java

@@ -22,6 +22,7 @@
 import com.databricks.sdk.core.commons.CommonsHttpClient;
 import com.databricks.sdk.core.utils.Cloud;
 import java.io.IOException;
+import java.net.ServerSocket;
 import java.util.List;
 import java.util.Properties;
 import org.junit.jupiter.api.Test;
@@ -169,6 +170,7 @@ void getWorkspaceClient_OAuthWithBrowserBasedAuthentication_AuthenticatesCorrect
     when(mockContext.getClientSecret()).thenReturn("browser-client-secret");
     when(mockContext.getOAuthScopesForU2M()).thenReturn(List.of(new String[] {"scope1", "scope2"}));
     when(mockContext.getHttpConnectionPoolSize()).thenReturn(100);
+    when(mockContext.getOAuth2RedirectUrlPorts()).thenReturn(List.of(8020));
     configurator = new ClientConfigurator(mockContext);
     WorkspaceClient client = configurator.getWorkspaceClient();
     assertNotNull(client);
@@ -195,6 +197,7 @@ void getWorkspaceClient_OAuthWithBrowserBasedAuthentication_AuthenticatesCorrect
     when(mockContext.isOAuthDiscoveryModeEnabled()).thenReturn(true);
     when(mockContext.getOAuthDiscoveryURL()).thenReturn(TEST_DISCOVERY_URL);
     when(mockContext.getHttpConnectionPoolSize()).thenReturn(100);
+    when(mockContext.getOAuth2RedirectUrlPorts()).thenReturn(List.of(8020));
     configurator = new ClientConfigurator(mockContext);
     WorkspaceClient client = configurator.getWorkspaceClient();
     assertNotNull(client);
@@ -315,4 +318,120 @@ void setupM2MConfig_WithAzureTenantIdButNonAzureCloud_ThrowsException()
     verify(mockContext).getAzureTenantId();
     verify(mockContext, times(2)).getCloud();
   }
+
+  @Test
+  void testFindAvailablePort() throws Exception {
+    // Create a mockContext for the ClientConfigurator constructor
+    when(mockContext.getAuthMech()).thenReturn(AuthMech.PAT);
+    when(mockContext.getHostUrl()).thenReturn("https://test.databricks.com");
+    when(mockContext.getToken()).thenReturn("test-token");
+    when(mockContext.getHttpConnectionPoolSize()).thenReturn(100);
+    configurator = new ClientConfigurator(mockContext);
+
+    // Test with a single available port
+    int availablePort = findFreePort();
+    List<Integer> ports = List.of(availablePort);
+    int result = configurator.findAvailablePort(ports);
+    assertEquals(availablePort, result);
+
+    // Test with multiple ports, first unavailable
+    int secondAvailablePort = findFreePort();
+    try (ServerSocket serverSocket = new ServerSocket(availablePort)) {
+      serverSocket.setReuseAddress(true);
+      ports = List.of(availablePort, secondAvailablePort);
+      result = configurator.findAvailablePort(ports);
+      assertEquals(secondAvailablePort, result);
+    }
+
+    // Test incremental search - first port unavailable, second available
+    try (ServerSocket serverSocket = new ServerSocket(availablePort)) {
+      serverSocket.setReuseAddress(true);
+      ports = List.of(availablePort);
+      result = configurator.findAvailablePort(ports);
+      assertEquals(availablePort + 1, result);
+    }
+  }
+
+  @Test
+  void testFindAvailablePortThrowsExceptionWhenNoPortsAvailable() throws Exception {
+    // Create a mockContext for the ClientConfigurator constructor
+    when(mockContext.getAuthMech()).thenReturn(AuthMech.PAT);
+    when(mockContext.getHostUrl()).thenReturn("https://test.databricks.com");
+    when(mockContext.getToken()).thenReturn("test-token");
+    when(mockContext.getHttpConnectionPoolSize()).thenReturn(100);
+    configurator = new ClientConfigurator(mockContext);
+
+    // Use a port that is likely to be available
+    int port1 = findFreePort();
+    int port2 = findFreePort();
+    if (port1 == port2) {
+      port2 = port1 + 1;
+    }
+
+    // Occupy the ports to make them unavailable
+    try (ServerSocket socket1 = new ServerSocket(port1);
+        ServerSocket socket2 = new ServerSocket(port2)) {
+      socket1.setReuseAddress(true);
+      socket2.setReuseAddress(true);
+
+      // First test with multiple specified ports
+      List<Integer> unavailablePorts = List.of(port1, port2);
+      DatabricksException exception =
+          assertThrows(
+              DatabricksException.class, () -> configurator.findAvailablePort(unavailablePorts));
+      assertTrue(exception.getMessage().contains("No available port found"));
+
+      // Now test with single port and verify it tries incremental ports
+      // We need to create a subclass to control isPortAvailable behavior
+      ClientConfigurator testConfigurator =
+          new ClientConfigurator(mockContext) {
+            @Override
+            protected boolean isPortAvailable(int port) {
+              return false; // All ports are unavailable
+            }
+          };
+
+      exception =
+          assertThrows(
+              DatabricksException.class, () -> testConfigurator.findAvailablePort(List.of(port1)));
+      assertTrue(exception.getMessage().contains("No available port found"));
+    }
+  }
+
+  /** Utility method to find a free port */
+  private int findFreePort() {
+    try (ServerSocket socket = new ServerSocket(0)) {
+      socket.setReuseAddress(true);
+      return socket.getLocalPort();
+    } catch (IOException e) {
+      throw new RuntimeException("Failed to find free port", e);
+    }
+  }
+
+  @Test
+  void getWorkspaceClient_OAuthWithBrowserBasedAuthentication_SetsCustomRedirectUrl()
+      throws Exception {
+    // We'll mock getOAuth2RedirectUrlPorts to return a predefined list
+    int testPort = findFreePort();
+    when(mockContext.getAuthMech()).thenReturn(AuthMech.OAUTH);
+    when(mockContext.getAuthFlow()).thenReturn(AuthFlow.BROWSER_BASED_AUTHENTICATION);
+    when(mockContext.getHostForOAuth()).thenReturn("https://oauth-browser.databricks.com");
+    when(mockContext.getClientId()).thenReturn("browser-client-id");
+    when(mockContext.getClientSecret()).thenReturn("browser-client-secret");
+    when(mockContext.getOAuthScopesForU2M()).thenReturn(List.of(new String[] {"scope1", "scope2"}));
+    when(mockContext.getOAuth2RedirectUrlPorts()).thenReturn(List.of(testPort));
+    when(mockContext.getHttpConnectionPoolSize()).thenReturn(100);
+
+    configurator = new ClientConfigurator(mockContext);
+    WorkspaceClient client = configurator.getWorkspaceClient();
+    assertNotNull(client);
+    DatabricksConfig config = client.config();
+
+    assertEquals("https://oauth-browser.databricks.com", config.getHost());
+    assertEquals("browser-client-id", config.getClientId());
+    assertEquals("browser-client-secret", config.getClientSecret());
+    assertEquals(List.of(new String[] {"scope1", "scope2"}), config.getScopes());
+    assertEquals("http://localhost:" + testPort, config.getOAuthRedirectUrl());
+    assertEquals(DatabricksJdbcConstants.U2M_AUTH_TYPE, config.getAuthType());
+  }
 }