Fix tests

Author: dprophet

README.md

@@ -252,7 +252,7 @@ The OAuth2 token will be cached either per `trino.auth.OAuth2Authentication` ins
     from trino.auth import OAuth2Authentication
 
     engine = create_engine(
-    "trino://<username>@<host>:<port>/<catalog>",
+        "trino://<username>@<host>:<port>/<catalog>",
         connect_args={
             "auth": OAuth2Authentication(),
             "http_scheme": "https",
@@ -262,156 +262,84 @@ The OAuth2 token will be cached either per `trino.auth.OAuth2Authentication` ins
 
 #### Client Credentials authentication
 
-The `ClientCredentials` class enables service-to-service authentication using standard OAuth2 Client Credentials flow.
-
-- DBAPI
-
-export KEYRING_CRYPTFILE_PASSWORD=password123
-
-    ```python
-    from trino.dbapi import connect
-    from trino.auth import ClientCredentials, OidcConfig
-
-    conn = connect(
-        user="<username>",
-        auth=ClientCredentials(
-            client_id="<client_id>",
-            client_secret="<client_secret>",
-            url_config=OidcConfig(oidc_discovery_url="<oidc_discovery_url>")
-        ),
-        http_scheme="https",
-        ...
-    )
-    ```
-
-    Or using manual URLs:
-
-    ```python
-    from trino.dbapi import connect
-    from trino.auth import ClientCredentials, ManualUrlsConfig
-
-    conn = connect(
-        user="<username>",
-        auth=ClientCredentials(
-            client_id="<client_id>",
-            client_secret="<client_secret>",
-            url_config=ManualUrlsConfig(token_endpoint="<token_endpoint>")
-        ),
-        http_scheme="https",
-        ...
-    )
-    ```
-
-    With optional `scope` and `audience`:
-
-    ```python
-    from trino.dbapi import connect
-    from trino.auth import ClientCredentials, OidcConfig
+```python
+from trino.dbapi import connect
+from trino.auth import ClientCredentials
+from trino.oauth2.models import OidcConfig
+
+auth = ClientCredentials(
+    client_id="<client_id>",
+    client_secret="<client_secret>",
+    url_config=OidcConfig(
+        token_endpoint="<token_endpoint>",
+        # other endpoints if needed
+    ),
+    scope="<number of scopes>", # optional
+    audience="<audience>", # optional
+)
 
-    conn = connect(
-        user="<username>",
-        auth=ClientCredentials(
-            client_id="<client_id>",
-            client_secret="<client_secret>",
-            scope="<scope>",
-            audience="<audience>",
-            url_config=OidcConfig(oidc_discovery_url="<oidc_discovery_url>")
-        ),
-        http_scheme="https",
-        ...
-    )
-    ```
+conn = connect(
+    user="<username>",
+    auth=auth,
+    http_scheme="https",
+    ...
+)
+```
 
 #### Device Code authentication
 
-The `DeviceCode` class enables authentication on devices with limited input capabilities using OAuth2 Device Code flow.
-This flow prints tries to open an browser to the URL but it will also fall back and print the verification code and
-a URL to visit on another device to authenticate.
-
-- DBAPI
-
-export KEYRING_CRYPTFILE_PASSWORD=password123
-
-    ```python
-    from trino.dbapi import connect
-    from trino.auth import DeviceCode, OidcConfig
-
-    conn = connect(
-        user="<username>",
-        auth=DeviceCode(
-            client_id="<client_id>",
-            client_secret="<client_secret>",
-            url_config=OidcConfig(oidc_discovery_url="<oidc_discovery_url>")
-        ),
-        http_scheme="https",
-        ...
-    )
-    ```
-
-    With optional `scope` and `audience`:
-
-    ```python
-    from trino.dbapi import connect
-    from trino.auth import DeviceCode, OidcConfig
+```python
+from trino.dbapi import connect
+from trino.auth import DeviceCode
+from trino.oauth2.models import OidcConfig
+
+auth = DeviceCode(
+    client_id="<client_id>",
+    url_config=OidcConfig(
+        token_endpoint="<token_endpoint>",
+        device_authorization_endpoint="<device_authorization_endpoint>",
+    ),
+    scope="<scope>", # optional
+    audience="<audience>", # optional
+)
 
-    conn = connect(
-        user="<username>",
-        auth=DeviceCode(
-            client_id="<client_id>",
-            client_secret="<client_secret>",
-            scope="<scope>",
-            audience="<audience>",
-            url_config=OidcConfig(oidc_discovery_url="<oidc_discovery_url>")
-        ),
-        http_scheme="https",
-        ...
-    )
-    ```
+conn = connect(
+    user="<username>",
+    auth=auth,
+    http_scheme="https",
+    ...
+)
+```
 
 #### Authorization Code authentication
 
-The `AuthorizationCode` class enables the standard OAuth2 Authorization Code flow.
-
-- DBAPI
-
-export KEYRING_CRYPTFILE_PASSWORD=password123
-
-    ```python
-    from trino.dbapi import connect
-    from trino.auth import AuthorizationCode, OidcConfig
-
-    conn = connect(
-        user="<username>",
-        auth=AuthorizationCode(
-            client_id="<client_id>",
-            client_secret="<client_secret>",
-            url_config=OidcConfig(oidc_discovery_url="<oidc_discovery_url>")
-        ),
-        http_scheme="https",
-        ...
-    )
-    ```
-
-    With optional `scope` and `audience`:
+```python
+from trino.dbapi import connect
+from trino.auth import AuthorizationCode
+from trino.oauth2.models import OidcConfig
+
+auth = AuthorizationCode(
+    client_id="<client_id>",
+    client_secret="<client_secret>", # optional
+    url_config=OidcConfig(
+        token_endpoint="<token_endpoint>",
+        authorization_endpoint="<authorization_endpoint>",
+    ),
+    scope="<scope>", # optional
+    audience="<audience>", # optional
+)
 
-    ```python
-    from trino.dbapi import connect
-    from trino.auth import AuthorizationCode, OidcConfig
+conn = connect(
+    user="<username>",
+    auth=auth,
+    http_scheme="https",
+    ...
+)
+```
 
-    conn = connect(
-        user="<username>",
-        auth=AuthorizationCode(
-            client_id="<client_id>",
-            client_secret="<client_secret>",
-            scope="<scope>",
-            audience="<audience>",
-            url_config=OidcConfig(oidc_discovery_url="<oidc_discovery_url>")
-        ),
-        http_scheme="https",
-        ...
-    )
-    ```
+### Reference
 
+For further details, please consult [Trino documentation](https://trino.io/docs/current).
 
 ### Secure Token Storage
 

tests/unit/oauth_test_utils.py

@@ -150,3 +150,54 @@ def get_token_callback(self, request, uri, response_headers):
         if challenge.attempts == 0:
             return [200, response_headers, f'{{"token": "{challenge.token}"}}']
         return [200, response_headers, f'{{"nextUri": "{uri}"}}']
+
+
+import keyring.backend
+
+
+class MockKeyring(keyring.backend.KeyringBackend):
+    priority = 1
+
+    def __init__(self):
+        self.file_location = self._generate_test_root_dir()
+
+    @staticmethod
+    def _generate_test_root_dir():
+        import tempfile
+
+        return tempfile.mkdtemp(prefix="trino-python-client-unit-test-")
+
+    def _get_file_path(self, servicename, username):
+        from os.path import join
+
+        file_location = self.file_location
+        file_name = f"{servicename}_{username}.txt"
+        return join(file_location, file_name)
+
+    def set_password(self, servicename, username, password):
+        file_path = self._get_file_path(servicename, username)
+
+        with open(file_path, "w") as file:
+            file.write(password)
+
+    def get_password(self, servicename, username):
+        import os
+
+        file_path = self._get_file_path(servicename, username)
+        if not os.path.exists(file_path):
+            return None
+
+        with open(file_path, "r") as file:
+            password = file.read()
+
+        return password
+
+    def delete_password(self, servicename, username):
+        import os
+
+        file_path = self._get_file_path(servicename, username)
+        if not os.path.exists(file_path):
+            return None
+
+        os.remove(file_path)
+

tests/unit/test_client.py

@@ -47,6 +47,7 @@
 from tests.unit.oauth_test_utils import RedirectHandlerWithException
 from tests.unit.oauth_test_utils import SERVER_ADDRESS
 from tests.unit.oauth_test_utils import TOKEN_RESOURCE
+from tests.unit.oauth_test_utils import MockKeyring
 from trino import __version__
 from trino import constants
 from trino.auth import _OAuth2KeyRingTokenCache
@@ -1406,47 +1407,3 @@ def test_store_long_password(self):
         retrieved_password = cache.get_token_from_cache(host)
         self.assertEqual(long_password, retrieved_password)
 
-
-class MockKeyring(keyring.backend.KeyringBackend):
-    def __init__(self):
-        self.file_location = self._generate_test_root_dir()
-
-    @staticmethod
-    def _generate_test_root_dir():
-        import tempfile
-
-        return tempfile.mkdtemp(prefix="trino-python-client-unit-test-")
-
-    def file_path(self, servicename, username):
-        from os.path import join
-
-        file_location = self.file_location
-        file_name = f"{servicename}_{username}.txt"
-        return join(file_location, file_name)
-
-    def set_password(self, servicename, username, password):
-        file_path = self.file_path(servicename, username)
-
-        with open(file_path, "w") as file:
-            file.write(password)
-
-    def get_password(self, servicename, username):
-        import os
-
-        file_path = self.file_path(servicename, username)
-        if not os.path.exists(file_path):
-            return None
-
-        with open(file_path, "r") as file:
-            password = file.read()
-
-        return password
-
-    def delete_password(self, servicename, username):
-        import os
-
-        file_path = self.file_path(servicename, username)
-        if not os.path.exists(file_path):
-            return None
-
-        os.remove(file_path)

tests/unit/test_dbapi.py

@@ -15,6 +15,7 @@
 
 import httpretty
 import pytest
+import keyring
 from httpretty import httprettified
 from requests import Session
 
@@ -26,6 +27,7 @@
 from tests.unit.oauth_test_utils import RedirectHandler
 from tests.unit.oauth_test_utils import SERVER_ADDRESS
 from tests.unit.oauth_test_utils import TOKEN_RESOURCE
+from tests.unit.oauth_test_utils import MockKeyring
 from trino import constants
 from trino.auth import OAuth2Authentication
 from trino.dbapi import connect
@@ -58,8 +60,15 @@ def test_http_session_is_defaulted_when_not_specified(mock_client):
     assert mock_client.TrinoRequest.http.Session.return_value in request_args
 
 
+@pytest.fixture
+def mock_keyring():
+    mk = MockKeyring()
+    keyring.set_keyring(mk)
+    return mk
+
+
 @httprettified
-def test_token_retrieved_once_per_auth_instance(sample_post_response_data, sample_get_response_data):
+def test_token_retrieved_once_per_auth_instance(mock_keyring, sample_post_response_data, sample_get_response_data):
     token = str(uuid.uuid4())
     challenge_id = str(uuid.uuid4())
 
@@ -123,7 +132,7 @@ def test_token_retrieved_once_per_auth_instance(sample_post_response_data, sampl
 
 
 @httprettified
-def test_token_retrieved_once_when_authentication_instance_is_shared(sample_post_response_data,
+def test_token_retrieved_once_when_authentication_instance_is_shared(mock_keyring, sample_post_response_data,
                                                                      sample_get_response_data):
     token = str(uuid.uuid4())
     challenge_id = str(uuid.uuid4())
@@ -189,7 +198,7 @@ def test_token_retrieved_once_when_authentication_instance_is_shared(sample_post
 
 
 @httprettified
-def test_token_retrieved_once_when_multithreaded(sample_post_response_data, sample_get_response_data):
+def test_token_retrieved_once_when_multithreaded(mock_keyring, sample_post_response_data, sample_get_response_data):
     token = str(uuid.uuid4())
     challenge_id = str(uuid.uuid4())