diff --git a/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java b/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java index 23fd990b9..35127219c 100644 --- a/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java +++ b/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java @@ -796,18 +796,6 @@ private OpenIDConnectEndpoints fetchDefaultOidcEndpoints() throws IOException { if (getHostType() == HostType.UNIFIED) { return getUnifiedOidcEndpoints(getAccountId()); } - - if (isAzure() && getAzureClientId() != null) { - Request request = new Request("GET", getHost() + "/oidc/oauth2/v2.0/authorize"); - request.setRedirectionBehavior(false); - Response resp = getHttpClient().execute(request); - String realAuthUrl = resp.getFirstHeader("location"); - if (realAuthUrl == null) { - return null; - } - return new OpenIDConnectEndpoints( - realAuthUrl.replaceAll("/authorize", "/token"), realAuthUrl); - } if (isAccountClient() && getAccountId() != null) { String prefix = getHost() + "/oidc/accounts/" + getAccountId(); return new OpenIDConnectEndpoints(prefix + "/v1/token", prefix + "/v1/authorize"); diff --git a/databricks-sdk-java/src/test/java/com/databricks/sdk/integration/DatabricksOidcAccountIT.java b/databricks-sdk-java/src/test/java/com/databricks/sdk/integration/DatabricksOidcAccountIT.java new file mode 100644 index 000000000..6e7f31e66 --- /dev/null +++ b/databricks-sdk-java/src/test/java/com/databricks/sdk/integration/DatabricksOidcAccountIT.java @@ -0,0 +1,73 @@ +package com.databricks.sdk.integration; + +import com.databricks.sdk.AccountClient; +import com.databricks.sdk.core.DatabricksConfig; +import com.databricks.sdk.integration.framework.EnvContext; +import com.databricks.sdk.integration.framework.EnvOrSkip; +import com.databricks.sdk.integration.framework.EnvTest; +import com.databricks.sdk.service.iam.ListAccountServicePrincipalsRequest; +import com.databricks.sdk.service.iam.ServicePrincipal; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@ExtendWith(EnvTest.class) +@EnvContext("account") +public class DatabricksOidcAccountIT { + private static final Logger LOG = LoggerFactory.getLogger(DatabricksOidcAccountIT.class); + + @Test + void testAccountOAuthM2MAuth( + @EnvOrSkip("CLOUD_ENV") String cloudEnv, + @EnvOrSkip("DATABRICKS_HOST") String host, + @EnvOrSkip("DATABRICKS_ACCOUNT_ID") String accountId, + @EnvOrSkip("TEST_DATABRICKS_CLIENT_ID") String clientId, + @EnvOrSkip("TEST_DATABRICKS_CLIENT_SECRET") String clientSecret) { + LOG.info("Cloud environment: {}", cloudEnv); + + // Create account client with OAuth M2M authentication + DatabricksConfig config = + new DatabricksConfig() + .setHost(host) + .setAccountId(accountId) + .setClientId(clientId) + .setClientSecret(clientSecret) + .setAuthType("oauth-m2m"); + + AccountClient ac = new AccountClient(config); + + // List service principals to verify authentication works + Iterable servicePrincipals = + ac.servicePrincipals().list(new ListAccountServicePrincipalsRequest()); + servicePrincipals.iterator().next(); + } + + @Test + void testAccountAzureClientSecretAuth( + @EnvOrSkip("CLOUD_ENV") String cloudEnv, + @EnvOrSkip("DATABRICKS_HOST") String host, + @EnvOrSkip("DATABRICKS_ACCOUNT_ID") String accountId, + @EnvOrSkip("ARM_CLIENT_ID") String azureClientId, + @EnvOrSkip("ARM_CLIENT_SECRET") String azureClientSecret, + @EnvOrSkip("ARM_TENANT_ID") String azureTenantId) { + LOG.info("Cloud environment: {}", cloudEnv); + + // Create account client with Azure client secret authentication + DatabricksConfig config = + new DatabricksConfig() + .setHost(host) + .setAccountId(accountId) + .setAzureClientId(azureClientId) + .setAzureClientSecret(azureClientSecret) + .setAzureTenantId(azureTenantId) + .setAuthType("azure-client-secret"); + + AccountClient ac = new AccountClient(config); + + // List service principals to verify authentication works + Iterable servicePrincipals = + ac.servicePrincipals().list(new ListAccountServicePrincipalsRequest()); + servicePrincipals.iterator().next(); + } +} diff --git a/databricks-sdk-java/src/test/java/com/databricks/sdk/integration/DatabricksOidcWorkspaceIT.java b/databricks-sdk-java/src/test/java/com/databricks/sdk/integration/DatabricksOidcWorkspaceIT.java new file mode 100644 index 000000000..e81fd90c6 --- /dev/null +++ b/databricks-sdk-java/src/test/java/com/databricks/sdk/integration/DatabricksOidcWorkspaceIT.java @@ -0,0 +1,72 @@ +package com.databricks.sdk.integration; + +import static org.junit.jupiter.api.Assertions.assertNotNull; + +import com.databricks.sdk.WorkspaceClient; +import com.databricks.sdk.core.DatabricksConfig; +import com.databricks.sdk.integration.framework.EnvContext; +import com.databricks.sdk.integration.framework.EnvOrSkip; +import com.databricks.sdk.integration.framework.EnvTest; +import com.databricks.sdk.service.iam.User; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.ExtendWith; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@ExtendWith(EnvTest.class) +@EnvContext("ucws") +public class DatabricksOidcWorkspaceIT { + private static final Logger LOG = LoggerFactory.getLogger(DatabricksOidcWorkspaceIT.class); + + @Test + void testWorkspaceOAuthM2MAuth( + @EnvOrSkip("CLOUD_ENV") String cloudEnv, + @EnvOrSkip("DATABRICKS_HOST") String host, + @EnvOrSkip("TEST_DATABRICKS_CLIENT_ID") String clientId, + @EnvOrSkip("TEST_DATABRICKS_CLIENT_SECRET") String clientSecret) { + LOG.info("Cloud environment: {}", cloudEnv); + + // Create workspace client with OAuth M2M authentication + DatabricksConfig config = + new DatabricksConfig() + .setHost(host) + .setClientId(clientId) + .setClientSecret(clientSecret) + .setAuthType("oauth-m2m"); + + WorkspaceClient ws = new WorkspaceClient(config); + + // Call the "me" API + User me = ws.currentUser().me(); + + // Verify we got a valid response + assertNotNull(me.getUserName(), "Expected non-empty UserName"); + } + + @Test + void testWorkspaceAzureClientSecretAuth( + @EnvOrSkip("CLOUD_ENV") String cloudEnv, + @EnvOrSkip("DATABRICKS_HOST") String host, + @EnvOrSkip("ARM_CLIENT_ID") String azureClientId, + @EnvOrSkip("ARM_CLIENT_SECRET") String azureClientSecret, + @EnvOrSkip("ARM_TENANT_ID") String azureTenantId) { + LOG.info("Cloud environment: {}", cloudEnv); + + // Create workspace client with Azure client secret authentication + DatabricksConfig config = + new DatabricksConfig() + .setHost(host) + .setAzureClientId(azureClientId) + .setAzureClientSecret(azureClientSecret) + .setAzureTenantId(azureTenantId) + .setAuthType("azure-client-secret"); + + WorkspaceClient ws = new WorkspaceClient(config); + + // Call the "me" API + User me = ws.currentUser().me(); + + // Verify we got a valid response + assertNotNull(me.getUserName(), "Expected non-empty UserName"); + } +}