diff --git a/tests/functional/oauth/test_jwt.py b/tests/functional/oauth/test_jwt.py index bd5177b13..fbe8e20e6 100644 --- a/tests/functional/oauth/test_jwt.py +++ b/tests/functional/oauth/test_jwt.py @@ -1,34 +1,6 @@ """ -The first time using an account for testing, you should run this: - -``` -CREATE OR REPLACE SECURITY INTEGRATION DBT_INTEGRATION_TEST_OAUTH - TYPE = OAUTH - ENABLED = TRUE - OAUTH_CLIENT = CUSTOM - OAUTH_CLIENT_TYPE = 'CONFIDENTIAL' - OAUTH_REDIRECT_URI = 'http://localhost:8080' - oauth_issue_refresh_tokens = true - OAUTH_ALLOW_NON_TLS_REDIRECT_URI = true - BLOCKED_ROLES_LIST = - oauth_refresh_token_validity = 7776000; -``` - - -Every month (or any amount <90 days): - -Run `select SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('DBT_INTEGRATION_TEST_OAUTH');` - -The only row/column of output should be a json blob, it goes (within single -quotes!) as the second argument to the server script: - -python scripts/werkzeug-refresh-token.py ${acount_name} '${json_blob}' - -Open http://localhost:8080 - -Log in as the test user, get a response page with some environment variables. -Update CI providers and test.env with the new values (If you kept the security -integration the same, just the refresh token changed) +Please follow the instructions in test_oauth.py for instructions on how to set up +the security integration required to retrieve a JWT from Snowflake. """ import pytest @@ -91,14 +63,18 @@ def access_token(self): @pytest.fixture(scope="class", autouse=True) def dbt_profile_target(self, access_token): + """A dbt_profile that has authenticator set to JWT, and token set to + a JWT accepted by Snowflake. Also omits the user, as the user attribute + is optional when the authenticator is set to JWT. + """ return { "type": "snowflake", "threads": 4, "account": os.getenv("SNOWFLAKE_TEST_ACCOUNT"), - "token": access_token, "database": os.getenv("SNOWFLAKE_TEST_DATABASE"), "warehouse": os.getenv("SNOWFLAKE_TEST_WAREHOUSE"), "authenticator": "jwt", + "token": access_token, } @pytest.fixture(scope="class")