You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2020/08/19 23:37:42 UTC

[GitHub] [airflow] neil90 commented on pull request #5635: [Airflow 4923] Fix Databricks hook leaks API secret in logs

neil90 commented on pull request #5635:
URL: https://github.com/apache/airflow/pull/5635#issuecomment-676811939


   > Hi @zenyui
   > 
   > 1. the BaseHook.get_connection once it gets the connection info checks to see if the host field exists and if it does it logs the extra field - [Link](https://github.com/apache/airflow/blob/1.10.3/airflow/hooks/base_hook.py#L81-L83)
   > 2. Currently users can do something similar which is put their login name into the username field and the token into password field.
   > 
   > Basically it is now similar to [aws_hook](https://github.com/apache/airflow/blob/master/airflow/contrib/hooks/aws_hook.py#L98-L108) functionality
   
   If somebody stumbles upon this PR, Ignore point 2, it is incorrect. Putting Login and Password causes it to Authenticate via Basic Auth. There can be a future PR to add this ability via adding an some identifier in the extra json to let us know we are using the token in the password field and authenticate via token rather then Basic Auth.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org