Package com.amazonaws.athena.connectors.snowflake.utils

Class SnowflakeAuthUtils

java.lang.Object

com.amazonaws.athena.connectors.snowflake.utils.SnowflakeAuthUtils

public class SnowflakeAuthUtils
extends Object

Utility class for Snowflake authentication methods.

Method Summary

Modifier and Type	Method	Description
static PrivateKey	createPrivateKey(String privateKeyString, String passphrase)	Creates a PrivateKey object from a private key string.
static SnowflakeAuthType	determineAuthType(Map<String,String> credentials)	Determines the authentication type based on the provided credentials.
static String	getUsername(Map<String,String> credentials)	Gets the username from credentials, checking both "username" and "user" fields.
static void	validateCredentials(Map<String,String> credentials, SnowflakeAuthType authType)	Validates that the credentials contain the required fields for the authentication type.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

determineAuthType

public static SnowflakeAuthType determineAuthType(Map<String,String> credentials)

Determines the authentication type based on the provided credentials.

Parameters:

credentials - The credentials map from AWS Secrets Manager

Returns:

The authentication type enum

createPrivateKey

public static PrivateKey createPrivateKey(String privateKeyString,
                                          String passphrase)
                                   throws Exception

Creates a PrivateKey object from a private key string. Supports both PEM-formatted keys (with headers/footers) and raw base64-encoded keys (without headers/footers). Supports both encrypted and unencrypted private keys using Java standard libraries. Supported PEM header types: - -----BEGIN PRIVATE KEY----- (PKCS8 unencrypted) - -----BEGIN ENCRYPTED PRIVATE KEY----- (PKCS8 encrypted)

Parameters:

privateKeyString - The private key string (PEM-formatted or raw base64)

passphrase - The passphrase for encrypted private keys (can be null for unencrypted keys)

Returns:

PrivateKey object

Throws:

Exception - if the private key cannot be parsed

getUsername

public static String getUsername(Map<String,String> credentials)

Gets the username from credentials, checking both "username" and "user" fields.

Parameters:

credentials - The credentials map

Returns:

The username value

Throws:

IllegalArgumentException - if neither field is present or is empty

validateCredentials

public static void validateCredentials(Map<String,String> credentials,
                                       SnowflakeAuthType authType)

Validates that the credentials contain the required fields for the authentication type.

Parameters:

credentials - The credentials map

authType - The authentication type

Throws:

IllegalArgumentException - if required fields are missing