Feat/externalbrowser auth

docs/content/product/configuration/data-sources/snowflake.mdx

@@ -20,7 +20,7 @@ GRANT SELECT ON FUTURE TABLES IN DATABASE ABC TO ROLE XYZ;
 </InfoBox>
 
 - [Account/Server URL][snowflake-docs-account-id] for Snowflake.
-- User name and password or an RSA private key for the Snowflake account.
+- User name and password or an RSA private key for the Snowflake account. Also, single sign-on (SSO) through a web browser is available.
 - Optionally, the warehouse name, the user role, and the database name.
 
 ## Setup
@@ -79,8 +79,8 @@ if [dedicated infrastructure][ref-dedicated-infra] is used. Check out the
 | <EnvVar>CUBEJS_DB_SNOWFLAKE_CLIENT_SESSION_KEEP_ALIVE</EnvVar>      | If `true`, [keep the Snowflake connection alive indefinitely][snowflake-docs-connection-options]                                                    | `true`, `false`                                                        |    ❌    |
 | <EnvVar>CUBEJS_DB_NAME</EnvVar>                                     | The name of the database to connect to                                                                                                              | A valid database name                                                  |    ✅    |
 | <EnvVar>CUBEJS_DB_USER</EnvVar>                                     | The username used to connect to the database                                                                                                        | A valid database username                                              |    ✅    |
-| <EnvVar>CUBEJS_DB_PASS</EnvVar>                                     | The password used to connect to the database                                                                                                        | A valid database password                                              |    ✅    |
-| <EnvVar>CUBEJS_DB_SNOWFLAKE_AUTHENTICATOR</EnvVar>                  | The type of authenticator to use with Snowflake. Use `SNOWFLAKE` with username/password, or `SNOWFLAKE_JWT` with key pairs. Defaults to `SNOWFLAKE` | `SNOWFLAKE`, `SNOWFLAKE_JWT`, `OAUTH`                                  |    ❌    |
+| <EnvVar>CUBEJS_DB_PASS</EnvVar>                                     | The password used to connect to the database                                                                                                        | A valid database password                                              |    ❌    |
+| <EnvVar>CUBEJS_DB_SNOWFLAKE_AUTHENTICATOR</EnvVar>                  | The type of authenticator to use with Snowflake. Use `SNOWFLAKE` with username/password, or `SNOWFLAKE_JWT` with key pairs. Defaults to `SNOWFLAKE` | `EXTERNALBROWSER`, `SNOWFLAKE`, `SNOWFLAKE_JWT`, `OAUTH`               |    ❌    |
 | <EnvVar>CUBEJS_DB_SNOWFLAKE_PRIVATE_KEY</EnvVar>                    | The content of the private RSA key                                                                                                                  | Content of the private RSA key (encrypted or not)                      |    ❌    |
 | <EnvVar>CUBEJS_DB_SNOWFLAKE_PRIVATE_KEY_PATH</EnvVar>               | The path to the private RSA key                                                                                                                     | A valid path to the private RSA key                                    |    ❌    |
 | <EnvVar>CUBEJS_DB_SNOWFLAKE_PRIVATE_KEY_PASS</EnvVar>               | The password for the private RSA key. Only required for encrypted keys                                                                              | A valid password for the encrypted private RSA key                     |    ❌    |

docs/content/product/configuration/reference/environment-variables.mdx

@@ -769,12 +769,13 @@ The Snowflake account identifier to use when connecting to the database.
 
 ## `CUBEJS_DB_SNOWFLAKE_AUTHENTICATOR`
 
-The type of authenticator to use with Snowflake. Use `SNOWFLAKE` with
-username/password, or `SNOWFLAKE_JWT` with key pairs.
+The type of authenticator to use with Snowflake. Use `EXTERNALBROWSER`
+with SSO, `SNOWFLAKE` with username/password,
+or `SNOWFLAKE_JWT` with key pairs.
 
-| Possible Values              | Default in Development | Default in Production |
-| ---------------------------- | ---------------------- | --------------------- |
-| `SNOWFLAKE`, `SNOWFLAKE_JWT` | `SNOWFLAKE`            | `SNOWFLAKE`           |
+| Possible Values                                 | Default in Development | Default in Production |
+| ----------------------------------------------- | ---------------------- | --------------------- |
+| `EXTERNALBROWSER`, `SNOWFLAKE`, `SNOWFLAKE_JWT` | `SNOWFLAKE`            | `SNOWFLAKE`           |
 
 ## `CUBEJS_DB_SNOWFLAKE_OAUTH_TOKEN`
 

packages/cubejs-snowflake-driver/package.json

@@ -29,7 +29,7 @@
     "@cubejs-backend/base-driver": "1.6.33",
     "@cubejs-backend/shared": "1.6.33",
     "date-fns-timezone": "^0.1.4",
-    "snowflake-sdk": "^2.2.0"
+    "snowflake-sdk": "^2.3.6"
   },
   "license": "Apache-2.0",
   "publishConfig": {

packages/cubejs-snowflake-driver/src/SnowflakeDriver.ts

@@ -150,7 +150,7 @@ interface SnowflakeDriverOptions {
   host?: string,
   account: string,
   username: string,
-  password: string,
+  password?: string,
   region?: string,
   warehouse?: string,
   role?: string,
@@ -485,6 +485,8 @@ export class SnowflakeDriver extends BaseDriver implements DriverInterface {
       config.privateKey = this.config.privateKey;
       config.privateKeyPath = this.config.privateKeyPath;
       config.privateKeyPass = this.config.privateKeyPass;
+    } else if (this.config.authenticator?.toUpperCase() === 'EXTERNALBROWSER') {
+      config.username = this.config.username;
     } else {
       config.username = this.config.username;
       config.password = this.config.password;
@@ -882,7 +884,7 @@ export class SnowflakeDriver extends BaseDriver implements DriverInterface {
           reject(err);
           return;
         }
-        const hydrationMap = this.generateHydrationMap(stmt.getColumns());
+        const hydrationMap = this.generateHydrationMap(stmt.getColumns() ?? []);
         const types: {name: string, type: string}[] =
           this.getTypes(stmt);
         if (rows?.length && Object.keys(hydrationMap).length) {
@@ -930,7 +932,7 @@ export class SnowflakeDriver extends BaseDriver implements DriverInterface {
     }));
     const types: {name: string, type: string}[] =
       this.getTypes(stmt);
-    const hydrationMap = this.generateHydrationMap(stmt.getColumns());
+    const hydrationMap = this.generateHydrationMap(stmt.getColumns() ?? []);
     if (Object.keys(hydrationMap).length) {
       const rowStream = new HydrationStream(hydrationMap);
       stmt.streamRows().pipe(rowStream);
@@ -952,7 +954,7 @@ export class SnowflakeDriver extends BaseDriver implements DriverInterface {
   }
 
   private getTypes(stmt: RowStatement) {
-    return stmt.getColumns().map((column) => {
+    return (stmt.getColumns() ?? []).map((column) => {
       const type = {
         name: column.getName().toLowerCase(),
         type: '',
@@ -1007,7 +1009,7 @@ export class SnowflakeDriver extends BaseDriver implements DriverInterface {
         }
 
         if (rehydrate && rows?.length) {
-          const hydrationMap = this.generateHydrationMap(stmt.getColumns());
+          const hydrationMap = this.generateHydrationMap(stmt.getColumns() ?? []);
           if (Object.keys(hydrationMap).length) {
             for (const row of rows) {
               for (const [field, toValue] of Object.entries(hydrationMap)) {