[PECOBLR-15] Respect OAuth Discovery URL for ExternalBrowserCredentialsStrategy

NEXT_CHANGELOG.md

@@ -4,6 +4,8 @@
 
 ### New Features and Improvements
 
+* Add support for discovery URL for browser based authentication flow.
+
 ### Bug Fixes
 
 ### Documentation

databricks-sdk-java/src/main/java/com/databricks/sdk/core/oauth/ExternalBrowserCredentialsProvider.java

@@ -130,6 +130,7 @@ CachedTokenSource performBrowserAuth(
             .withRedirectUrl(config.getEffectiveOAuthRedirectUrl())
             .withBrowserTimeout(config.getOAuthBrowserAuthTimeout())
             .withScopes(new ArrayList<>(scopes))
+            .withOpenIDConnectEndpoints(config.getOidcEndpoints())
             .build();
     Consent consent = client.initiateConsent();
 

databricks-sdk-java/src/main/java/com/databricks/sdk/core/oauth/OAuthClient.java

@@ -43,6 +43,7 @@ public static class Builder {
     private HttpClient hc;
     private String accountId;
     private Optional<Duration> browserTimeout = Optional.empty();
+    private OpenIDConnectEndpoints openIDConnectEndpoints;
 
     public Builder() {}
 
@@ -51,6 +52,11 @@ public Builder withHttpClient(HttpClient hc) {
       return this;
     }
 
+    public Builder withOpenIDConnectEndpoints(OpenIDConnectEndpoints openIDConnectEndpoints) {
+      this.openIDConnectEndpoints = openIDConnectEndpoints;
+      return this;
+    }
+
     public Builder withHost(String host) {
       this.host = host;
       return this;
@@ -102,6 +108,7 @@ public Builder withBrowserTimeout(Duration browserTimeout) {
   private final SecureRandom random = new SecureRandom();
   private final boolean isAws;
   private final boolean isAzure;
+  private final OpenIDConnectEndpoints openIDConnectEndpoints;
   private final Optional<Duration> browserTimeout;
 
   private OAuthClient(Builder b) throws IOException {
@@ -113,15 +120,15 @@ private OAuthClient(Builder b) throws IOException {
 
     DatabricksConfig config =
         new DatabricksConfig().setHost(b.host).setAccountId(b.accountId).resolve();
-    OpenIDConnectEndpoints oidc = config.getOidcEndpoints();
-    if (oidc == null) {
+    openIDConnectEndpoints = b.openIDConnectEndpoints;
+    if (openIDConnectEndpoints == null) {
       throw new DatabricksException(b.host + " does not support OAuth");
     }
 
     this.isAws = config.isAws();
     this.isAzure = config.isAzure();
-    this.tokenUrl = oidc.getTokenEndpoint();
-    this.authUrl = oidc.getAuthorizationEndpoint();
+    this.tokenUrl = openIDConnectEndpoints.getTokenEndpoint();
+    this.authUrl = openIDConnectEndpoints.getAuthorizationEndpoint();
     this.browserTimeout = b.browserTimeout;
     this.scopes = b.scopes;
   }
@@ -138,6 +145,10 @@ public String getClientSecret() {
     return clientSecret;
   }
 
+  public OpenIDConnectEndpoints getOidcEndpoints() {
+    return openIDConnectEndpoints;
+  }
+
   public String getRedirectUrl() {
     return redirectUrl;
   }

databricks-sdk-java/src/test/java/com/databricks/sdk/core/oauth/ExternalBrowserCredentialsProviderTest.java

@@ -49,6 +49,7 @@ void clientAndConsentTest() throws IOException {
               .withClientId(config.getClientId())
               .withClientSecret(config.getClientSecret())
               .withHost(config.getHost())
+              .withOpenIDConnectEndpoints(config.getOidcEndpoints())
               .withRedirectUrl(config.getEffectiveOAuthRedirectUrl())
               .withScopes(config.getScopes())
               .build();
@@ -94,6 +95,7 @@ void clientAndConsentTestWithCustomRedirectUrl() throws IOException {
               .withClientId(config.getClientId())
               .withClientSecret(config.getClientSecret())
               .withHost(config.getHost())
+              .withOpenIDConnectEndpoints(config.getOidcEndpoints())
               .withRedirectUrl(config.getEffectiveOAuthRedirectUrl())
               .withScopes(config.getScopes())
               .build();