From 47ba278e539864f2d9961e6a751e3cba4e9a9a27 Mon Sep 17 00:00:00 2001
From: Peter Kosztolanyi <peter.kosztolanyi@transferwise.com>
Date: Wed, 5 Feb 2025 11:17:29 +0000
Subject: [PATCH] Allow authentication over HTTP

---
 tests/unit/sqlalchemy/test_dialect.py | 10 ----------
 trino/client.py                       |  2 --
 trino/sqlalchemy/dialect.py           |  4 ----
 3 files changed, 16 deletions(-)

diff --git a/tests/unit/sqlalchemy/test_dialect.py b/tests/unit/sqlalchemy/test_dialect.py
index 294c016f..d247a536 100644
--- a/tests/unit/sqlalchemy/test_dialect.py
+++ b/tests/unit/sqlalchemy/test_dialect.py
@@ -58,7 +58,6 @@ def setup_method(self):
                     catalog="system",
                     user="user",
                     auth=BasicAuthentication("user", "pass"),
-                    http_scheme="https",
                     source="trino-rulez"
                 ),
             ),
@@ -80,7 +79,6 @@ def setup_method(self):
                     catalog="system",
                     user="user",
                     auth=CertificateAuthentication("/my/path/to/cert", "afdlsdfk%4#'"),
-                    http_scheme="https",
                     source="trino-sqlalchemy"
                 ),
             ),
@@ -100,7 +98,6 @@ def setup_method(self):
                     catalog="system",
                     user="user",
                     auth=JWTAuthentication("afdlsdfk%4#'"),
-                    http_scheme="https",
                     source="trino-sqlalchemy"
                 ),
             ),
@@ -168,7 +165,6 @@ def setup_method(self):
                     catalog="system",
                     user="user@test.org/my_role",
                     auth=BasicAuthentication("user@test.org/my_role", "pass /*&"),
-                    http_scheme="https",
                     source="trino-sqlalchemy",
                     session_properties={"query_max_run_time": "1d"},
                     http_headers={"trino": 1},
@@ -270,7 +266,6 @@ def test_trino_connection_basic_auth():
     url = make_url(f'trino://{username}:{password}@host')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], BasicAuthentication)
     assert cparams['auth']._username == username
     assert cparams['auth']._password == password
@@ -282,7 +277,6 @@ def test_trino_connection_jwt_auth():
     url = make_url(f'trino://host/?access_token={access_token}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], JWTAuthentication)
     assert cparams['auth'].token == access_token
 
@@ -294,7 +288,6 @@ def test_trino_connection_certificate_auth():
     url = make_url(f'trino://host/?cert={cert}&key={key}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], CertificateAuthentication)
     assert cparams['auth']._cert == cert
     assert cparams['auth']._key == key
@@ -307,13 +300,11 @@ def test_trino_connection_certificate_auth_cert_and_key_required():
     url = make_url(f'trino://host/?cert={cert}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert 'http_scheme' not in cparams
     assert 'auth' not in cparams
 
     url = make_url(f'trino://host/?key={key}')
     _, cparams = dialect.create_connect_args(url)
 
-    assert 'http_scheme' not in cparams
     assert 'auth' not in cparams
 
 
@@ -322,5 +313,4 @@ def test_trino_connection_oauth2_auth():
     url = make_url('trino://host/?externalAuthentication=true')
     _, cparams = dialect.create_connect_args(url)
 
-    assert cparams['http_scheme'] == "https"
     assert isinstance(cparams['auth'], OAuth2Authentication)
diff --git a/trino/client.py b/trino/client.py
index 637fe82b..730a6f87 100644
--- a/trino/client.py
+++ b/trino/client.py
@@ -489,8 +489,6 @@ def __init__(
         self._exceptions = self.HTTP_EXCEPTIONS
         self._auth = auth
         if self._auth:
-            if self._http_scheme == constants.HTTP:
-                raise ValueError("cannot use authentication with HTTP")
             self._auth.set_http_session(self._http_session)
             self._exceptions += self._auth.get_exceptions()
 
diff --git a/trino/sqlalchemy/dialect.py b/trino/sqlalchemy/dialect.py
index ad28b18a..ce3e537f 100644
--- a/trino/sqlalchemy/dialect.py
+++ b/trino/sqlalchemy/dialect.py
@@ -133,19 +133,15 @@ def create_connect_args(self, url: URL) -> Tuple[Sequence[Any], Mapping[str, Any
         if url.password:
             if not url.username:
                 raise ValueError("Username is required when specify password in connection URL")
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = BasicAuthentication(unquote_plus(url.username), unquote_plus(url.password))
 
         if "access_token" in url.query:
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = JWTAuthentication(unquote_plus(url.query["access_token"]))
 
         if "cert" in url.query and "key" in url.query:
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = CertificateAuthentication(unquote_plus(url.query['cert']), unquote_plus(url.query['key']))
 
         if "externalAuthentication" in url.query:
-            kwargs["http_scheme"] = "https"
             kwargs["auth"] = OAuth2Authentication()
 
         if "source" in url.query: