Enable Authentication for Google Sheet Connector Using Delegated User Credentials

[Raghav-Modani]

Description

This change lets the Google Sheets connector to authenticate by using delegated user credentials instead of raw service-account identity (which lives outside the domain). By supplying a “delegated user” email address, the connector will:

1. Obtain domain-wide delegated credentials for that user
2. Build a Sheets client under the user’s identity

Since the domain of google service account is different from the organization's Google workspace domain, this change allows to share the google sheets only within the Google workspace domain of the organization.

Additional context and related issues

1. New Config option: gsheets.delegated-user-email
2. Auth Flow Update: If gsheets.delegated-user-email is set, we load the service-account key, request the delegated credentials for that user, and build the Sheets client with those credentials.
3. Backward compatibility: Falls back to plain service-account authentication when no delegated user email is provided.

Release notes

( ) This is not user-visible or is docs only, and no release notes are required.
( ) Release notes are required. Please propose a release note for me.
(x ) Release notes are required, with the following suggested text:

## Google Sheets Connector
* Add support for authentication using delegated user credentials using the `gsheets.delegated-user-email` config property. 

[cla-bot]

Thank you for your pull request and welcome to our community. We could not parse the GitHub identity of the following contributors: Raghav Modani.
This is most likely caused by a git client misconfiguration; please make sure to:

1. check if your git client is configured with an email to sign commits git config --list | grep email
2. If not, set it up using git config --global user.email [email protected]
3. Make sure that the git commit email is configured in your GitHub account settings, see https://github.com/settings/emails

[Praveen2112]

nit: We don't have to set nullable.

[ebyhr]

Reminder.

[Praveen2112]

instead of passing config we could pass the delegatedUserEmail right ?

[cla-bot]

Thank you for your pull request and welcome to our community. We could not parse the GitHub identity of the following contributors: Raghav Modani.
This is most likely caused by a git client misconfiguration; please make sure to:

1. check if your git client is configured with an email to sign commits git config --list | grep email
2. If not, set it up using git config --global user.email [email protected]
3. Make sure that the git commit email is configured in your GitHub account settings, see https://github.com/settings/emails

[Raghav-Modani]

@ebyhr @Praveen2112 Please review this PR and let me know if any changes are required. Thanks!

[Raghav-Modani]

@Praveen2112 @ebyhr looks like the maven-checks 25-ea is failing consistently. Apart from it, could you please review the latest commits and suggest any changes required?

[Praveen2112]

Is there is any manual test or validation that this email-id is being used ? Like a manual screenshot based on the history of the sheet ? @ebyhr Any alternatives we could use ?

[Praveen2112]

@Raghav-Modani Btw please squash the commit into 1.

[Raghav-Modani]

@Raghav-Modani Btw please squash the commit into 1.

Its done. Please review. @Praveen2112 @ebyhr

[Praveen2112]

LGTM. Can we have a maual test or somesort of a screenshot to ensure the delegated user email is being used.

[Raghav-Modani]

LGTM. Can we have a maual test or somesort of a screenshot to ensure the delegated user email is being used.

Definitely, I will attach some screenshot on the working of this config property here shortly.

[ebyhr]

@Raghav-Modani Can you send follow-up PR to change these properties to list-table?

[Raghav-Modani]

Screenshots ensuring the delegated user email property is working as expected

1. Set the gsheets.delegated-user-email property in the configuration file of the connector as shown:

2. Share the metadata-mapping sheet with the delegated-user-email, no need to share this with the service account's email-id.

3. Also, share the sheets, which are to be queried, with the same delegated-user-email.

4. Now, query the sheets. Results are shown below:
   

[Raghav-Modani]

Hey @Praveen2112 , I have attached the screenshots, please check.

[Raghav-Modani]

Hey @Praveen2112 @ebyhr , let me know if there are any issues. If not, can we please merge this PR?
Thanks!

[ebyhr]

The commit title is too long. Please follow https://trino.io/development/process#pull-request-and-commit-guidelines-

Limit the subject line to 50 characters.

[Raghav-Modani]

The commit title is too long. Please follow https://trino.io/development/process#pull-request-and-commit-guidelines-

Limit the subject line to 50 characters.

Hey @ebyhr , changed the commit title and the message body to adhere to the guidelines. I hope this works now. Let me know any other issues to be taken care of?

[ebyhr]

@Raghav-Modani Please wrap the commit body at 72 characters. https://trino.io/development/process#pull-request-and-commit-guidelines-

[Raghav-Modani]

Hey @ebyhr , changed the commit message body. Please check now.

[Raghav-Modani]

@ebyhr @Praveen2112 can we merge it now?

[Raghav-Modani]

@Praveen2112 @ebyhr are there any other requirements to be fulfilled to get this PR merged? If not, can we please get this merged? Thanks!

[bhargav2427]

@ebyhr @Praveen2112 Could you please check this Pull Request, we are waiting for this.

[Praveen2112]

@Raghav-Modani Can you please squash the changes into 1 ?

[Raghav-Modani]

@Praveen2112 squashed all the commits into 1.

[Raghav-Modani]

Thanks @ebyhr @Praveen2112 for merging this!