CDK: Emit control message on config mutation

[alafanechere]

What

Closes #17910
Quoting @davinchia in #3990:

Today we do not handle the case where a new refresh token is returned when a new access token is granted.

A new protocol message: AirbyteControlMessage.ConnectorConfig was introduced to enable the connector to share a configuration update with the platform.

This PR is an attempt to update the CDK to enable automatic emission of AirbyteControlMessage.ConnectorConfig on mutation of a config dict keys, and nested keys.

How

1. Add a config kwarg to OAuth2Authenticator.__init__. Observe this config by creating an ObservedDict assigned to self.connector_config
2. ObservedDict get created with a ConfigObserver object. ObservedDict call ConfigObserver.update on __set_item__ calls (this is the function called on key assignment: e.g config["refresh_token"] = "new_refresh_token".
3. ConfigObserver.update emits an AirbyteControlMessage.ConnectorConfig with the updated config.

N.B.

I chose the observer pattern because I thought this could be a silver-bullet-like approach to enable additional future use cases around AirbyteControlMessage.ConnectorConfig message.

The platform is not currently processing these new messages, so emitting will AirbyteControlMessage.ConnectorConfig will currently have no effect/

Recommended reading order

1. airbyte/airbyte-cdk/python/airbyte_cdk/sources/streams/http/requests_native_auth/oauth.py

   Line 31 in 12db1b7

   connector_config: Mapping[str, Any] = None,

2. airbyte/airbyte-cdk/python/airbyte_cdk/config_observation.py

   Line 14 in 12db1b7

   class ObservedDict(dict):

3. airbyte/airbyte-cdk/python/unit_tests/sources/streams/http/requests_native_auth/test_requests_native_auth.py

   Line 178 in 12db1b7

   def test_auth_with_config_mutation(self, capsys):

4. airbyte/airbyte-cdk/python/unit_tests/test_config_observation.py

   Line 12 in 12db1b7

   class TestObservedDict:

🚨 User Impact 🚨

To benefit from config observation, the connector developer can implement a custom authenticator inheriting from OAuth2Authenticator and create any token-refresh logic in this authenticator. The functions implementing this logic will have to mutate self.connector_config to emit a control message.

[sherifnada]

@alafanechere could you show an example of how would this be used in the context of an HTTPStream and a single-use oauth authenticator?

[alafanechere]

@sherifnada I achieved a working example for BingAds in 733b89a (will revert afterward)

A READ outputs the following to stdout (I manually removed sensitive fields):

$ python main.py read --catalog integration_tests/configured_catalog.json --config secrets/config.json
{"type": "LOG", "log": {"level": "INFO", "message": "Starting syncing SourceBingAds"}}
{"type": "LOG", "log": {"level": "INFO", "message": "Fetching access token ..."}}
{"type": "CONNECTOR_CONFIG", "emitted_at": 1668613492681.509, "connectorConfig": {"config": {"tenant_id": "common", "refresh_token": "<OBFUSCATED-FOR-DEMO>", "client_id": "<OBFUSCATED-FOR-DEMO>", "developer_token": "<OBFUSCATED-FOR-DEMO>", "reports_start_date": "2020-02-25", "hourly_reports": false, "daily_reports": false, "weekly_reports": true, "monthly_reports": true}}}
{"type": "LOG", "log": {"level": "INFO", "message": "Syncing stream: ad_groups "}}
... Records are coming in afterward

[evantahler]

{"type": "CONNECTOR_CONFIG", "emitted_at": 123, "connectorConfig": {...}}

I think there's one more envelope layer on that message, and it should be something like:

{"type": "CONTROL", "control": {"type": "CONNECTOR_CONFIG", "emitted_at": 123, "connectorConfig": {...}}}

[alafanechere]

{"type": "CONNECTOR_CONFIG", "emitted_at": 123, "connectorConfig": {...}}

I think there's one more envelope layer on that message, and it should be something like:

{"type": "CONTROL", "control": {"type": "CONNECTOR_CONFIG", "emitted_at": 123, "connectorConfig": {...}}}

I think I forgot to wrap this around an AirbyteMessage right?

[evantahler]

I think I forgot to wrap this around an AirbyteMessage right?

That's probably it!

[alafanechere]

@sherifnada I tried to go in the direction you suggested by implementing a specific SingleUseRefreshTokenOauth2Authenticator authenticator with a behavior that can match most existing OAuth scenarios. Let me know if it's what you had in mind 😄

[alafanechere]

I tried to use source-harvest as an example: c5a0b6d

[sherifnada]

nice! looking really good. Some questions

[sherifnada]

why do we care about retaining and validating client_id and client_secret in this class instead of just passing up the concern to the super?

[alafanechere]

As client_id, client_secret, and refresh_token are mandatory arguments of the parent class, and the current constructor signature of the new class only takes a connector_config dict, I thought it would be safer to fail early if these fields' values could not be parsed from the config.

[sherifnada]

why were these removed?

[alafanechere]

The client_id parameter does not exist in my SingleUseRefreshTokenOauth2Authenticator implementation. The client_id is retrieved from the configuration with dpath

[sherifnada]

would recommend using dpath

[alafanechere]

Agreed but for implementation consistency with parent class and abstract class, I'd prefer to do this in a separate PR in which we can replace the access_token_name, expires_in_name, and refresh_token_name by dpaths that can be used when parsing these responses. Wdyt?

[sherifnada]

makes sense!

[alafanechere]

@sherifnada I used dpath to declare path to the config field that we use to build refresh requests and set a new refresh token values in the config. I think this is far better now for DX 😄
I think dpath could also be used to define with more flexibility the location of the fields we want to parse in the refresh token response, but I'd prefer to keep this refacto for a different PR.

[sherifnada]

Good stuff! requesting a couple small changes but no extra review needed from my side. Thank you for making this awesome change.

[alafanechere]

/publish-cdk dry-run=true

🕑 https://github.com/airbytehq/airbyte/actions/runs/3574511972
✅ https://github.com/airbytehq/airbyte/actions/runs/3574511972

[alafanechere]

/publish-cdk dry-run=false

🕑 https://github.com/airbytehq/airbyte/actions/runs/3574606697
✅ https://github.com/airbytehq/airbyte/actions/runs/3574606697