joeknize-bc opened a new issue, #49575:
URL: https://github.com/apache/airflow/issues/49575
### Apache Airflow version
Other Airflow 2 version (please specify below)
### If "Other Airflow 2 version" selected, which one?
2.10.4
### What happened?
I'm trying to create a Snowflake connection using a private key. If I use
the UI, I am unable to get it to work, it appears the key is not stored
correctly. I _am_ able to create it correctly by constructing it using
airflow.models.connection.Connection. When I compare the URI-encoded
connections from the two methods, the UI-created string has '+' (space) instead
of '%5Cn' (\n).
It looks to me like the issue is that the form field is converting newlines
to spaces. If I examine the field in the browser and switch it from password to
text, this:
```
ABC
123
```
gets converted to `ABC 123`.
### What you think should happen instead?
Don't replace newlines with spaces in private key fields.
Switching newlines to spaces in private keys causes the error:
```
[2025-04-22, 17:05:08 UTC] {taskinstance.py:3311} ERROR - Task failed with
exception
Traceback (most recent call last):
File
"/usr/local/lib/python3.12/site-packages/airflow/models/taskinstance.py", line
762, in _execute_task
result = _execute_callable(context=context, **execute_callable_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/models/taskinstance.py", line
733, in _execute_callable
return ExecutionCallableRunner(
^^^^^^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/utils/operator_helpers.py",
line 252, in run
return self.func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/models/baseoperator.py", line
422, in wrapper
return func(self, *args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/operators/python.py", line
238, in execute
return_value = self.execute_callable()
^^^^^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/operators/python.py", line
256, in execute_callable
return runner.run(*self.op_args, **self.op_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/utils/operator_helpers.py",
line 252, in run
return self.func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/airflow/include/utils/utils.py", line 74, in
log_job_status_to_sf
execute_sp_snowflake(connection_id, log_statement)
File "/usr/local/airflow/include/utils/db_utils.py", line 165, in
execute_sp_snowflake
result = select_from_snowflake(connection_id, query)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/airflow/include/utils/db_utils.py", line 469, in
select_from_snowflake
conn = get_snowflake_connection(connection_id)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/airflow/include/utils/db_utils.py", line 249, in
get_snowflake_connection
conn = hook.get_conn()
^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/providers/snowflake/hooks/snowflake.py",
line 302, in get_conn
conn_config = self._get_conn_params
^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.12/functools.py", line 995, in __get__
val = self.func(instance)
^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/airflow/providers/snowflake/hooks/snowflake.py",
line 260, in _get_conn_params
p_key = serialization.load_pem_private_key(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File
"/usr/local/lib/python3.12/site-packages/cryptography/hazmat/backends/openssl/backend.py",
line 494, in _handle_key_loading_error
raise ValueError(
ValueError: ('Could not deserialize key data. The data may be in an
incorrect format, it may be encrypted with an unsupported algorithm, or it may
be an unsupported key type (e.g. EC curves with explicit parameters).',
[<OpenSSLError(code=503841036, lib=60, reason=524556,
reason_text=unsupported)>])
```
### How to reproduce
Easy way to reproduce:
Add or modify a connection that can use a private key, like Snowflake or
Salesforce.
In the private key field, paste a string containing a newline, like:
```
ABC
123
```
Using developer tools in the browser, switch the field type from password to
text, and you'll see that the string is now 'ABC 123'.
More thorough way to reproduce:
Add or modify a connection that can use a private key, like Snowflake or
Salesforce.
In the private key field, paste the entire contents of a private key.
Export it by doing something like:
```
airflow connections get foo -o yaml
```
You'll see that the newlines have been replaced with spaces.
### Operating System
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
### Versions of Apache Airflow Providers
apache-airflow-providers-snowflake==5.8.0
### Deployment
Astronomer
### Deployment details
_No response_
### Anything else?
May be related to https://github.com/apache/airflow/issues/47221. I was not
able to comment on it, so I'm opening this ticket.
### Are you willing to submit PR?
- [x] Yes I am willing to submit a PR!
### Code of Conduct
- [x] I agree to follow this project's [Code of
Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
