Skip to content

nuobit/hana-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
hana_auth
hana_auth
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
NOTICE
NOTICE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

hana-auth

A minimal CLI proxy and Python library for SAP HANA queries. Its only job is to inject credentials so they never appear in command history or scripts.

Install

pip install git+https://github.com/NuoBiT/hana-auth.git

Update:

pip install --upgrade git+https://github.com/NuoBiT/hana-auth.git

Uninstall:

pip uninstall hana-auth

Configure

Create one INI file per profile under ~/.config/hana-auth/:

mkdir -p ~/.config/hana-auth
chmod 700 ~/.config/hana-auth
cat > ~/.config/hana-auth/myprofile.conf <<'EOF'
[hana]
host = mycompany-hana-cloud.eu10.hanacloud.ondemand.com
port = 443
user = MYUSER
password = secret

# Optional — required for HANA Cloud / SSL endpoints:
encrypt = true
sslValidateCertificate = true

# Optional — multi-tenant routing:
# database = HXE

# Optional — default schema, timeouts:
# currentSchema = MYSCHEMA
# connectTimeout = 5000
# communicationTimeout = 60000
EOF
chmod 600 ~/.config/hana-auth/myprofile.conf

The library refuses to read the file if perms are looser than 600 (directory 700).

Use — library

from hana_auth.client import connect

with connect(profile="myprofile") as conn:
    cursor = conn.cursor()
    cursor.execute("SELECT TOP 5 SCHEMA_NAME, TABLE_NAME FROM SYS.TABLES")
    cols = [c[0] for c in cursor.description]
    rows = [dict(zip(cols, r)) for r in cursor.fetchall()]

print(rows)

Use — CLI

hana-auth --profile myprofile "SELECT TOP 5 SCHEMA_NAME, TABLE_NAME FROM SYS.TABLES"

Output is a JSON array of row-dicts to stdout. Dates, decimals and binary blobs are encoded for safe JSON transport (ISO 8601, float, hex).

Supported config keys

Key Required Notes
host yes hostname or IP of the HANA endpoint
port yes typically 30015 for SystemDB, 443 for HANA Cloud, 3<NN>15 for tenant DBs
user yes uppercase HANA user
password yes secret
database / databaseName no tenant DB selector for multi-tenant routing
encrypt no bool — must be true for HANA Cloud and any TLS endpoint
sslValidateCertificate no bool — usually true against trusted endpoints
sslCryptoProvider no e.g. openssl
sslTrustStore no path to CA bundle (.pem) if validating against a private CA
sslHostNameInCertificate no expected CN/SAN if it differs from host
currentSchema no default schema for the session
autocommit no bool
connectTimeout no ms
communicationTimeout no ms

License

Apache License 2.0 — see LICENSE and NOTICE.

Copyright (c) 2026 NuoBiT Solutions, S.L.

About

Minimal CLI proxy and library for SAP HANA queries — injects credentials transparently

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages