[yql] Fix SecureParam for oauth/cookie

4 files changed, 6 insertions, 7 deletions

diff --git a/ydb/core/kqp/provider/yql_kikimr_datasource.cpp b/ydb/core/kqp/provider/yql_kikimr_datasource.cpp
index 2cb1b0e38c1..7aa803b7e48 100644
--- a/ydb/core/kqp/provider/yql_kikimr_datasource.cpp
+++ b/ydb/core/kqp/provider/yql_kikimr_datasource.cpp
@@ -321,8 +321,8 @@ public:
         }
 
         if (defaultToken.empty()) {
-            if (!Types.UserCredentials.OauthToken.empty()) {
-                defaultToken = Types.UserCredentials.OauthToken;
+            if (!Types.Credentials->GetUserCredentials().OauthToken.empty()) {
+                defaultToken = Types.Credentials->GetUserCredentials().OauthToken;
             }
         }
 
diff --git a/ydb/library/yql/core/type_ann/type_ann_core.cpp b/ydb/library/yql/core/type_ann/type_ann_core.cpp
index 91daaaf31c9..9ac10f25771 100644
--- a/ydb/library/yql/core/type_ann/type_ann_core.cpp
+++ b/ydb/library/yql/core/type_ann/type_ann_core.cpp
@@ -10104,11 +10104,11 @@ template <NKikimr::NUdf::EDataSlot DataSlot>
                 ctx.Expr.AddError(TIssue(ctx.Expr.GetPosition(input->Head().Pos()), TStringBuilder() << "unknown token: " << p1 << ", prefix: " << p0));
                 return IGraphTransformer::TStatus::Error;
             }
-            if (p1 == "oauth" && ctx.Types.UserCredentials.OauthToken.empty()) {
+            if (p1 == "oauth" && ctx.Types.Credentials->GetUserCredentials().OauthToken.empty()) {
                 ctx.Expr.AddError(TIssue(ctx.Expr.GetPosition(input->Head().Pos()), TStringBuilder() << "got empty Oauth token string"));
                 return IGraphTransformer::TStatus::Error;
             }
-            if (p1 == "cookie" && ctx.Types.UserCredentials.BlackboxSessionIdCookie.empty()) {
+            if (p1 == "cookie" && ctx.Types.Credentials->GetUserCredentials().BlackboxSessionIdCookie.empty()) {
                 ctx.Expr.AddError(TIssue(ctx.Expr.GetPosition(input->Head().Pos()), TStringBuilder() << "got empty session cookie"));
                 return IGraphTransformer::TStatus::Error;
             }
diff --git a/ydb/library/yql/core/yql_type_annotation.h b/ydb/library/yql/core/yql_type_annotation.h
index d52837bd4da..f1c633f424c 100644
--- a/ydb/library/yql/core/yql_type_annotation.h
+++ b/ydb/library/yql/core/yql_type_annotation.h
@@ -195,7 +195,6 @@ struct TTypeAnnotationContext: public TThrRefBase {
     TUserDataTable UserDataStorageCrutches;
     TYqlOperationOptions OperationOptions;
     TCredentials::TPtr Credentials = MakeIntrusive<TCredentials>();
-    TUserCredentials UserCredentials;
     IModuleResolver::TPtr Modules;
     NUdf::EValidateMode ValidateMode = NUdf::EValidateMode::None;
     bool DisableNativeUdfSupport = false;
diff --git a/ydb/library/yql/providers/common/provider/yql_provider.cpp b/ydb/library/yql/providers/common/provider/yql_provider.cpp
index 7f157e45fee..f6f9f5c6e22 100644
--- a/ydb/library/yql/providers/common/provider/yql_provider.cpp
+++ b/ydb/library/yql/providers/common/provider/yql_provider.cpp
@@ -643,9 +643,9 @@ static void GetToken(const TString& string, TString& out, const TTypeAnnotationC
     if (p0 == "api") {
         const auto p1 = string.substr(separator + 1);
         if (p1 == "oauth") {
-            out = type.UserCredentials.OauthToken;
+            out = type.Credentials->GetUserCredentials().OauthToken;
         } else if (p1 == "cookie") {
-            out = type.UserCredentials.BlackboxSessionIdCookie;
+            out = type.Credentials->GetUserCredentials().BlackboxSessionIdCookie;
         } else {
             YQL_ENSURE(false, "unexpected token id");
         }