-
Notifications
You must be signed in to change notification settings - Fork 286
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API | AccessTokenCallback support #1260
Conversation
...ons/AzureActiveDirectoryAuthenticationProvider/AzureActiveDirectoryAuthenticationProvider.cs
Outdated
Show resolved
Hide resolved
Discussion update - we'll refine further by implementing the delegate without the need for a |
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #1260 +/- ##
==========================================
- Coverage 70.59% 69.94% -0.65%
==========================================
Files 305 305
Lines 61820 61934 +114
==========================================
- Hits 43639 43320 -319
- Misses 18181 18614 +433
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. |
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs
Outdated
Show resolved
Hide resolved
…ent/SqlInternalConnectionTds.cs Co-authored-by: David Engel <dengel1012@gmail.com>
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can eliminate the need for a new Authentication option by simply keying off whether AccessTokenCallback is null or not. So the connection string/example usage would be simplified:
var cred = new DefaultAzureCredential(); var myTokenCallback = async (ctx, cancellationToken) => { string scope = ctx.Resource.EndsWith(s_defaultScopeSuffix) ? ctx.Resource : ctx.Resource + s_defaultScopeSuffix; var token = await cred.GetTokenAsync(new TokenRequestContext(new[] { scope }), cancellationToken); return new SqlAuthenticationToken(token.Token, token.ExpiresOn); } using (SqlConnection sqlConnection = new SqlConnection( "Server=name.database.windows.net;Database=db;") { AccessTokenCallback = myTokenCallback }) { sqlConnection.Open(); Console.WriteLine("Connected successfully!") }
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnection.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsEnums.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/src/Microsoft/Data/Common/DbConnectionStringCommon.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/src/Microsoft/Data/Common/DbConnectionStringCommon.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/TdsEnums.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netfx/src/Microsoft.Data.SqlClient.csproj
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.Designer.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netcore/ref/Microsoft.Data.SqlClient.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netcore/src/Resources/Strings.resx
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netcore/src/Resources/Strings.Designer.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/netfx/ref/Microsoft.Data.SqlClient.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/ConnectivityTests/AADConnectionTest.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/ConnectivityTests/AADConnectionTest.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/ConnectivityTests/AADConnectionTest.cs
Outdated
Show resolved
Hide resolved
Co-authored-by: DavoudEshtehari <61173489+DavoudEshtehari@users.noreply.github.com>
Co-authored-by: DavoudEshtehari <61173489+DavoudEshtehari@users.noreply.github.com>
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnection.cs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm good with the current state of this feature. It'll be nice to get this one merged.
@cheenamalhotra in case you want to give it another quick once over.
Currently, I'm using |
Two questions:
|
This feature adds support for
TokenCredential
authentication in SqlClient without exposing the type in the core package.This allows developers to use the full fidelity of the
TokenCredential
abstraction inAzure.Core
including all the specific implementations fromAzure.Identity
.This approach allows a new
AccessTokenCallback
property to be set on theSqlConnection
which is a delegate that will return an access token. The implementation for the delegate could be anything, but the below example shows usage of theDefaultAzureCredential
Example usage:
This new approach is much simpler to implement and allows us to track in a direction that eliminates a static dependency on
Azure.Identity
for "Authentication=ActiveDirectoryDefault". In addition it allows ultimate flexibility for DefaultAzureCredential (or any TokenCredential implementation) scenarios such as allowing arbitrary options and logging configuration.