Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support SubjectName/Issuer (SendX5c) auth #36

Merged
merged 15 commits into from
Apr 22, 2024
Merged

Support SubjectName/Issuer (SendX5c) auth #36

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
c9e1c4b
Switch to combo box
Apr 18, 2024
c853a84
AAD to Entra ID
Apr 18, 2024
6f03a89
New panel
Apr 18, 2024
3a2dbb5
pick a certificate
Apr 18, 2024
2e67ef9
working on SNI auth connection string
Apr 18, 2024
2412377
Improve error handling
Apr 18, 2024
6328b92
Resize schema picker
Apr 18, 2024
b207c3d
resize
Apr 18, 2024
4a391c5
Update build number
Apr 19, 2024
cf44d97
Improve spacing and sizing
Apr 19, 2024
2455c67
Update screenshot to reflect new UI
Apr 19, 2024
59940a0
Make image the same size as before
Apr 19, 2024
46703b2
Merge branch 'master' into benmar/20240418_x5c
benmartens Apr 22, 2024
d9c34cb
Merge branch 'master' into benmar/20240418_x5c
benmartens Apr 22, 2024
4354706
aad to entra id
Apr 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions SyncKusto/Kusto/AuthenticationMode.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,12 @@
namespace SyncKusto.Kusto
{
/// <summary>
/// When connecting to a Kusto cluster, this enum contains the multiple methods of authentication are supported.
/// When connecting to a Kusto cluster, this enum contains the multiple methods of authentication are supported.
/// </summary>
public enum AuthenticationMode
{
AadFederated,
AadApplication
AadApplication,
AadApplicationSni
};
}
62 changes: 50 additions & 12 deletions SyncKusto/Kusto/QueryEngine.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
using Kusto.Data.Common;
using Kusto.Data.Net.Client;
using Newtonsoft.Json;
using SyncKusto.Utilities;

namespace SyncKusto.Kusto
{
Expand Down Expand Up @@ -222,33 +223,70 @@ public void Dispose()
/// <param name="database">The name of the database to connect to</param>
/// <param name="aadClientId">Optionally connect with AAD client app</param>
/// <param name="aadClientKey">Optional key for AAD client app</param>
/// <param name="certificateThumbprint">Optional thumbprint of a certificate to use for Subject Name Issuer authentication</param>
/// <returns>A connection string for accessing Kusto</returns>
public static KustoConnectionStringBuilder GetKustoConnectionStringBuilder(string cluster, string database, string aadClientId = null, string aadClientKey = null)
public static KustoConnectionStringBuilder GetKustoConnectionStringBuilder(
string cluster,
string database,
string aadClientId = null,
string aadClientKey = null,
string certificateThumbprint = null)
{
if (string.IsNullOrEmpty(aadClientId) != string.IsNullOrEmpty(aadClientKey))
if (string.IsNullOrEmpty(aadClientId) != string.IsNullOrEmpty(aadClientKey) &&
string.IsNullOrEmpty(aadClientId) != string.IsNullOrEmpty(certificateThumbprint))
{
throw new ArgumentException("If either aadClientId or aadClientKey are specified, they must both be specified.");
}

if (string.IsNullOrWhiteSpace(SettingsWrapper.AADAuthority))
{
throw new Exception("Authority value must be specified in the Settings dialog.");
}

cluster = NormalizeClusterName(cluster);

var kcsb = new KustoConnectionStringBuilder(cluster)
// User auth
if (string.IsNullOrWhiteSpace(aadClientId))
{
FederatedSecurity = true,
InitialCatalog = database,
Authority = SettingsWrapper.AADAuthority
};
return new KustoConnectionStringBuilder(cluster)
{
FederatedSecurity = true,
InitialCatalog = database,
Authority = SettingsWrapper.AADAuthority
};
}

// App Key auth
if (!string.IsNullOrWhiteSpace(aadClientId) && !string.IsNullOrWhiteSpace(aadClientKey))
{
kcsb.ApplicationKey = aadClientKey;
kcsb.ApplicationClientId = aadClientId;
return new KustoConnectionStringBuilder(cluster)
{
FederatedSecurity = true,
InitialCatalog = database,
Authority = SettingsWrapper.AADAuthority,
ApplicationKey = aadClientKey,
ApplicationClientId = aadClientId
};
}

// App SNI auth
if (!string.IsNullOrWhiteSpace(aadClientId) && !string.IsNullOrWhiteSpace(certificateThumbprint))
{
return new KustoConnectionStringBuilder(cluster)
{
InitialCatalog = database,
}.WithAadApplicationCertificateAuthentication(
aadClientId,
CertificateStore.GetCertificate(certificateThumbprint),
SettingsWrapper.AADAuthority,
true);
}

return kcsb;
throw new Exception("Could not determine how to create a connection string from provided parameters.");
}

/// <summary>
/// Allow users to specify cluster.eastus2, cluster.eastus2.kusto.windows.net, or https://cluster.eastus2.kusto.windows.net
/// Allow users to specify cluster.eastus2, cluster.eastus2.kusto.windows.net, or https://cluster.eastus2.kusto.windows.net
/// </summary>
/// <param name="cluster">Input cluster name</param>
/// <returns>Normalized cluster name e.g. https://cluster.eastus2.kusto.windows.net</returns>
Expand Down Expand Up @@ -280,4 +318,4 @@ public static string NormalizeClusterName(string cluster)
}
}
}
}
}
14 changes: 7 additions & 7 deletions SyncKusto/MainForm.Designer.cs
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading