Skip to content

Commit

Permalink
Merge pull request #14 from evochriso/main
Browse files Browse the repository at this point in the history
Update Azure SQL Authentication to use Azure.Identity
  • Loading branch information
droyad authored Sep 30, 2024
2 parents c6f95f9 + b88e44a commit 32c112f
Show file tree
Hide file tree
Showing 5 changed files with 33 additions and 52 deletions.
10 changes: 3 additions & 7 deletions src/Tests/ApprovalFiles/NoPublicApiChanges.Run.approved.cs
Original file line number Diff line number Diff line change
@@ -1,12 +1,10 @@
[assembly: System.CLSCompliantAttribute(true)]
[assembly: System.CLSCompliantAttribute(false)]
[assembly: System.Runtime.InteropServices.ComVisibleAttribute(false)]
[assembly: System.Runtime.InteropServices.GuidAttribute("8190b40b-ac5b-414f-8a00-9b6a2c12b010")]

public static class AzureSqlServerExtensions
{
public static DbUp.Builder.UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(this DbUp.Builder.SupportedDatabases supported, string connectionString, string schema) { }
public static DbUp.Builder.UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(this DbUp.Builder.SupportedDatabases supported, string connectionString, string schema, string resource) { }
public static DbUp.Builder.UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(this DbUp.Builder.SupportedDatabases supported, string connectionString, string schema, string resource, string tenantId, string azureAdInstance = "https://login.microsoftonline.com/") { }
public static DbUp.Builder.UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(this DbUp.Builder.SupportedDatabases supported, string connectionString, string schema = null, Azure.Core.TokenCredential tokenCredential = null, string resource = "https://database.windows.net/", string tenantId = null) { }
}
public static class SqlServerExtensions
{
Expand Down Expand Up @@ -40,9 +38,7 @@ public enum AzureDatabaseEdition : int
}
public class AzureSqlConnectionManager : DbUp.Engine.Transactions.DatabaseConnectionManager, DbUp.Engine.Transactions.IConnectionManager
{
public AzureSqlConnectionManager(string connectionString) { }
public AzureSqlConnectionManager(string connectionString, string resource) { }
public AzureSqlConnectionManager(string connectionString, string resource, string tenantId, string azureAdInstance = "https://login.microsoftonline.com/") { }
public AzureSqlConnectionManager(string connectionString, Azure.Core.TokenCredential tokenCredential, string resource = "https://database.windows.net/", string tenantId = null) { }
public override System.Collections.Generic.IEnumerable<string> SplitScriptIntoCommands(string scriptContents) { }
}
public class SqlConnectionManager : DbUp.Engine.Transactions.DatabaseConnectionManager, DbUp.Engine.Transactions.IConnectionManager
Expand Down
31 changes: 14 additions & 17 deletions src/dbup-sqlserver/AzureSqlConnectionManager.cs
Original file line number Diff line number Diff line change
@@ -1,41 +1,38 @@
using System.Collections.Generic;

using System.Threading;
using Microsoft.Data.SqlClient;
using DbUp.Engine.Transactions;
using DbUp.Support;

using Microsoft.Azure.Services.AppAuthentication;
using Azure.Core;
using Azure.Identity;

namespace DbUp.SqlServer;

/// <summary>Manages an Azure Sql Server database connection.</summary>
public class AzureSqlConnectionManager : DatabaseConnectionManager
{
public AzureSqlConnectionManager(string connectionString)
: this(connectionString, "https://database.windows.net/", null)
{ }

public AzureSqlConnectionManager(string connectionString, string resource)
: this(connectionString, resource, null)
{ }

public AzureSqlConnectionManager(string connectionString, string resource, string tenantId, string azureAdInstance = "https://login.microsoftonline.com/")
public AzureSqlConnectionManager(
string connectionString,
TokenCredential tokenCredential,
string resource = "https://database.windows.net/",
string tenantId = null
)
: base(new DelegateConnectionFactory((log, dbManager) =>
{
var tokenContext =
new TokenRequestContext(scopes: new string[] { resource + "/.default" }, tenantId: tenantId);
var conn = new SqlConnection(connectionString)
{
AccessToken = new AzureServiceTokenProvider(azureAdInstance: azureAdInstance).GetAccessTokenAsync(resource, tenantId)
.ConfigureAwait(false)
.GetAwaiter()
.GetResult()
AccessToken = tokenCredential.GetToken(tokenContext, CancellationToken.None).Token
};

if (dbManager.IsScriptOutputLogged)
conn.InfoMessage += (sender, e) => log.LogInformation($"{{0}}", e.Message);

return conn;
}))
{ }
{
}

public override IEnumerable<string> SplitScriptIntoCommands(string scriptContents)
{
Expand Down
39 changes: 14 additions & 25 deletions src/dbup-sqlserver/AzureSqlServerExtensions.cs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
using System;
using Azure.Core;
using Azure.Identity;
using DbUp.Builder;
using DbUp.SqlServer;

Expand All @@ -13,33 +14,21 @@ public static class AzureSqlServerExtensions
/// <param name="supported">Fluent helper type.</param>
/// <param name="connectionString">The connection string.</param>
/// <param name="schema">The SQL schema name to use. Defaults to 'dbo' if <see langword="null" />.</param>
/// <returns>A builder for a database upgrader designed for Azure SQL Server databases.</returns>
public static UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(this SupportedDatabases supported, string connectionString, string schema)
{
return supported.SqlDatabase(new AzureSqlConnectionManager(connectionString), schema);
}

/// <summary>Creates an upgrader for Azure SQL Databases using Azure AD Integrated Security.</summary>
/// <param name="supported">Fluent helper type.</param>
/// <param name="connectionString">The connection string.</param>
/// <param name="schema">The SQL schema name to use. Defaults to 'dbo' if <see langword="null" />.</param>
/// <returns>A builder for a database upgrader designed for Azure SQL Server databases.</returns>
public static UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(this SupportedDatabases supported, string connectionString, string schema, string resource)
{
return AzureSqlDatabaseWithIntegratedSecurity(supported, connectionString, schema, resource, null);
}

/// <summary>Creates an upgrader for Azure SQL Databases using Azure AD Integrated Security.</summary>
/// <param name="supported">Fluent helper type.</param>
/// <param name="connectionString">The connection string.</param>
/// <param name="schema">The SQL schema name to use. Defaults to 'dbo' if <see langword="null" />.</param>
/// <param name="resource">Resource to access. e.g. https://management.azure.com/.</param>
/// <param name="tokenCredential">The credentials used. If null, 'DefaultAzureCredential' is used.</param>
/// <param name="resource">Resource to access. e.g. https://database.windows.net/.</param>
/// <param name="tenantId">If not specified, default tenant is used. Managed Service Identity REST protocols do not accept tenantId, so this can only be used with certificate and client secret based authentication.</param>
/// <param name="azureAdInstance">Specify a value for clouds other than the Public Cloud.</param>
/// <returns>A builder for a database upgrader designed for Azure SQL Server databases.</returns>
public static UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(this SupportedDatabases supported, string connectionString, string schema, string resource, string tenantId, string azureAdInstance = "https://login.microsoftonline.com/")
public static UpgradeEngineBuilder AzureSqlDatabaseWithIntegratedSecurity(
this SupportedDatabases supported,
string connectionString,
string schema = null,
TokenCredential tokenCredential = null,
string resource = "https://database.windows.net/",
string tenantId = null
)
{
return supported.SqlDatabase(new AzureSqlConnectionManager(connectionString, resource, tenantId, azureAdInstance), schema);
return supported.SqlDatabase(
new AzureSqlConnectionManager(connectionString, tokenCredential ?? new DefaultAzureCredential(), resource, tenantId), schema);
}
}
#pragma warning restore CA1050 // Declare types in namespaces
2 changes: 1 addition & 1 deletion src/dbup-sqlserver/Properties/AssemblyInfo.cs
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
using System.Runtime.InteropServices;

[assembly: ComVisible(false)]
[assembly: CLSCompliant(true)]
[assembly: CLSCompliant(false)]

// The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("8190b40b-ac5b-414f-8a00-9b6a2c12b010")]
3 changes: 1 addition & 2 deletions src/dbup-sqlserver/dbup-sqlserver.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,7 @@
<ItemGroup>
<PackageReference Include="dbup-core" Version="6.0.0-beta.146"/>
<PackageReference Include="System.Net.Security" Version="4.3.2" />
<PackageReference Include="Microsoft.Data.SqlClient" Version="5.2.1" />
<PackageReference Include="Microsoft.Azure.Services.AppAuthentication" Version="1.6.2" />
<PackageReference Include="Microsoft.Data.SqlClient" Version="5.2.2" />
</ItemGroup>

<ItemGroup>
Expand Down

0 comments on commit 32c112f

Please sign in to comment.