Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE REQUEST] Custom ChainedTokenCredential #1623

Open
elliot-huffman opened this issue Apr 30, 2024 · 2 comments
Open

[FEATURE REQUEST] Custom ChainedTokenCredential #1623

elliot-huffman opened this issue Apr 30, 2024 · 2 comments
Labels
feature-request

Comments

@elliot-huffman
Copy link

elliot-huffman commented Apr 30, 2024
edited

Is your feature request related to a problem? If so, please give a short summary of the problem and how the feature would resolve it

The default azure credential isn't always the best way to authenticate, sometimes people need to authenticate using a custom chain, e.g. by using the VS Code plugin, which isn't available in the default chain or to do some fancy environmental variable stuff using azure app config and or azure key vault.
These people would create their own credential chain by using the @azure/identitiy package's ChainedTokenCredential class.

Describe the preferred solution

Add an additional authentication type which accepts a class that implements the chained token credential class from @azure/identity.

Additionally, chained credential support would allow for the removal of support for azure-active-directory-default, azure-active-directory-password, azure-active-directory-msi-vm, azure-active-directory-msi-app-service, and azure-active-directory-service-principal-secret from the maintenance cycle to reduce codebase complexity as this would be able to be offloaded to the chained credential class implementation in the @azure/identity package, which implements all of these features and then some, such as embedded device authentication.

Tl;Dr:
simplify the auth types in Tedious.JS by offloading the majority of auth to the provided ChainedTokenCredential instance.

Describe alternatives you've considered

Default Azure credential (about to migrate to this), custom coded error handler to re-initialize the connection (current method) when the token expires.

Additional context

#1144

Reference Documentations/Specifications

https://tediousjs.github.io/tedious/api-connection.html#function_newConnection
https://www.npmjs.com/package/@azure/identity
https://learn.microsoft.com/en-us/javascript/api/%40azure/identity/?view=azure-node-latest
@elliot-huffman elliot-huffman mentioned this issue May 1, 2024
Open
@elliot-huffman
Copy link
Author

I just created a pull request with the required code to enable this functionality.
I did not remove the existing auth methods so that they could be removed at a future date with plenty of communication as it would be a breaking API change (removing functionality is a semver major change).

@MichaelSun90
Copy link
Contributor

Hi @elliot-huffman, thanks for putting in the effort and made the PR. I saw you and Arthur has a discussion under the PR. I will do some catch up, and see how I can assist on this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@elliot-huffman @MichaelSun90