-
|
I'm attempting to find a way to authenticate to Azure SQL using AAD authentication instead of having credentials in the connection string. Something like var connection = new SqlConnection(connectionString);
var tokenProvider = new AzureServiceTokenProvider();
connection.AccessToken = await tokenProvider.GetAccessTokenAsync("https://database.windows.net/");I suspect this is something i'm going to need write some custom code to facilitate, but i'm having trouble finding the starting point. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
|
I think that you can get away with something like this (pseudocode mostly).. Edited after morning coffee kicked in public class AzureAadProvider : DbProvider
{
// here passing known supported DB provider name to base class
public AzureAadProvider(string connectionString)
: base("SqlServer", connectionString)
{
}
public override DbConnection CreateConnection()
{
var connection = base.CreateConnection();
var tokenProvider = new AzureServiceTokenProvider();
connection.AccessToken = await tokenProvider.GetAccessTokenAsync("https://database.windows.net/");
return connection;
}
}
....
// before quartz initialization
var provider = new AzureAadProvider("connection string here");
Quartz.Util.DBConnectionManager.Instance.AddConnectionProvider("aadDataSource", provider);Just don't configure any data sources in the configuration file. Just reference this manually registered via So not as straightforward as you might hope, but I hope this helps you to get started. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the starting point! |
Beta Was this translation helpful? Give feedback.
-
|
I was able to get past the authentication hurdle. For completeness, here's the code that I was able to get working public class AadEnabledDbProvider : DbProvider
{
private readonly AzureServiceTokenProvider _tokenProvider = new AzureServiceTokenProvider();
public AadEnabledDbProvider(string connectionString) : base("SqlServer", connectionString)
{
}
public override DbConnection CreateConnection()
{
var connection = base.CreateConnection();
if(connection is not SqlConnection sqlConnection)
{
throw new NotSupportedException("AAD Auth attempted on a DbConnection that doesn't support token authentication.");
}
sqlConnection.AccessToken = _tokenProvider.GetAccessTokenAsync("https://database.windows.net/").GetAwaiter().GetResult();
return sqlConnection;
}
} |
Beta Was this translation helpful? Give feedback.
-
|
oh man u make my day |
Beta Was this translation helpful? Give feedback.
I think that you can get away with something like this (pseudocode mostly).. Edited after morning coffee kicked in