Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added CredentialProvider #308

Open
wants to merge 25 commits into
base: master
Choose a base branch
from
Open

added CredentialProvider #308

wants to merge 25 commits into from

Conversation

kratkyzobak
Copy link

Adds support for dynamic passwords in connection level. Dynamic passwords are supported in various Cloud SQL solutions (Google Cloud SQL, Azure Database For MySQL etc). Usually works as OIDC tokens, which are considered more secure since their short time expiration. "Negative" consequence of short time expiration are lazy instances with statically set password in long running jobs. Password can expire before connection is initialized.

We used "hack" to change password by reflection, but since 3.2.2 is password readonly property, there is no other "simple" solution.
Other solutions mentioned in issue 229 are hard to write in legacy code. This PR uses non-BC way to improve security (by removing static passwords) for legacy codes with simple solution.

PR does not anyhow propose, how should anyone obtain token as it is highly dependent on environment. So password now can be either string (as usuall) or Nette\Database\CredentialProvider interface.

dg added 24 commits May 10, 2024 18:22
@dg
Selection: support for generics
367cc4e
@dg
PascalCase constants
0608c21
@dg
Reflection::getTable() can access unlisted table
90bb859
@dg
renamed IStructure::FIELD_* to Type::*
a96116c
@dg
Driver::getColumns() added NDB type
ebbb7cd
@dg
Column::$nativeType changed to NDB $type
da1b2c8
@dg
Helpers::detectType() supports 'INT UNSIGNED'
d43272b
@dg
Reflection: removed $schema
9e87eda
@dg
opened 4.0-dev
e11f612
@dg
removed old Driver::SUPPORT constants (BC break)
c4e5746
@dg
deprecated methods trigger notices
57e5fa0
@dg
returns always date-time as immutable Nette\Database\DateTime (BC break)
ccd13ce
@dg
Helpers::normalizeRow() & detection moved to new class RowNormalizer
b23a3b3
@dg
RowNormalizer: refactoring
3e7168b
@dg
RowNormalizer: added configuring methods [Closes nette#257]
229fec5
@dg
introduced PdoDriver, descendant of all PDO-based drivers
98d167f
@dg
database connection moved to PdoDriver::connect()
1297897
@dg
drivers uses PDO instead of Connection
38b88d5
@dg
some others methods moved to PdoDriver
ccece35
@dg
added ResultDriver
c7c81ee
@dg
exceptions are converted in PdoDriver
2cf6efa
@dg
added Nette\Database\QueryException
071d442
@dg
drivers: getForeignKeys() works with multi-column foreign keys
860a033
@dg
readme: added jumbo
c328e2c
@kratkyzobak kratkyzobak force-pushed the credential-provider branch 4 times, most recently from 5dad961 to 2fc38e1 Compare June 14, 2024 07:43
@dg dg force-pushed the master branch 29 times, most recently from a329d1b to 9f82d9d Compare September 5, 2024 02:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kratkyzobak @dg