Skip to content

added CredentialProvider#308

Open
kratkyzobak wants to merge 25 commits intonette:masterfrom
kratkyzobak:credential-provider
Open

added CredentialProvider#308
kratkyzobak wants to merge 25 commits intonette:masterfrom
kratkyzobak:credential-provider

Conversation

@kratkyzobak
Copy link

@kratkyzobak kratkyzobak commented Jun 14, 2024

Adds support for dynamic passwords in connection level. Dynamic passwords are supported in various Cloud SQL solutions (Google Cloud SQL, Azure Database For MySQL etc). Usually works as OIDC tokens, which are considered more secure since their short time expiration. "Negative" consequence of short time expiration are lazy instances with statically set password in long running jobs. Password can expire before connection is initialized.

We used "hack" to change password by reflection, but since 3.2.2 is password readonly property, there is no other "simple" solution.
Other solutions mentioned in issue 229 are hard to write in legacy code. This PR uses non-BC way to improve security (by removing static passwords) for legacy codes with simple solution.

PR does not anyhow propose, how should anyone obtain token as it is highly dependent on environment. So password now can be either string (as usuall) or Nette\Database\CredentialProvider interface.

dg added 24 commits May 10, 2024 18:22
@dg
Selection: support for generics
367cc4e
@dg
PascalCase constants
0608c21
@dg
Reflection::getTable() can access unlisted table
90bb859
@dg
renamed IStructure::FIELD_* to Type::*
a96116c
@dg
Driver::getColumns() added NDB type
ebbb7cd
@dg
Column::$nativeType changed to NDB $type
da1b2c8
@dg
Helpers::detectType() supports 'INT UNSIGNED'
d43272b
@dg
Reflection: removed $schema
9e87eda
@dg
opened 4.0-dev
e11f612
@dg
removed old Driver::SUPPORT constants (BC break)
c4e5746
@dg
deprecated methods trigger notices
57e5fa0
@dg
returns always date-time as immutable Nette\Database\DateTime (BC break)
ccd13ce
@dg
Helpers::normalizeRow() & detection moved to new class RowNormalizer
b23a3b3
@dg
RowNormalizer: refactoring
3e7168b
@dg
RowNormalizer: added configuring methods [Closes nette#257]
229fec5
@dg
introduced PdoDriver, descendant of all PDO-based drivers
98d167f
@dg
database connection moved to PdoDriver::connect()
1297897
@dg
drivers uses PDO instead of Connection
38b88d5
@dg
some others methods moved to PdoDriver
ccece35
@dg
added ResultDriver
c7c81ee
@dg
exceptions are converted in PdoDriver
2cf6efa
@dg
added Nette\Database\QueryException
071d442
@dg
drivers: getForeignKeys() works with multi-column foreign keys
860a033
@dg
readme: added jumbo
c328e2c
@kratkyzobak kratkyzobak force-pushed the credential-provider branch 4 times, most recently from 5dad961 to 2fc38e1 Compare June 14, 2024 07:43
@kratkyzobak kratkyzobak force-pushed the credential-provider branch from 2fc38e1 to 9bf1d51 Compare June 14, 2024 08:07
@dg dg force-pushed the master branch 26 times, most recently from 0c81232 to cd9e82d Compare August 19, 2024 18:20
@dg dg force-pushed the master branch 4 times, most recently from 166a2cf to 374653b Compare August 27, 2024 19:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kratkyzobak @dg