[英]Azure Sql connection using access token from Azure Identity with nodejs
I'm trying to use access tokens from @azure/identity to connect to azure sql using mssql (which uses tedious behind the scenes).我正在尝试使用来自 @azure/identity 的访问令牌连接到 azure sql 使用 mssql(在幕后使用繁琐)。 The access tokens don't seem to work as is (quite similar to python - more on this later).
访问令牌似乎没有按原样工作(与 python 非常相似 - 稍后会详细介绍)。
I have the following code:我有以下代码:
const identity = require("@azure/identity")
function getConfig(accessToken){
var config = {
"authentication": {
"type": "azure-active-directory-access-token",
"options": {
"token": accessToken
}
},
"server": "dbserver.database.windows.net",
"options": {
"encrypt": true,
"database": "dbname",
}
};
return config;
}
const cred = new identity.DefaultAzureCredential();
const token = await cred.getToken("https://database.windows.net/.default")
const conf = getConfig(token.token)
let pool = await sql.connect(conf)
This always fails with "Login failed for user ''".这总是失败并显示“用户''登录失败”。
I have the following python code which does exactly the same:我有以下 python 代码完全相同:
def get_token():
creds = identity.DefaultAzureCredential()
token = creds.get_token("https://database.windows.net/.default")
tokenb = bytes(token.token, "UTF-8")
exptoken = b''
for i in tokenb:
exptoken += bytes({i})
exptoken += bytes(1)
tokenstruct = struct.pack("=i", len(exptoken)) + exptoken
return tokenstruct
def execute_query():
access_token = get_token()
print(access_token)
sql_server_name = "db-server"
sql_server_db = "database_name"
SQL_COPT_SS_ACCESS_TOKEN = 1256
connString = f"Driver={{ODBC Driver 17 for SQL Server}};SERVER={sql_server_name}.database.windows.net;DATABASE={sql_server_db}"
conn = pyodbc.connect(connString, attrs_before={
SQL_COPT_SS_ACCESS_TOKEN: access_token})
cursor = conn.cursor()
cursor.execute("SELECT * from SYSOBJECTS")
row = cursor.fetchone()
while row:
print(row)
row = cursor.fetchone()
This works perfectly.这完美地工作。 I've also noticed the following:
我还注意到以下几点:
So I'm guessing the binary padding and packing thing that's working for python needs to be done for the node code to work.所以我猜想为 python 工作的二进制填充和打包需要完成节点代码才能工作。 Is there some way of doing this?
有没有办法做到这一点? Or is there some better way to pass an access token from azure-identity to tedious?
或者有没有更好的方法将访问令牌从 azure-identity 传递到乏味?
Doh... I was using node-mssql which is the abandoned 0.0.1 library. Doh ...我使用的是废弃的 0.0.1 库 node-mssql。 Switching to mssql (v6.3.1) uses a recent version of tedious, and the access token works directly.
切换到 mssql (v6.3.1) 使用的是最新版本的 tedious,访问令牌直接工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.