PHP Laravel with MS SQL Azure database connection having Azure Active Directory - Universal with MFA enables

Question

We have Laravel App having MS SQL Database connection. SQL database is hosted on microsoft azure app service.

To connect database with MS SQL using Laravel, we have installed the required PHP drivers for Microsoft SQL Server (Ubuntu) as per instructions given in link. https://docs.microsoft.com/en-us/sql/connect/php/installation-tutorial-linux-mac?view=sql-server-ver15

By following steps from above link, our Laravel web APP connection with MS SQL Database was working fine and we were able to perform queries on database.

Now client has enabled Azure Active Directory – Universal with MFA Authentication to access the database. So our database connection is not working now. We have below code in .env file to connect SQL database.

DB_CONNECTION_sqlsrv=sqlsrv
DB_HOST_sqlsrv=sql-server-host-name
DB_PORT_sqlsrv=1433
DB_DATABASE_sqlsrv=sql-database-name
DB_USERNAME_sqlsrv= sql-database-username
DB_PASSWORD_sqlsrv= sql-database-password

To verify the database connection, we are trying to connect database from SSMS(Application from window) as below to verify the credentials and connection is working fine there.

But our Laravel connection is not working here. So is there any alternate way or any parameters we have to pass to connect MS SQL database having Azure Active Directory with MFA enabled on Azure App Server? Without that authentication enables, database connection is working very fine for us. Any help would be appreciated.

Answer 1

After doing some research, we found the solution. We have resolved it by extending the default database connection classes which can accomplish ActiveDirectoryPassword authentication. On behalf of solution we have follow below steps.

Step 1:

We have created a new folder under app , and copied the following core files over.

       ◦ Custom
           ▪ Database
               • Connectors
                   ◦ ConnectionFactory.php
                   ◦ SqlServerConnector.php

These core files can be found in vendor/laravel/framework/src/Illuminate/. The objective here is to extend the base classes, then load the extended class in the Database Service provider. After we have these files copied over, We have edited the files.

Step 2:

Go to your app > Custom > Database > Connectors > ConnectionFactory.php

Change the namespace.

namespace App\Custom\Database\Connectors;

Import the original class so we can extend it.

use Illuminate\Database\Connectors\ConnectionFactory as BaseFactory;

class ConnectionFactory extends BaseFactory {

Comment out the original class and replace it with your new extended class.

/*use Illuminate\Database\Connectors\SqlServerConnector;*/ use App\Custom\Database\Connectors\SqlServerConnector;

Step 3:

Then Go To app > Custom > Database > Connectors > SqlServerConnector.php

In this file, we need to add some extra attributes to the getSqlSrvDsn() method.

Updated the namespace.

namespace App\Custom\Database\Connectors;

Add required classes.

use Illuminate\Database\Connectors\ConnectorInterface; use Illuminate\Database\Connectors\Connector;

Update getSqlSrvDsn() by adding the following attributes.

//Added to support ActiveDirectoryPassword

if (isset($config['authentication'])) { $arguments['Authentication'] = $config['authentication']; }

Step 4:

After adding the 'Authentication' to the attributes, update you sqlsrv connection settings array in database.php.

'authentication' => env('DB_AUTHENTICATION', 'ActiveDirectoryPassword'),

We set the default to be SqlPassword. In order to use Active Directory Managed Identities, we can set it to 'ActiveDirectoryPassword' in our .env file

In config/database.php add 'authentication' => 'ActiveDirectoryPassword', and check default connection as it is below :

//'default' => env('DB_CONNECTION', 'mysql'),
'default' => env('DB_CONNECTION', 'sqlsrv'), 

'sqlsrv' => [
            'driver' => 'sqlsrv',
            'url' => env('DATABASE_URL_sqlsrv'),
            'host' => env('DB_HOST_sqlsrv', 'hostname.dbmssql.com'),
            'port' => env('DB_PORT_sqlsrv', '1433'),
            'database' => env('DB_DATABASE_sqlsrv', 'sqldb'),
            'username' => env('DB_USERNAME_sqlsrv', 'SqlUsername'),
            'password' => env('DB_PASSWORD_sqlsrv', 'SqlPassword'),
            'authentication' => env('DB_AUTHENTICATION', 'ActiveDirectoryPassword'),
            'charset' => 'utf8',
            'prefix' => '',
            'prefix_indexes' => true,
        ],

Step 5:

Next, create a new DatabaseServiceProvider.php to use our custom ConnectionFactory.

php artisan make:provider DatabaseServiceProvider

Copy over the existing DatabaseServiceProvider code located in:

Illuminate\Database\DatabaseServiceProvider

Update the ConnectionFactory class to grab our custom ConnectionnFactory.

/*use Illuminate\Database\Connectors\ConnectionFactory;*/
use App\Custom\Database\Connectors\ConnectionFactory;

Add below package in DatabaseServiceProvider

use Illuminate\Database\DatabaseManager;
use Illuminate\Database\DatabaseTransactionsManager;
use Illuminate\Support\ServiceProvider;

Step 6:

Last, in our app/config/app.php file, comment out the existing DatabaseServiceProvider.

/*Illuminate\Database\DatabaseServiceProvider::class,*/

And add our new DatabaseServiceProvider.

App\Providers\DatabaseServiceProvider::class,

By following above steps, connection is working fine and able to access the database from Laravel 8.

Answer 2

you can go immediately to this location to edit vendor\laravel\framework\src\Illuminate\Database\Connectors\SqlServerConnector.php in getSqlSrvDsn() function just add this code

    if (isset($config['authentication'])) {
        $arguments['Authentication'] = $config['authentication'];
      }

and after that, you need to pass the

'authentication'=>'ActiveDirectoryMsi'

in your database connection array in config/database.php and should be working fine