search

DbUp / dbup-sqlserver

Microsoft SQL Server provider for DbUp
MIT License
4 stars 3 forks source link

Please add AAD auth support for Azure SQL Database #7

Open nzolotar opened 4 years ago

nzolotar commented 4 years ago

I cant get it to work because you only accept connection as a string! And I need to get Azure token first and then establish a connection. Please advise if there any options. urgent project!

        private async Task<string> GetToken()
        {

            var ctx = new AuthenticationContext("https://login.microsoftonline.com/xxx");
            var result = await ctx.AcquireTokenAsync("https://database.windows.net/", new ClientCredential("xxx", "xxx"));
            return result.AccessToken;
        }

and then 

using (var conn = new SqlConnection("Data Source=tcp:xxx.database.windows.net,1433;Initial Catalog=xxx;"))
            {
                conn.AccessToken = await GetToken();

                return await conn.QueryASync<T>(sql);
            }
sungam3r commented 3 years ago

https://github.com/DbUp/DbUp/blob/master/src/dbup-sqlserver/SqlConnectionManager.cs#L46 https://github.com/DbUp/DbUp/blob/master/src/dbup-sqlserver/dbup-sqlserver.csproj#L50 https://github.com/DbUp/DbUp/blob/master/src/dbup-sqlserver/dbup-sqlserver.csproj#L54

TroyWitthoeft commented 3 years ago

I'm in need of this feature too! We're using DbUp with Azure SQL. Would love to use AAD or MSIs instead of having to worry about protecting sql credentials

@sungam3r has tersely demonstrated how to use Azure Integrated Security with DbUp.
Let's close this issue?

@nzolotar for reference, there is a method overload of SqlDatabase() that accepts boolean for azure support.
Example 

    var upgrader =
        DeployChanges.To
            .SqlDatabase(connectionString,null,true)
            .WithScriptsEmbeddedInAssembly(Assembly.GetExecutingAssembly())
            .LogToConsole()
            .Build();

Thanks,

holtalanm commented 3 years ago

This does not work for Azure AD when on Azure Gov.

the url for getting the token that is hard-coded is incorrect here ("https://database.windows.net/"). Is there a way to make this configurable?

For the record, for Azure AD on Azure Gov, the url should be: "https://database.usgovcloudapi.net"

sungam3r commented 10 months ago

My links from https://github.com/DbUp/dbup-sqlserver/issues/7 point to nowhere... I don't remember what I wanted to show.

mcolebiltd commented 2 months ago

Base url for updated links: https://github.com/DbUp/dbup-sqlserver/tree/main/src/dbup-sqlserver