Skip to content

added CredentialProvider #308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kratkyzobak wants to merge 25 commits into
base: master
Choose a base branch
from
Open

added CredentialProvider #308

kratkyzobak wants to merge 25 commits into from
+2,376 −459

Conversation

@kratkyzobak
Copy link

@kratkyzobak kratkyzobak commented Jun 14, 2024

Adds support for dynamic passwords in connection level. Dynamic passwords are supported in various Cloud SQL solutions (Google Cloud SQL, Azure Database For MySQL etc). Usually works as OIDC tokens, which are considered more secure since their short time expiration. "Negative" consequence of short time expiration are lazy instances with statically set password in long running jobs. Password can expire before connection is initialized.

We used "hack" to change password by reflection, but since 3.2.2 is password readonly property, there is no other "simple" solution.
Other solutions mentioned in issue 229 are hard to write in legacy code. This PR uses non-BC way to improve security (by removing static passwords) for legacy codes with simple solution.

PR does not anyhow propose, how should anyone obtain token as it is highly dependent on environment. So password now can be either string (as usuall) or Nette\Database\CredentialProvider interface.
dg added 24 commits May 10, 2024 18:22
@dg
Selection: support for generics
367cc4e
@dg
PascalCase constants
0608c21
@dg
Reflection::getTable() can access unlisted table
90bb859
@dg
renamed IStructure::FIELD_* to Type::*
a96116c
@dg
Driver::getColumns() added NDB type
ebbb7cd
@dg
Column::$nativeType changed to NDB $type
da1b2c8
@dg
Helpers::detectType() supports 'INT UNSIGNED'
d43272b
@dg
Reflection: removed $schema
9e87eda
@dg
opened 4.0-dev
e11f612
@dg
removed old Driver::SUPPORT constants (BC break)
c4e5746
@dg
deprecated methods trigger notices
57e5fa0
@dg
returns always date-time as immutable Nette\Database\DateTime (BC break)
ccd13ce
@dg
Helpers::normalizeRow() & detection moved to new class RowNormalizer
b23a3b3
@dg
RowNormalizer: refactoring
3e7168b
@dg
RowNormalizer: added configuring methods [Closes nette#257]
229fec5
@dg
introduced PdoDriver, descendant of all PDO-based drivers
98d167f
@dg
database connection moved to PdoDriver::connect()
1297897
@dg
drivers uses PDO instead of Connection
38b88d5
@dg
some others methods moved to PdoDriver
ccece35
@dg
added ResultDriver
c7c81ee
@dg
exceptions are converted in PdoDriver
2cf6efa
@dg
added Nette\Database\QueryException
071d442
@dg
drivers: getForeignKeys() works with multi-column foreign keys
860a033
@dg
readme: added jumbo
c328e2c
@kratkyzobak kratkyzobak force-pushed the credential-provider branch 4 times, most recently from 5dad961 to 2fc38e1 Compare June 14, 2024 07:43
@kratkyzobak kratkyzobak force-pushed the credential-provider branch from 2fc38e1 to 9bf1d51 Compare June 14, 2024 08:07
@dg dg force-pushed the master branch 21 times, most recently from cdb8832 to a1798c0 Compare September 6, 2024 15:11
@dg dg force-pushed the master branch 2 times, most recently from 1769a67 to b02f117 Compare January 9, 2025 22:12
@dg dg force-pushed the master branch 2 times, most recently from 2d78899 to 2f04c73 Compare June 5, 2025 23:26
@dg dg force-pushed the master branch 2 times, most recently from e8459f8 to 23617a8 Compare June 19, 2025 17:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@kratkyzobak @dg