Skip to content

added CredentialProvider#308

Open
kratkyzobak wants to merge 25 commits intonette:masterfrom
kratkyzobak:credential-provider
Open

added CredentialProvider#308
kratkyzobak wants to merge 25 commits intonette:masterfrom
kratkyzobak:credential-provider

Conversation

@kratkyzobak
Copy link

@kratkyzobak kratkyzobak commented Jun 14, 2024

Adds support for dynamic passwords in connection level. Dynamic passwords are supported in various Cloud SQL solutions (Google Cloud SQL, Azure Database For MySQL etc). Usually works as OIDC tokens, which are considered more secure since their short time expiration. "Negative" consequence of short time expiration are lazy instances with statically set password in long running jobs. Password can expire before connection is initialized.

We used "hack" to change password by reflection, but since 3.2.2 is password readonly property, there is no other "simple" solution.
Other solutions mentioned in issue 229 are hard to write in legacy code. This PR uses non-BC way to improve security (by removing static passwords) for legacy codes with simple solution.

PR does not anyhow propose, how should anyone obtain token as it is highly dependent on environment. So password now can be either string (as usuall) or Nette\Database\CredentialProvider interface.

dg added 24 commits May 10, 2024 18:22
@dg
Selection: support for generics
367cc4e
@dg
PascalCase constants
0608c21
@dg
Reflection::getTable() can access unlisted table
90bb859
@dg
renamed IStructure::FIELD_* to Type::*
a96116c
@dg
Driver::getColumns() added NDB type
ebbb7cd
@dg
Column::$nativeType changed to NDB $type
da1b2c8
@dg
Helpers::detectType() supports 'INT UNSIGNED'
d43272b
@dg
Reflection: removed $schema
9e87eda
@dg
opened 4.0-dev
e11f612
@dg
removed old Driver::SUPPORT constants (BC break)
c4e5746
@dg
deprecated methods trigger notices
57e5fa0
@dg
returns always date-time as immutable Nette\Database\DateTime (BC break)
ccd13ce
@dg
Helpers::normalizeRow() & detection moved to new class RowNormalizer
b23a3b3
@dg
RowNormalizer: refactoring
3e7168b
@dg
RowNormalizer: added configuring methods [Closes nette#257]
229fec5
@dg
introduced PdoDriver, descendant of all PDO-based drivers
98d167f
@dg
database connection moved to PdoDriver::connect()
1297897
@dg
drivers uses PDO instead of Connection
38b88d5
@dg
some others methods moved to PdoDriver
ccece35
@dg
added ResultDriver
c7c81ee
@dg
exceptions are converted in PdoDriver
2cf6efa
@dg
added Nette\Database\QueryException
071d442
@dg
drivers: getForeignKeys() works with multi-column foreign keys
860a033
@dg
readme: added jumbo
c328e2c
@kratkyzobak kratkyzobak force-pushed the credential-provider branch 4 times, most recently from 5dad961 to 2fc38e1 Compare June 14, 2024 07:43
@kratkyzobak kratkyzobak force-pushed the credential-provider branch from 2fc38e1 to 9bf1d51 Compare June 14, 2024 08:07
@dg dg force-pushed the master branch 14 times, most recently from cdb8832 to a1798c0 Compare September 6, 2024 15:11
@dg dg force-pushed the master branch 2 times, most recently from 1769a67 to b02f117 Compare January 9, 2025 22:12
@dg dg force-pushed the master branch 2 times, most recently from 2d78899 to 2f04c73 Compare June 5, 2025 23:26
@dg dg force-pushed the master branch 2 times, most recently from e8459f8 to 23617a8 Compare June 19, 2025 17:07
@dg dg force-pushed the master branch 5 times, most recently from 2da238e to 038bab3 Compare December 29, 2025 00:26
@dg dg force-pushed the master branch 2 times, most recently from d3018bd to 9dc391a Compare January 13, 2026 15:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kratkyzobak @dg