Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added CredentialProvider #308

Open
wants to merge 25 commits into
base: master
Choose a base branch
from

Conversation

kratkyzobak
Copy link

Adds support for dynamic passwords in connection level. Dynamic passwords are supported in various Cloud SQL solutions (Google Cloud SQL, Azure Database For MySQL etc). Usually works as OIDC tokens, which are considered more secure since their short time expiration. "Negative" consequence of short time expiration are lazy instances with statically set password in long running jobs. Password can expire before connection is initialized.

We used "hack" to change password by reflection, but since 3.2.2 is password readonly property, there is no other "simple" solution.
Other solutions mentioned in issue 229 are hard to write in legacy code. This PR uses non-BC way to improve security (by removing static passwords) for legacy codes with simple solution.

PR does not anyhow propose, how should anyone obtain token as it is highly dependent on environment. So password now can be either string (as usuall) or Nette\Database\CredentialProvider interface.

@kratkyzobak kratkyzobak force-pushed the credential-provider branch 4 times, most recently from 5dad961 to 2fc38e1 Compare June 14, 2024 07:43
@kratkyzobak kratkyzobak force-pushed the credential-provider branch from 2fc38e1 to 9bf1d51 Compare June 14, 2024 08:07
@dg dg force-pushed the master branch 29 times, most recently from a329d1b to 9f82d9d Compare September 5, 2024 02:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants