Merge pull request #11200 from Budibase/budi-7265-sql-ntlm-configuration
Allow MSSQL ntlm configuration
This commit is contained in:
Adria Navarro
GitHub
commit
02fa87b59b
|
|
@ -27,11 +27,14 @@ const DEFAULT_SCHEMA = "dbo"
|
||||||
|
|
||||||
import { ConfidentialClientApplication } from "@azure/msal-node"
|
import { ConfidentialClientApplication } from "@azure/msal-node"
|
||||||
|
|
||||||
|
import { utils } from "@budibase/shared-core"
|
||||||
|
|
||||||
enum MSSQLConfigAuthType {
|
enum MSSQLConfigAuthType {
|
||||||
ACTIVE_DIRECTORY = "Active Directory",
|
AZURE_ACTIVE_DIRECTORY = "Azure Active Directory",
|
||||||
|
NTLM = "NTLM",
|
||||||
}
|
}
|
||||||
|
|
||||||
interface MSSQLConfig {
|
interface BasicMSSQLConfig {
|
||||||
user: string
|
user: string
|
||||||
password: string
|
password: string
|
||||||
server: string
|
server: string
|
||||||
|
|
@ -40,13 +43,30 @@ interface MSSQLConfig {
|
||||||
schema: string
|
schema: string
|
||||||
encrypt?: boolean
|
encrypt?: boolean
|
||||||
authType?: MSSQLConfigAuthType
|
authType?: MSSQLConfigAuthType
|
||||||
adConfig?: {
|
}
|
||||||
|
|
||||||
|
interface AzureADMSSQLConfig extends BasicMSSQLConfig {
|
||||||
|
authType: MSSQLConfigAuthType.AZURE_ACTIVE_DIRECTORY
|
||||||
|
adConfig: {
|
||||||
clientId: string
|
clientId: string
|
||||||
clientSecret: string
|
clientSecret: string
|
||||||
tenantId: string
|
tenantId: string
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
interface NTLMMSSQLConfig extends BasicMSSQLConfig {
|
||||||
|
authType: MSSQLConfigAuthType.NTLM
|
||||||
|
ntlmConfig: {
|
||||||
|
domain?: string
|
||||||
|
trustServerCertificate?: boolean
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
type MSSQLConfig =
|
||||||
|
| (BasicMSSQLConfig & { authType: undefined })
|
||||||
|
| AzureADMSSQLConfig
|
||||||
|
| NTLMMSSQLConfig
|
||||||
|
|
||||||
const SCHEMA: Integration = {
|
const SCHEMA: Integration = {
|
||||||
docs: "https://github.com/tediousjs/node-mssql",
|
docs: "https://github.com/tediousjs/node-mssql",
|
||||||
plus: true,
|
plus: true,
|
||||||
|
|
@ -93,13 +113,18 @@ const SCHEMA: Integration = {
|
||||||
authType: {
|
authType: {
|
||||||
type: DatasourceFieldType.SELECT,
|
type: DatasourceFieldType.SELECT,
|
||||||
display: "Advanced auth",
|
display: "Advanced auth",
|
||||||
config: { options: [MSSQLConfigAuthType.ACTIVE_DIRECTORY] },
|
config: {
|
||||||
|
options: [
|
||||||
|
MSSQLConfigAuthType.AZURE_ACTIVE_DIRECTORY,
|
||||||
|
MSSQLConfigAuthType.NTLM,
|
||||||
|
],
|
||||||
|
},
|
||||||
},
|
},
|
||||||
adConfig: {
|
adConfig: {
|
||||||
type: DatasourceFieldType.FIELD_GROUP,
|
type: DatasourceFieldType.FIELD_GROUP,
|
||||||
default: true,
|
default: true,
|
||||||
display: "Configure Active Directory",
|
display: "Configure Active Directory",
|
||||||
hidden: "'{{authType}}' !== 'Active Directory'",
|
hidden: `'{{authType}}' !== '${MSSQLConfigAuthType.AZURE_ACTIVE_DIRECTORY}'`,
|
||||||
config: {
|
config: {
|
||||||
openByDefault: true,
|
openByDefault: true,
|
||||||
nestedFields: true,
|
nestedFields: true,
|
||||||
|
|
@ -122,6 +147,28 @@ const SCHEMA: Integration = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
ntlmConfig: {
|
||||||
|
type: DatasourceFieldType.FIELD_GROUP,
|
||||||
|
default: true,
|
||||||
|
display: "Configure NTLM",
|
||||||
|
hidden: `'{{authType}}' !== '${MSSQLConfigAuthType.NTLM}'`,
|
||||||
|
config: {
|
||||||
|
openByDefault: true,
|
||||||
|
nestedFields: true,
|
||||||
|
},
|
||||||
|
fields: {
|
||||||
|
domain: {
|
||||||
|
type: DatasourceFieldType.STRING,
|
||||||
|
required: false,
|
||||||
|
display: "Domain",
|
||||||
|
},
|
||||||
|
trustServerCertificate: {
|
||||||
|
type: DatasourceFieldType.BOOLEAN,
|
||||||
|
required: false,
|
||||||
|
display: "Trust server certificate",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
query: {
|
query: {
|
||||||
create: {
|
create: {
|
||||||
|
|
@ -199,26 +246,43 @@ class SqlServerIntegration extends Sql implements DatasourcePlus {
|
||||||
}
|
}
|
||||||
delete clientCfg.encrypt
|
delete clientCfg.encrypt
|
||||||
|
|
||||||
if (this.config.authType === MSSQLConfigAuthType.ACTIVE_DIRECTORY) {
|
switch (this.config.authType) {
|
||||||
const { clientId, tenantId, clientSecret } = this.config.adConfig!
|
case MSSQLConfigAuthType.AZURE_ACTIVE_DIRECTORY:
|
||||||
const clientApp = new ConfidentialClientApplication({
|
const { clientId, tenantId, clientSecret } = this.config.adConfig
|
||||||
auth: {
|
const clientApp = new ConfidentialClientApplication({
|
||||||
clientId,
|
auth: {
|
||||||
authority: `https://login.microsoftonline.com/${tenantId}`,
|
clientId,
|
||||||
clientSecret,
|
authority: `https://login.microsoftonline.com/${tenantId}`,
|
||||||
},
|
clientSecret,
|
||||||
})
|
},
|
||||||
|
})
|
||||||
|
|
||||||
const response = await clientApp.acquireTokenByClientCredential({
|
const response = await clientApp.acquireTokenByClientCredential({
|
||||||
scopes: ["https://database.windows.net/.default"],
|
scopes: ["https://database.windows.net/.default"],
|
||||||
})
|
})
|
||||||
|
|
||||||
clientCfg.authentication = {
|
clientCfg.authentication = {
|
||||||
type: "azure-active-directory-access-token",
|
type: "azure-active-directory-access-token",
|
||||||
options: {
|
options: {
|
||||||
token: response!.accessToken,
|
token: response!.accessToken,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
break
|
||||||
|
case MSSQLConfigAuthType.NTLM:
|
||||||
|
const { domain, trustServerCertificate } = this.config.ntlmConfig
|
||||||
|
clientCfg.authentication = {
|
||||||
|
type: "ntlm",
|
||||||
|
options: {
|
||||||
|
domain,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
clientCfg.options ??= {}
|
||||||
|
clientCfg.options.trustServerCertificate = trustServerCertificate
|
||||||
|
break
|
||||||
|
case undefined:
|
||||||
|
break
|
||||||
|
default:
|
||||||
|
utils.unreachable(this.config)
|
||||||
}
|
}
|
||||||
|
|
||||||
const pool = new sqlServer.ConnectionPool(clientCfg)
|
const pool = new sqlServer.ConnectionPool(clientCfg)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue