Adding Old Constructor back to AKV Provider#675
Adding Old Constructor back to AKV Provider#675cheenamalhotra merged 10 commits intomicrosoft:devfrom
Conversation
Codecov Report
@@ Coverage Diff @@
## dev #675 +/- ##
============================================
- Coverage 48.08% 48.02% -0.07%
+ Complexity 2586 2582 -4
============================================
Files 114 114
Lines 26578 26601 +23
Branches 4453 4454 +1
============================================
- Hits 12781 12775 -6
- Misses 11664 11689 +25
- Partials 2133 2137 +4
Continue to review full report at Codecov.
|
peterbae
left a comment
peterbae
left a comment
There was a problem hiding this comment.
I tested the code and read through the logic, LGTM. Thanks for the implementation.
| */ | ||
| class KeyVaultCredential extends KeyVaultCredentials { | ||
|
|
||
| SQLServerKeyVaultAuthenticationCallback authenticationCallback = null; |
| * when an error occurs | ||
| */ | ||
| public SQLServerColumnEncryptionAzureKeyVaultProvider(SQLServerKeyVaultAuthenticationCallback authenticationCallback, | ||
| ExecutorService executorService) throws SQLServerException { |
There was a problem hiding this comment.
Where is executorService used?
There was a problem hiding this comment.
executorService is not consumed here because the KeyVaultClientImpl now manages its own KeyVaultClientService as here. These services are used by Retrofit to make Rest Calls.
The only reason of adding this here was to retain the old constructor params used by current applications in industry to allow no change upgrade of JDBC Driver version, but can be removed as well.
There was a problem hiding this comment.
Could lead to confusions. Let's make sure we discuss this with Jakub.
| String scope) { | ||
| AuthenticationResult token = getAccessTokenFromClientCredentials(authorization, resource, clientId, clientKey); | ||
| return token.getAccessToken(); | ||
| if(authenticationCallback==null) { |
There was a problem hiding this comment.
Maybe we could try to avoid multiple returns?
cheenamalhotra
changed the title
… old Constructor and added a new constructor with 1 param
peterbae
left a comment
peterbae
left a comment
There was a problem hiding this comment.
Other than these two comments, I approve.
| SQLServerKeyVaultAuthenticationCallback authenticationCallback = null; | ||
| String clientId = null; | ||
| String clientKey = null; | ||
| String accessToken = null; |
There was a problem hiding this comment.
That's how mssql-jdbc formatter works here.
There was a problem hiding this comment.
This is what happens when you apply the formatter.
SQLServerKeyVaultAuthenticationCallback authenticationCallback = null;
String clientId = null;
String clientKey = null;
String accessToken = null;
| RestClient restClient = new RestClient.Builder(new OkHttpClient.Builder(), new Retrofit.Builder()).withBaseUrl(baseUrl) | ||
| .withCredentials(credentials).withSerializerAdapter(new AzureJacksonAdapter()) | ||
| .withResponseBuilderFactory(new AzureResponseBuilder.Factory()).build(); | ||
| keyVaultClient = new KeyVaultClient(restClient); |
There was a problem hiding this comment.
If both SQLServerColumnEncryptionAzureKeyVaultProvider constructors do exactly the same thing, maybe refactor the inner part so we don't duplicate code?
...actually, we would have to revert that in our next release when we remove the deprecated API. in that case, just have the SQLServerColumnEncryptionAzureKeyVaultProvider with ExecutorService in its parameter call the other SQLServerColumnEncryptionAzureKeyVaultProvider constructor.
| */ | ||
| @Deprecated | ||
| public SQLServerColumnEncryptionAzureKeyVaultProvider(SQLServerKeyVaultAuthenticationCallback authenticationCallback, | ||
| ExecutorService executorService) throws SQLServerException { |
There was a problem hiding this comment.
Since we aren't doing anything with the executor, and the constructor is just here for backwards compatibility, shouldn't we make a call to SQLServerColumnEncryptionAzureKeyVaultProvider(SQLServerKeyVaultAuthenticationCallback authenticationCallback)? This might confuse people who are stepping through the code, thinking there is a very small change somewhere and that's why there are separate functions.
| AuthenticationResult token = getAccessTokenFromClientCredentials(authorization, resource, clientId, clientKey); | ||
| return token.getAccessToken(); | ||
| String accessToken; | ||
| if (authenticationCallback == null) { |
There was a problem hiding this comment.
if (null == authenticationCallback)
| * @param authenticationCallback | ||
| * - Callback function used for authenticating to AAD. | ||
| * @param executorService | ||
| * - The ExecutorService, previously used to create the keyVaultClient, but not in use anymore. - This param can be passed as 'null' |
| * Constructor that takes a callback function to authenticate to AAD. This is used by KeyVaultClient at runtime to authenticate to Azure Key | ||
| * Vault. | ||
| * | ||
| * This constructor is present to maintain backwards compatibility with 6.0 version of the driver. Deprecated for removal in next Stable release. |
6 participants
This PR adds back the old Constructor for SQLServerColumnEncryptionAzureKeyVaultProvider as below:
SQLServerColumnEncryptionAzureKeyVaultProvider akvProvider = new SQLServerColumnEncryptionAzureKeyVaultProvider(authenticationCallback, service);This constructor was removed in PR #397 due to changed HttpClient implementation in AKV library version 1.0.0. With this PR we add backwards compatibility to applications using old AKV libraries with 6.0 and 6.2.1 driver versions and will now be able to upgrade without making any changes to code.