From 5f7cfd2ed1b85b2499fa93e9041e1cb66dcbc8fe Mon Sep 17 00:00:00 2001 From: Alexander Kammerer Date: Tue, 31 Mar 2020 12:44:51 +0200 Subject: [PATCH 1/4] Allow user to specify Authentication option and set correct connection string attributes for ActiveDirectoryInteractive authentication option --- sql_server/pyodbc/base.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/sql_server/pyodbc/base.py b/sql_server/pyodbc/base.py index a6bbb99..35ba0c1 100644 --- a/sql_server/pyodbc/base.py +++ b/sql_server/pyodbc/base.py @@ -247,6 +247,7 @@ def get_new_connection(self, conn_params): options = conn_params.get('OPTIONS', {}) driver = options.get('driver', 'ODBC Driver 13 for SQL Server') dsn = options.get('dsn', None) + auth = options.get('Authentication', None) # Microsoft driver names assumed here are: # * SQL Server Native Client 10.0/11.0 @@ -291,6 +292,16 @@ def get_new_connection(self, conn_params): if ms_drivers.match(driver) and os.name == 'nt': cstr_parts['MARS_Connection'] = 'yes' + + # User may want to use Azure AD Interactive connection option + # It the user specified active directory interactive auth, + # we neet to make sure pwd is not set and the connection is not + # trusted as otherwise the driver will refuse to connect + if auth: + cstr_parts['Authentication'] = auth + if auth == 'ActiveDirectoryInteractive': + cstr_parts.pop('PWD') + cstr_parts['Trusted_Connection'] = 'no' connstr = encode_connection_string(cstr_parts) From 1c0a0c81ed54805bef41b7da6cb9e43f492f3633 Mon Sep 17 00:00:00 2001 From: Alexander Kammerer Date: Tue, 31 Mar 2020 12:45:24 +0200 Subject: [PATCH 2/4] Remove whitespace --- sql_server/pyodbc/base.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sql_server/pyodbc/base.py b/sql_server/pyodbc/base.py index 35ba0c1..c853753 100644 --- a/sql_server/pyodbc/base.py +++ b/sql_server/pyodbc/base.py @@ -292,7 +292,7 @@ def get_new_connection(self, conn_params): if ms_drivers.match(driver) and os.name == 'nt': cstr_parts['MARS_Connection'] = 'yes' - + # User may want to use Azure AD Interactive connection option # It the user specified active directory interactive auth, # we neet to make sure pwd is not set and the connection is not From 0b7b5c816c1813c9f9f76ce3bee3a51841dab364 Mon Sep 17 00:00:00 2001 From: Alexander Kammerer Date: Tue, 31 Mar 2020 16:20:56 +0200 Subject: [PATCH 3/4] Make sure there is no key error when removing the PWD entry from the cstr dict --- sql_server/pyodbc/base.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sql_server/pyodbc/base.py b/sql_server/pyodbc/base.py index c853753..bcc1104 100644 --- a/sql_server/pyodbc/base.py +++ b/sql_server/pyodbc/base.py @@ -300,7 +300,7 @@ def get_new_connection(self, conn_params): if auth: cstr_parts['Authentication'] = auth if auth == 'ActiveDirectoryInteractive': - cstr_parts.pop('PWD') + cstr_parts.pop('PWD', '') cstr_parts['Trusted_Connection'] = 'no' connstr = encode_connection_string(cstr_parts) From be4c980ecbe1885d1e604865fc125014c3cf7847 Mon Sep 17 00:00:00 2001 From: Alexander Kammerer Date: Tue, 31 Mar 2020 16:46:34 +0200 Subject: [PATCH 4/4] UID needs to be set in connection string, so set default --- sql_server/pyodbc/base.py | 1 + 1 file changed, 1 insertion(+) diff --git a/sql_server/pyodbc/base.py b/sql_server/pyodbc/base.py index bcc1104..224a0ba 100644 --- a/sql_server/pyodbc/base.py +++ b/sql_server/pyodbc/base.py @@ -300,6 +300,7 @@ def get_new_connection(self, conn_params): if auth: cstr_parts['Authentication'] = auth if auth == 'ActiveDirectoryInteractive': + cstr_parts.setdefault('UID', '') cstr_parts.pop('PWD', '') cstr_parts['Trusted_Connection'] = 'no'