0

I am working on an App that is authenticating user using Azure AD, extracting his accessToken and then using this token to connect to the Azure SQL server using below setting.

But unfortunately, I am getting ESOCKET "Connection lost - read ECONNRESET" right away,

const config = {
          server: 'db-server-name.database.windows.net',
          authentication: {
            type: 'azure-active-directory-access-token',
            options: {
              token: cloudAccessToken
            }
          },
          options: {
            debug: {
              packet: true,
              data: true,
              payload: true,
              token: false,
              log: true
            },
            database: 'DBNAME',
            encrypt: true,
            packetSize: 8192,
            keepAlive:true,
            requestTimeout: 300000,
            connectionTimeout: 32000,
          }
        };

        const connection = new Connection(config);

        connection.on('connect', function (err) {
          if (err) {
            console.log(err);
          }
          executeStatement();
        });

        connection.on('debug', function (text) {
          console.log(text);
        });

        connection.on('error', function (err) {
          console.error(err); // --> this gets trigger with error ESOCKET right away
        });
rohit12sh
  • 827
  • 2
  • 11
  • 24
  • Answer here: https://stackoverflow.com/questions/65173552/login-failed-for-user-token-identified-principal-but-works-in-data-studio – rohit12sh Dec 13 '20 at 01:37

1 Answers1

0

You must have missed something. The code is provided to you below. For specific operations, you can refer to Jim's answer.

And I have test it, it's works for me. I think it useful to you. For more details, you can refer to this post.

Connecting to Azure SQL using Service Principal in NodeJS, but token is rejected

var msrestAzure = require("ms-rest-azure");
var { Connection, Request } = require("tedious");

let clientSecret = "xxx";
let serverName = "xxx.database.windows.net";
let databaseName = "xxx";
let clientId = "xxx";
let tenantId = "xxx";

async function getConnect() {
  // way for Azure Service Principal
  let databaseCredentials = await msrestAzure.loginWithServicePrincipalSecret(
    clientId,
    clientSecret,
    tenantId,
    {
      tokenAudience: "https://database.windows.net/",
    },
  );

  // getting access token
  let databaseAccessToken = await new Promise((resolve, reject) => {
    databaseCredentials.getToken((err, results) => {
      if (err) return reject(err);
      resolve(results.accessToken);
    });
  });
  var config = {
    server: serverName,
    authentication: {
      type: "azure-active-directory-access-token",
      options: {
        token: databaseAccessToken,
      },
    },
    options: {
      debug: {
        packet: true,
        data: true,
        payload: true,
        token: false,
        log: true,
      },
      database: databaseName,
      encrypt: true,
    },
  };

  var connection = new Connection(config);
  connection.connect();
  connection.on("connect", function (err) {
    if (err) {
      console.log(err);
    }
    executeStatement(connection);
  });

  connection.on("debug", function (text) {
    console.log(text);
  });
}
function executeStatement(connection) {
  request = new Request("select * from CSVTest", function (err, rowCount) {
    if (err) {
      console.log(err);
    } else {
      console.log(rowCount + " rows");
    }

    connection.close();
  });

  request.on("row", function (columns) {
    columns.forEach(function (column) {
      if (column.value === null) {
        console.log("NULL");
      } else {
        console.log(column.value);
      }
    });
  });

  request.on("done", function (rowCount, more) {
    console.log(rowCount + " rows returned");
  });

  connection.execSql(request);
}

getConnect()
  .then(() => {
    console.log("run successfully");
  })
  .catch((err) => {
    console.log(err);
});
Jason Pan
  • 15,263
  • 1
  • 14
  • 29
  • Do you think I am missing some Azure SQL setting/permission in Azure Portal? – rohit12sh Nov 30 '20 at 03:11
  • @rohit12sh Or else? Have you read Jim's answer carefully? It is really useful. I hope you can follow the steps and tell me the result. – Jason Pan Nov 30 '20 at 05:21
  • @rohit12sh If you need further help, pls let me know. – Jason Pan Nov 30 '20 at 05:22
  • I went through the example. I think my use case is different here. The example you posted is great but it will work if I create/use a Service Principal account. But what I am trying is to give regular AD users to get into my App and then use their accessToken to establish SQL Server connection, assuming the group they belong to has permission assigned. Purpose is to get Row Level Security working for different users. – rohit12sh Dec 01 '20 at 03:03