Add token provider infrastructure for token federation (Token Federation 1/3) #318
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This PR introduces the foundational token provider system that enables custom token sources for authentication. This is the first of three PRs implementing token federation support. New components: - ITokenProvider: Core interface for token providers - Token: Token class with JWT parsing and expiration handling - StaticTokenProvider: Provides a constant token - ExternalTokenProvider: Delegates to a callback function - TokenProviderAuthenticator: Adapts token providers to IAuthentication New auth types in ConnectionOptions: - 'token-provider': Use a custom ITokenProvider - 'external-token': Use a callback function - 'static-token': Use a static token string
madhav-db
requested review from
deeksha-db,
gopalldb,
jackyhu-db,
jadewang-db,
jayantsing-db,
jprakash-db,
samikshya-db,
shivam2680 and
vikrantpuppala
as code owners
There was a problem hiding this comment.
Pull request overview
This PR introduces the foundational token provider infrastructure to enable custom token sources for authentication. The implementation adds core interfaces and classes that allow tokens to be sourced from static values, external callbacks, or custom providers, adapting them to work with the existing authentication system.
Key changes:
- Introduces
ITokenProviderinterface andTokenclass for token management with JWT parsing and expiration handling - Adds three concrete provider implementations:
StaticTokenProvider,ExternalTokenProvider, andTokenProviderAuthenticator - Extends connection options with three new auth types:
token-provider,external-token, andstatic-token
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| lib/connection/auth/tokenProvider/ITokenProvider.ts | Defines the core interface for token providers |
| lib/connection/auth/tokenProvider/Token.ts | Implements token class with JWT parsing, expiration checking, and header management |
| lib/connection/auth/tokenProvider/StaticTokenProvider.ts | Provides static token implementation with JWT support |
| lib/connection/auth/tokenProvider/ExternalTokenProvider.ts | Delegates token retrieval to external callback functions |
| lib/connection/auth/tokenProvider/TokenProviderAuthenticator.ts | Adapts token providers to the IAuthentication interface |
| lib/connection/auth/tokenProvider/index.ts | Exports public API for token provider components |
| lib/contracts/IDBSQLClient.ts | Adds new auth types and TokenCallback type definition |
| lib/DBSQLClient.ts | Implements token provider auth type handling in client |
| tests/unit/connection/auth/tokenProvider/*.test.ts | Comprehensive test coverage for all token provider components |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
LoggerStub doesn't have a logs property, so removed tests that checked for debug and warning log messages. The important behavior (token provider authentication) is still tested.
…ication - Updated Token.fromJWT() documentation to reflect that it handles decoding failures gracefully instead of throwing errors - Removed duplicate TokenCallback type definition from IDBSQLClient.ts - Now imports TokenCallback from ExternalTokenProvider.ts to maintain a single source of truth
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR introduces the foundational token provider system that enables custom token sources for authentication. This is the first of three PRs implementing token federation support.
New components:
New auth types in ConnectionOptions: