MSI support for Azure SQL connection test application

agr · erdembayar · commit 810a9a2966ea · 2023-08-08T15:32:23.000-07:00
diff --git a/tools/AzureSqlConnectionTest/TestApplication.cs b/tools/AzureSqlConnectionTest/TestApplication.cs
@@ -17,7 +17,7 @@ public class TestApplication : CommandLineApplication
         public CommandOption Help { get; }
 
         public CommandOption KeyVaultName { get; }
-
+        public CommandOption KeyVaultManaged { get; }
         public CommandOption KeyVaultTenantId { get; }
 
         public CommandOption KeyVaultClientId { get; }
@@ -43,6 +43,7 @@ public TestApplication()
             Help = HelpOption("-? | -h | --help");
 
             KeyVaultName = Option("-kv | --keyVaultName", "KeyVault name", CommandOptionType.SingleValue);
+            KeyVaultManaged = Option("-kvm | --keyVaultUseMsi", "Use managed identity for KV authentication", CommandOptionType.NoValue);
             KeyVaultTenantId = Option("-kvtid | --keyVaultTenantId", "KeyVault tenant id", CommandOptionType.SingleValue);
             KeyVaultClientId = Option("-kvcid | --keyVaultClientId", "KeyVault client id", CommandOptionType.SingleValue);
             KeyVaultCertificateThumbprint = Option("-kvct | --keyVaultCertThumbprint", "KeyVault certificate thumbprint", CommandOptionType.SingleValue);
@@ -77,16 +78,25 @@ public async Task<int> ExecuteAsync()
                 var useAdalOnly = UseAdalOnly.HasValue();
 
                 if (KeyVaultName.HasValue()
-                    && KeyVaultClientId.HasValue()
-                    && KeyVaultCertificateThumbprint.HasValue())
+                    && ((KeyVaultClientId.HasValue()
+                    && KeyVaultCertificateThumbprint.HasValue()) || KeyVaultManaged.HasValue()))
                 {
-                    using (var kvCertificate = GetKeyVaultCertificate(KeyVaultCertificateThumbprint.Value()))
+                    using (var kvCertificate = KeyVaultManaged.HasValue() ? null : GetKeyVaultCertificate(KeyVaultCertificateThumbprint.Value()))
                     {
-                        var keyVaultConfig = new KeyVaultConfiguration(
-                            KeyVaultName.Value(),
-                            KeyVaultTenantId.Value(),
-                            KeyVaultClientId.Value(),
-                            kvCertificate);
+                        KeyVaultConfiguration keyVaultConfig;
+                        if (KeyVaultManaged.HasValue())
+                        {
+                            keyVaultConfig = new KeyVaultConfiguration(KeyVaultName.Value());
+                        }
+                        else
+                        {
+                            keyVaultConfig = new KeyVaultConfiguration(
+                                KeyVaultName.Value(),
+                                KeyVaultTenantId.Value(),
+                                KeyVaultClientId.Value(),
+                                kvCertificate,
+                                sendX5c: true);
+                        }
 
                         var runner = new TestRunner(
                             ConnectionString.Value(),
