Azure managed identity token expires in pool connection. #3816
Description
Azure mysql instances allow database authentication via managed identity.
This works but there is a problem that the generated token will expires and the pool will no longer have access to the database.
Is there a way to refresh the credentials in an existing pool? Like having the password config option be either a string or a function and if its a fn it will run the fn when it tries to get and use the password (thus generating a new token).
I noticed the authPlugin option, which may be somewhat on the right track but i havent seen any examples outside of "mysql_native_password" which doesn't really help my case.
example code from azure docs
const {DefaultAzureCredential} = require("@azure/identity");
const mysql = require('mysql2');
async main(){
const credential = new DefaultAzureCredential();
const config = {
host: process.env.AZURE_MYSQL_HOST,
user: process.env.AZURE_MYSQL_USER,
database: process.env.AZURE_MYSQL_DATABASE,
port: process.env.AZURE_MYSQL_PORT,
ssl: process.env.AZURE_MYSQL_SSL
}
var accessToken = await credential.getToken('https://ossrdbms-aad.database.windows.net/.default');
const pool = mysql.createPool({
...config,
password: accessToken.token,
});
let connection = await pool.getConnection();
await connection.commit();
await connection.release();
}
main();