-
Notifications
You must be signed in to change notification settings - Fork 47
Expand file tree
/
Copy pathsqlserver.ts
More file actions
294 lines (272 loc) · 10.6 KB
/
sqlserver.ts
File metadata and controls
294 lines (272 loc) · 10.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
/**
* SQL Server driver using the `mssql` (tedious) package.
*/
import type { ConnectionConfig, Connector, ConnectorResult, ExecuteOptions, SchemaColumn } from "./types"
export async function connect(config: ConnectionConfig): Promise<Connector> {
let mssql: any
let MssqlConnectionPool: any
try {
// @ts-expect-error — mssql has no type declarations; installed as optional peerDependency
const mod = await import("mssql")
mssql = mod.default || mod
// ConnectionPool is a named export, not on .default
MssqlConnectionPool = mod.ConnectionPool ?? mssql.ConnectionPool
} catch {
throw new Error(
"SQL Server driver not installed. Run: npm install mssql",
)
}
let pool: any
return {
async connect() {
const mssqlConfig: Record<string, unknown> = {
server: config.host ?? "127.0.0.1",
port: config.port ?? 1433,
database: config.database,
options: {
encrypt: config.encrypt ?? false,
trustServerCertificate: config.trust_server_certificate ?? true,
connectTimeout: 10000,
requestTimeout: 30000,
},
pool: {
max: 5,
min: 0,
idleTimeoutMillis: 30000,
},
}
// Normalize shorthand auth values to tedious-compatible types
const AUTH_SHORTHANDS: Record<string, string> = {
cli: "azure-active-directory-default",
default: "azure-active-directory-default",
password: "azure-active-directory-password",
"service-principal": "azure-active-directory-service-principal-secret",
serviceprincipal: "azure-active-directory-service-principal-secret",
"managed-identity": "azure-active-directory-msi-vm",
msi: "azure-active-directory-msi-vm",
}
const rawAuth = config.authentication as string | undefined
const authType = rawAuth ? (AUTH_SHORTHANDS[rawAuth.toLowerCase()] ?? rawAuth) : undefined
if (authType?.startsWith("azure-active-directory")) {
;(mssqlConfig.options as any).encrypt = true
// Resolve a raw Azure AD access token.
// Used by both `azure-active-directory-default` and by
// `azure-active-directory-access-token` when no token was provided.
//
// We acquire the token ourselves rather than letting tedious do it because:
// 1. Bun can resolve @azure/identity to the browser bundle (inside
// tedious or even our own import), where DefaultAzureCredential
// is a non-functional stub that throws.
// 2. Passing a credential object via type:"token-credential" hits a
// CJS/ESM isTokenCredential boundary mismatch in Bun.
//
// Strategy: try @azure/identity first (works when module resolution
// is correct), fall back to shelling out to `az account get-access-token`
// (works everywhere Azure CLI is installed).
const acquireAzureToken = async (): Promise<string> => {
let token: string | undefined
try {
const azureIdentity = await import("@azure/identity")
const credential = new azureIdentity.DefaultAzureCredential(
config.azure_client_id
? { managedIdentityClientId: config.azure_client_id as string }
: undefined,
)
const tokenResponse = await credential.getToken("https://database.windows.net/.default")
token = tokenResponse?.token
} catch {
// @azure/identity unavailable or browser bundle — fall through
}
if (!token) {
try {
const { execSync } = await import("node:child_process")
const out = execSync(
"az account get-access-token --resource https://database.windows.net/ --query accessToken -o tsv",
{ encoding: "utf-8", timeout: 15000, stdio: ["pipe", "pipe", "pipe"] },
).trim()
if (out) token = out
} catch {
// az CLI not installed or not logged in
}
}
if (!token) {
throw new Error(
"Azure AD token acquisition failed. Either install @azure/identity (npm install @azure/identity) " +
"or log in with Azure CLI (az login).",
)
}
return token
}
if (authType === "azure-active-directory-default") {
mssqlConfig.authentication = {
type: "azure-active-directory-access-token",
options: { token: await acquireAzureToken() },
}
} else if (authType === "azure-active-directory-password") {
mssqlConfig.authentication = {
type: "azure-active-directory-password",
options: {
userName: config.user,
password: config.password,
clientId: config.azure_client_id,
tenantId: config.azure_tenant_id,
},
}
} else if (authType === "azure-active-directory-access-token") {
// If the caller supplied a token, use it; otherwise acquire one
// automatically (DefaultAzureCredential → az CLI).
const suppliedToken = (config.token ?? config.access_token) as string | undefined
mssqlConfig.authentication = {
type: "azure-active-directory-access-token",
options: { token: suppliedToken ?? (await acquireAzureToken()) },
}
} else if (
authType === "azure-active-directory-msi-vm" ||
authType === "azure-active-directory-msi-app-service"
) {
mssqlConfig.authentication = {
type: authType,
options: {
...(config.azure_client_id ? { clientId: config.azure_client_id } : {}),
},
}
} else if (authType === "azure-active-directory-service-principal-secret") {
mssqlConfig.authentication = {
type: "azure-active-directory-service-principal-secret",
options: {
clientId: config.azure_client_id,
clientSecret: config.azure_client_secret,
tenantId: config.azure_tenant_id,
},
}
}
} else {
// Standard SQL Server user/password
mssqlConfig.user = config.user
mssqlConfig.password = config.password
}
// Use an explicit ConnectionPool (not the global mssql.connect()) so
// multiple simultaneous connections to different servers are isolated.
if (MssqlConnectionPool) {
pool = new MssqlConnectionPool(mssqlConfig)
await pool.connect()
} else {
pool = await mssql.connect(mssqlConfig)
}
},
async execute(sql: string, limit?: number, _binds?: any[], options?: ExecuteOptions): Promise<ConnectorResult> {
const effectiveLimit = options?.noLimit ? 0 : (limit ?? 1000)
let query = sql
const isSelectLike = /^\s*SELECT\b/i.test(sql)
// SQL Server uses TOP, not LIMIT
if (
isSelectLike &&
effectiveLimit &&
!/\bTOP\b/i.test(sql) &&
!/\bLIMIT\b/i.test(sql)
) {
// Insert TOP after SELECT
query = sql.replace(
/^(\s*SELECT\s)/i,
`$1TOP ${effectiveLimit + 1} `,
)
}
const result = await pool.request().query(query)
const recordset = result.recordset ?? []
const truncated = effectiveLimit > 0 && recordset.length > effectiveLimit
const limitedRecordset = truncated ? recordset.slice(0, effectiveLimit) : recordset
// mssql merges unnamed columns (e.g. SELECT COUNT(*), SUM(...)) into a
// single array under the empty-string key: row[""] = [val1, val2, ...].
// Flatten only the empty-string key to restore positional column values;
// legitimate array values from other keys are preserved as-is.
const flattenRow = (row: any): any[] => {
const vals: any[] = []
for (const [k, v] of Object.entries(row)) {
if (k === "" && Array.isArray(v)) vals.push(...v)
else vals.push(v)
}
return vals
}
const rows = limitedRecordset.map(flattenRow)
const sampleFlat = rows.length > 0 ? rows[0] : []
const namedKeys = recordset.length > 0 ? Object.keys(recordset[0]) : []
const columns =
namedKeys.length === sampleFlat.length
? namedKeys
: sampleFlat.length > 0
? sampleFlat.map((_: any, i: number) => `col_${i}`)
: (result.recordset?.columns
? Object.keys(result.recordset.columns)
: [])
return {
columns,
rows,
row_count: rows.length,
truncated,
}
},
async listSchemas(): Promise<string[]> {
const result = await pool
.request()
.query(
"SELECT name FROM sys.schemas WHERE name NOT IN ('guest','INFORMATION_SCHEMA','sys') ORDER BY name",
)
return result.recordset.map((r: any) => r.name as string)
},
async listTables(
schema: string,
): Promise<Array<{ name: string; type: string }>> {
const result = await pool
.request()
.input("schema", schema)
.query(
`SELECT t.name, t.type
FROM sys.tables t
INNER JOIN sys.schemas s ON t.schema_id = s.schema_id
WHERE s.name = @schema
UNION ALL
SELECT v.name, 'V' as type
FROM sys.views v
INNER JOIN sys.schemas s ON v.schema_id = s.schema_id
WHERE s.name = @schema
ORDER BY name`,
)
return result.recordset.map((r: any) => ({
name: r.name as string,
type: r.type?.trim() === "V" ? "view" : "table",
}))
},
async describeTable(
schema: string,
table: string,
): Promise<SchemaColumn[]> {
const result = await pool
.request()
.input("schema", schema)
.input("table", table)
.query(
`SELECT c.name AS column_name,
tp.name AS data_type,
c.is_nullable
FROM sys.columns c
INNER JOIN sys.types tp ON c.user_type_id = tp.user_type_id
INNER JOIN sys.objects o ON c.object_id = o.object_id
INNER JOIN sys.schemas s ON o.schema_id = s.schema_id
WHERE s.name = @schema AND o.name = @table
AND o.type IN ('U', 'V')
ORDER BY c.column_id`,
)
return result.recordset.map((r: any) => ({
name: r.column_name as string,
data_type: r.data_type as string,
nullable: r.is_nullable === 1,
}))
},
async close() {
if (pool) {
await pool.close()
pool = null
}
},
}
}