-
-
Save sharadraju/0685f8dbccf25c84f0fc3a494b0538c5 to your computer and use it in GitHub Desktop.
Sample IAM Authentication for Oracle Autonomous Database using node-oracledb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const fs = require('fs'); | |
const oracledb = require('oracledb'); | |
const { execSync } = require('child_process'); | |
let accessTokenObj; | |
// Execute the OCI-CLI command to generate a token. | |
// Requires Python to be installed to run OCI-CLI | |
// This should create two files "token" and "oci_db_key.pem". | |
// On Linux the default file location is "~/.oci/db-token". | |
try { | |
const cmdResult = execSync('oci iam db-token get', { encoding: 'utf-8' }); | |
console.log(cmdResult); | |
} catch (err) { | |
console.log(err); | |
} | |
// User defined function for reading token and private key values generated by | |
// the OCI-CLI. | |
function getToken() { | |
// Set the IAM Token and private key path here | |
const tokenPath = '/home/user_name/.oci/db-token/token'; | |
const privateKeyPath = '/home/user_name/.oci/db-token/oci_db_key.pem'; | |
let token = ''; | |
let privateKey = ''; | |
try { | |
// Read token file | |
token = fs.readFileSync(tokenPath, 'utf8'); | |
// Read private key file | |
const privateKeyFileContents = fs.readFileSync(privateKeyPath, 'utf-8'); | |
privateKeyFileContents.split(/\r?\n/).forEach(line => { | |
if (line != '-----BEGIN PRIVATE KEY-----' && | |
line != '-----END PRIVATE KEY-----') | |
privateKey = privateKey.concat(line); | |
}); | |
} catch (err) { | |
console.error(err); | |
} | |
const tokenBasedAuthData = { | |
token: token, | |
privateKey: privateKey | |
}; | |
return tokenBasedAuthData; | |
} | |
function callback(refresh) { | |
if (!refresh) { | |
// read from cache or generate new tokens | |
return accessTokenObj; | |
} | |
// refresh=true indicates that token is checked for expiry by driver | |
// token is expired | |
accessTokenObj = getToken(); | |
return accessTokenObj; | |
} | |
async function run() { | |
let connection; | |
// Get token and private key. | |
accessTokenObj = getToken(); | |
// Configuration for token based authentication: | |
// accessToken: The token values | |
// externalAuth: Must be set to true for token based authentication. | |
// connectString: set to the Oracle Net alias or connect descriptor of | |
// your Oracle Autonomous Database. | |
// walletPassword: set to the Wallet password of your Oracle Autonomous | |
// Database. This is required if you are using mTLS to | |
// connect to the Autonomous Database and not using an | |
// auto-login wallet. | |
const config = { | |
accessToken: callback, | |
externalAuth: true, | |
connectString: "db_connectstring", | |
walletPassword: "walletPassword" | |
}; | |
try { | |
connection = await oracledb.getConnection(config); | |
const sql = `SELECT TO_CHAR(current_date, 'DD-Mon-YYYY HH24:MI') AS D | |
FROM DUAL`; | |
const result = await connection.execute(sql); | |
console.log("Current date and time is:\n", result.rows[0][0]); | |
} catch (err) { | |
console.error(err); | |
} finally { | |
try { | |
if (connection) | |
await connection.close(); | |
} catch (err) { | |
console.error(err.message); | |
} | |
} | |
} | |
run(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment