This PR adds support for using Azure Identity's credential classes with Redis Enterprise Entra ID authentication.
The main changes include:
- Add a new factory method createForDefaultAzureCredential to enable using Azure Identity credentials
- Add @azure/identity as a dependency to support the new authentication flow
- Add support for DefaultAzureCredential, EnvironmentCredential, and any other TokenCredential implementation
- Create a new AzureIdentityProvider to support DefaultAzureCredential
- Update documentation and README with usage examples for DefaultAzureCredential
- Add integration tests for the new authentication methods
- Include a sample application demonstrating interactive browser authentication
- Export constants for Redis scopes / credential mappers to simplify authentication configuration
* churn(test): use redislabs/client-libs-test for testing
This switches our testing infrastructure from redis/redis-stack to
redislabs/client-libs-test Docker image across all packages. This change
also updates the default Docker version from 7.4.0-v1 to 8.0-M04-pre.
* churn(test): verify CONFIG SET / GET compatibility with Redis 8
- Add tests for Redis 8 search configuration settings
- Deprecate Redis Search CONFIG commands in favor of standard CONFIG
- Test read-only config restrictions for Redis 8
* churn(test): handle Redis 8 coordinate precision in GEOPOS
- Update GEOPOS tests to handle increased precision in Redis 8 (17 decimal places vs 14)
- Add precision-aware coordinate comparison helper
- Add comprehensive test suite for coordinate comparison function
* test(search): adapt SUGGET tests for Redis 8 empty results
- Update tests to expect empty array ([]) instead of null for SUGGET variants
- Affects sugGet, sugGetWithPayloads, sugGetWithScores, and sugGetWithScoresWithPayloads
* test(search): support Redis 8 INFO indexes_all field
- Add indexes_all field introduced in Redis 8 to index definition test
* refactor!(search): simplify PROFILE commands to return raw response
- BREAKING CHANGE: FT.PROFILE now returns raw response, letting users implement their own parsing
* test: improve version-specific test coverage
- Add `testWithClientIfVersionWithinRange` method to run tests for specific Redis versions
- Refactor TestUtils to handle version comparisons more accurately
- Update test utilities across Redis modules to run tests against multiple versions, and not against latest only
* feat(auth): refactor authentication mechanism to use CredentialsProvider
- Introduce new credential providers: AsyncCredentialsProvider, StreamingCredentialsProvider
- Update client handshake process to use the new CredentialsProviders and to support async credentials fetch / credentials refresh
- Internal conversion of username/password to a CredentialsProvider
- Modify URL parsing to accommodate the new authentication structure
- Tests
* feat(auth): auth extensions
Introduces TokenManager and supporting classes to handle token acquisition, automatic
refresh, and updates via identity providers. This foundation enables consistent
authentication token management across different identity provider implementations.
Key additions:
- Add TokenManager to obtain and maintain auth tokens from identity providers
with automated refresh scheduling based on TTL and configurable thresholds
- Add IdentityProvider interface for token acquisition from auth providers
- Implement Token class for managing token state and TTL tracking
- Include configurable retry mechanism with exponential backoff and jitter
- Add comprehensive test suite covering refresh cycles and error handling
This change establishes the core infrastructure needed for reliable token
lifecycle management across different authentication providers.
* feat(auth): add Entra ID identity provider integration
Introduces Entra ID (former Azure AD) authentication support with multiple authentication flows
and automated token lifecycle management.
Key additions:
- Add EntraIdCredentialsProvider for handling Entra ID authentication flows
- Implement MSALIdentityProvider to integrate with MSAL/EntraID authentication library
- Add support for multiple authentication methods:
- Managed identities (system and user-assigned)
- Client credentials with certificate
- Client credentials with secret
- Authorization Code flow with PKCE
- Add factory class with builder methods for each authentication flow
- Include sample Express server implementation for Authorization Code flow
- Add comprehensive configuration options for authority and token management
* feat(test-utils): improve cluster testing
- Add support for configuring replica authentication with 'masterauth'
- Allow default client configuration during test cluster creation
This improves the testing framework's flexibility by automatically
configuring replica authentication when '--requirepass' is used and
enabling custom client configurations across cluster nodes.
* feat(auth): add EntraId integration tests
- Add integration tests for token renewal and re-authentication flows
- Update credentials provider to use uniqueId as username instead of account username
- Add test utilities for loading Redis endpoint configurations
- Split TypeScript configs into separate files for samples and integration tests
- Remove `@redis/authx` package and nest it under `@`
