Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional AAD authentication options #560

Merged
merged 22 commits into from Jun 9, 2020
Merged

Additional AAD authentication options #560

merged 22 commits into from Jun 9, 2020

Conversation

David-Engel
Copy link
Contributor

@David-Engel David-Engel commented May 12, 2020
edited

Adding Active Directory Integrated and Interactive authentication to .NET Core to bring parity with the .NET Framework code.

Adding Active Directory Service Principal authentication. Service principal authentication involves setting up an App registration with a secret, granting permissions to the App in the SQL DB instance, then connecting like: Server=tcp:<dbname>.database.windows.net,1433;Authentication=Active Directory Service Principal;User Id=<AppId>;Password=<Secret>;

Most of the file changes are just plumbing the additional, valid Authentication types. The core changes are all in ActiveDirectoryAuthenticationProvider.cs, which has been moved to common code (between netcore and netfx).

David-Engel
David-Engel commented May 12, 2020
View reviewed changes
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnection.cs Show resolved Hide resolved
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs Outdated Show resolved Hide resolved
src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs Show resolved Hide resolved
src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs Outdated Show resolved Hide resolved
src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs Show resolved Hide resolved
...crosoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs Show resolved Hide resolved
...crosoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs Show resolved Hide resolved
...crosoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs Show resolved Hide resolved
@David-Engel David-Engel marked this pull request as ready for review May 13, 2020 17:21
@cheenamalhotra cheenamalhotra added this to In progress in SqlClient v2.0.0 via automation Jun 6, 2020
@cheenamalhotra cheenamalhotra added this to the 2.0.0 milestone Jun 6, 2020
@David-Engel
Expected test changes related to MSAL upgrade
4ff43e5
@David-Engel
Address review comments:
74028fd 
- Doc edit
- Additional validation around using SqlCredential with AAD Interactive
- Fix test issue
- Put ServicePrincipal in new workflow enum
@David-Engel
Fixing timeout when using AAD Interactive
0b51e19 
Diffing netfx/netcore code to find the solution identified several other fixed bits:
- NetFx changed connect retry from 1 to 2 if it detects Azure
- Added missing trace calls
- Change password should throw is using AAD Integrated
- useSSPI should also be set for AAD Integrated
- Correctly use the response for FEDAUTHREQUIRED PreLogin
- TdsLogin length was being incorrectly increased at one point
@David-Engel
Revert useSSPI logic for both netfx and netcore
baa3b5a 
It was for when ADAL was used instead of MSAL.
@David-Engel
Change SP to 0x01 workflow
0b561ab
cheenamalhotra
cheenamalhotra approved these changes Jun 9, 2020
View reviewed changes
Copy link
Member

@cheenamalhotra cheenamalhotra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Last bits of changes..

doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml Outdated Show resolved Hide resolved
SqlClient v2.0.0 automation moved this from In progress to Reviewer approved Jun 9, 2020
@David-Engel
Address feedback
8c8410b
@David-Engel
Adding comments
4f30695 
Remove duplicate trace call
Improve trace message
@cheenamalhotra cheenamalhotra merged commit 2b40206 into dotnet:master Jun 9, 2020
SqlClient v2.0.0 automation moved this from Reviewer approved to Done Jun 9, 2020
@David-Engel David-Engel deleted the AAD branch June 10, 2020 00:01
karinazhou pushed a commit to karinazhou/SqlClient that referenced this pull request Jun 10, 2020
@karinazhou
Additional AAD authentication options (dotnet#560)
9d27529 
# Resolved Conflicts:
#	src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johnnypham johnnypham johnnypham left review comments

@cheenamalhotra cheenamalhotra cheenamalhotra approved these changes

@karinazhou karinazhou karinazhou approved these changes

@JRahnama JRahnama JRahnama approved these changes

@DavoudEshtehari DavoudEshtehari Awaiting requested review from DavoudEshtehari

Assignees
No one assigned
Labels
None yet
Projects
No open projects
SqlClient v2.0.0
  
Done
Milestone
2.0.0
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@David-Engel @cheenamalhotra @johnnypham @karinazhou @JRahnama