Additional AAD authentication options#560
Merged
cheenamalhotra merged 22 commits intodotnet:masterfrom Jun 9, 2020
Merged
Conversation
David-Engel
commented
May 12, 2020
David-Engel
requested review from
DavoudEshtehari,
JRahnama,
cheenamalhotra,
johnnypham and
karinazhou
johnnypham
reviewed
May 15, 2020
JRahnama
reviewed
May 15, 2020
- Doc edit - Additional validation around using SqlCredential with AAD Interactive - Fix test issue - Put ServicePrincipal in new workflow enum
Diffing netfx/netcore code to find the solution identified several other fixed bits: - NetFx changed connect retry from 1 to 2 if it detects Azure - Added missing trace calls - Change password should throw is using AAD Integrated - useSSPI should also be set for AAD Integrated - Correctly use the response for FEDAUTHREQUIRED PreLogin - TdsLogin length was being incorrectly increased at one point
It was for when ADAL was used instead of MSAL.
karinazhou
reviewed
Jun 9, 2020
cheenamalhotra
approved these changes
Jun 9, 2020
Member
cheenamalhotra
left a comment
cheenamalhotra
left a comment
There was a problem hiding this comment.
Last bits of changes..
Remove duplicate trace call Improve trace message
karinazhou
approved these changes
Jun 9, 2020
JRahnama
approved these changes
Jun 9, 2020
karinazhou
pushed a commit
to karinazhou/SqlClient
that referenced
this pull request
Jun 10, 2020
# Resolved Conflicts: # src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adding Active Directory Integrated and Interactive authentication to .NET Core to bring parity with the .NET Framework code.
Adding Active Directory Service Principal authentication. Service principal authentication involves setting up an App registration with a secret, granting permissions to the App in the SQL DB instance, then connecting like:
Server=tcp:<dbname>.database.windows.net,1433;Authentication=Active Directory Service Principal;User Id=<AppId>;Password=<Secret>;Most of the file changes are just plumbing the additional, valid Authentication types. The core changes are all in ActiveDirectoryAuthenticationProvider.cs, which has been moved to common code (between netcore and netfx).