SqlAuthenticationProvider Class

  • Reference

Definition

Namespace:
Microsoft.Data.SqlClient
Assembly:
Microsoft.Data.SqlClient.dll
Package:
Microsoft.Data.SqlClient v1.0.19269.1
Package:
Microsoft.Data.SqlClient v1.1.4
Package:
Microsoft.Data.SqlClient v2.0.1
Package:
Microsoft.Data.SqlClient v2.1.4
Package:
Microsoft.Data.SqlClient v3.0.1
Package:
Microsoft.Data.SqlClient v3.1.0
Package:
Microsoft.Data.SqlClient v4.0.1
Package:
Microsoft.Data.SqlClient v4.1.0
Package:
Microsoft.Data.SqlClient v5.0.0
Package:
Microsoft.Data.SqlClient v5.1.0
Package:
Microsoft.Data.SqlClient v5.2.0

Defines the core behavior of authentication providers and provides a base class for derived classes.

public ref class SqlAuthenticationProvider abstract
public abstract class SqlAuthenticationProvider
type SqlAuthenticationProvider = class
Public MustInherit Class SqlAuthenticationProvider
Inheritance
Object
SqlAuthenticationProvider
Derived

Examples

The following example demonstrates implementing a custom SqlAuthenticationProvider and providing the same to SqlClient for overriding Device Code Flow authentication mode:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using Microsoft.Data.SqlClient;
using Microsoft.Identity.Client;

namespace CustomAuthenticationProviderExamples
{
    /// <summary>
    /// Example demonstrating creating a custom device code flow authentication provider and attaching it to the driver.
    /// This is helpful for applications that wish to override the Callback for the Device Code Result implemented by the SqlClient driver.
    /// </summary>
    public class CustomDeviceCodeFlowAzureAuthenticationProvider : SqlAuthenticationProvider
    {
        private const string ClientId = "my-client-id";
        private const string ClientName = "My Application Name";
        private const string DefaultScopeSuffix = "/.default";

        // Maintain a copy of the PublicClientApplication object to cache the underlying access tokens it provides
        private static IPublicClientApplication pcApplication;

        public override async Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters)
        {
            string[] scopes = [ parameters.Resource.EndsWith(DefaultScopeSuffix) ? parameters.Resource : parameters.Resource + DefaultScopeSuffix ];

            IPublicClientApplication app = pcApplication;
            if (app == null)
            {
                pcApplication = app = PublicClientApplicationBuilder.Create(ClientId)
                    .WithAuthority(parameters.Authority)
                    .WithClientName(ClientName)
                    .WithRedirectUri("https://login.microsoftonline.com/common/oauth2/nativeclient")
                    .Build();
            }

            AuthenticationResult result;
            using CancellationTokenSource connectionTimeoutCancellation = new CancellationTokenSource(TimeSpan.FromSeconds(parameters.ConnectionTimeout));

            try
            {
                IEnumerable<IAccount> accounts = await app.GetAccountsAsync();
                result = await app.AcquireTokenSilent(scopes, accounts.FirstOrDefault())
                    .ExecuteAsync(connectionTimeoutCancellation.Token);
            }
            catch (MsalUiRequiredException)
            {
                result = await app.AcquireTokenWithDeviceCode(scopes, deviceCodeResult => CustomDeviceFlowCallback(deviceCodeResult))
                    .ExecuteAsync(connectionTimeoutCancellation.Token);
            }

            return new SqlAuthenticationToken(result.AccessToken, result.ExpiresOn);
        }

        public override bool IsSupported(SqlAuthenticationMethod authenticationMethod)
            => authenticationMethod.Equals(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow);

        private static Task CustomDeviceFlowCallback(DeviceCodeResult result)
        {
            Console.WriteLine(result.Message);
            return Task.CompletedTask;
        }
    }

    public class Program
    {
        public static void Main()
        {
            // Register our custom authentication provider class to override Active Directory Device Code Flow
            SqlAuthenticationProvider.SetProvider(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow, new CustomDeviceCodeFlowAzureAuthenticationProvider());
            using (SqlConnection sqlConnection = new SqlConnection("Server=<myserver>.database.windows.net;Authentication=Active Directory Device Code Flow;Database=<db>;"))
            {
                sqlConnection.Open();
                Console.WriteLine("Connected successfully!");
            }
        }
    }
}

Remarks

Derived classes must provide a parameterless constructor if they can be instantiated from the app.config file.

Constructors

SqlAuthenticationProvider()

Methods

AcquireTokenAsync(SqlAuthenticationParameters)

Acquires a security token from the authority.
BeforeLoad(SqlAuthenticationMethod)

This method is called immediately before the provider is added to SQL drivers registry.
BeforeUnload(SqlAuthenticationMethod)

This method is called immediately before the provider is removed from the SQL drivers registry.
GetProvider(SqlAuthenticationMethod)

Gets an authentication provider by method.
IsSupported(SqlAuthenticationMethod)

Indicates whether the specified authentication method is supported.
SetProvider(SqlAuthenticationMethod, SqlAuthenticationProvider)

Sets an authentication provider by method.

Applies to