Add tests + sample = modified implementation

Author: cheenamalhotra

doc/samples/CustomDeviceCodeFlowAzureAuthenticationProvider.cs

@@ -0,0 +1,63 @@
+//<Snippet1>
+using System;
+using System.Threading.Tasks;
+using Microsoft.Identity.Client;
+using Microsoft.Data.SqlClient;
+
+namespace CustomAuthenticationProviderExamples
+{
+    /// <summary>
+    /// Example demonstrating creating custom device code flow authentication provider and attaching it with the driver.
+    /// This is helpful for applications that wish to override Callback of Device Code Result as implemented by SqlClient driver.
+    /// </summary>
+    public class CustomDeviceCodeFlowAzureAuthenticationProvider : SqlAuthenticationProvider
+    {
+        public async override Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters)
+        {
+            string clientId = "my-client-id";
+            string clientName = "My Application Name";
+            string s_defaultScopeSuffix = "/.default";
+
+            string[] scopes = new string[] { parameters.Resource.EndsWith(s_defaultScopeSuffix) ? parameters.Resource : parameters.Resource + s_defaultScopeSuffix };
+
+            IPublicClientApplication app = PublicClientApplicationBuilder.Create(clientId)
+                .WithAuthority(parameters.Authority)
+                .WithClientName(clientName)
+                .WithRedirectUri("https://login.microsoftonline.com/common/oauth2/nativeclient")
+                .Build();
+
+            AuthenticationResult result = await app.AcquireTokenWithDeviceCode(scopes,
+                    deviceCodeResult => CustomDeviceFlowCallback(deviceCodeResult)).ExecuteAsync();
+            return new SqlAuthenticationToken(result.AccessToken, result.ExpiresOn);
+        }
+
+        public override bool IsSupported(SqlAuthenticationMethod authenticationMethod)
+        {
+            if (authenticationMethod.Equals(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow))
+            {
+                return true;
+            }
+            return false;
+        }
+
+        private Task CustomDeviceFlowCallback(DeviceCodeResult result)
+        {
+            Console.WriteLine(result.Message);
+            return Task.FromResult(0);
+        }
+    }
+
+    public class Program
+    {
+        public static void Main()
+        {
+            SqlAuthenticationProvider.SetProvider(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow, new CustomDeviceCodeFlowAzureAuthenticationProvider());
+            using (SqlConnection sqlConnection = new SqlConnection("Server=<myserver>.database.windows.net;Authentication=Active Directory Device Code Flow;Database=<db>;"))
+            {
+                sqlConnection.Open();
+                Console.WriteLine("Connected successfully!");
+            }
+        }
+    }
+}
+//</Snippet1>

src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.cs

@@ -10,8 +10,6 @@
 
 namespace Microsoft.Data.SqlClient
 {
-
-
     /// <summary>
     /// Authentication provider manager.
     /// </summary>

src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs

@@ -22,21 +22,12 @@ internal class ActiveDirectoryAuthenticationProvider : SqlAuthenticationProvider
         private readonly string _type = typeof(ActiveDirectoryAuthenticationProvider).Name;
         private readonly SqlClientLogger _logger = new SqlClientLogger();
 
-        /// <summary>
-        /// Get Token
-        /// </summary>
-        /// <param name="parameters"></param>
-        /// <returns>Authentication token</returns>
-        public override Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters) =>
-            AcquireTokenAsync(parameters, DefaultDeviceFlowCallback);
-
         /// <summary>
         /// Get token.
         /// </summary>
         /// <param name="parameters"></param>
-        /// <param name="deviceCodeResultCallback"></param>
         /// <returns>Authentication token</returns>
-        public override Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters, Func<DeviceCodeResult, Task> deviceCodeResultCallback) => Task.Run(async () =>
+        public override Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters) => Task.Run(async () =>
         {
             AuthenticationResult result;
             string scope = parameters.Resource.EndsWith(s_defaultScopeSuffix) ? parameters.Resource : parameters.Resource + s_defaultScopeSuffix;
@@ -125,12 +116,12 @@ public override Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthentication
                     }
                     catch (MsalUiRequiredException)
                     {
-                        result = await AcquireTokenInteractiveDeviceFlow(app, scopes, parameters.ConnectionId, parameters.UserId, parameters.AuthenticationMethod, deviceCodeResultCallback);
+                        result = await AcquireTokenInteractiveDeviceFlow(app, scopes, parameters.ConnectionId, parameters.UserId, parameters.AuthenticationMethod);
                     }
                 }
                 else
                 {
-                    result = await AcquireTokenInteractiveDeviceFlow(app, scopes, parameters.ConnectionId, parameters.UserId, parameters.AuthenticationMethod, deviceCodeResultCallback);
+                    result = await AcquireTokenInteractiveDeviceFlow(app, scopes, parameters.ConnectionId, parameters.UserId, parameters.AuthenticationMethod);
                 }
             }
             else
@@ -142,7 +133,7 @@ public override Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthentication
         });
 
         private async Task<AuthenticationResult> AcquireTokenInteractiveDeviceFlow(IPublicClientApplication app, string[] scopes, Guid connectionId, string userId,
-            SqlAuthenticationMethod authenticationMethod, Func<DeviceCodeResult, Task> deviceCodeResultCallback)
+            SqlAuthenticationMethod authenticationMethod)
         {
             CancellationTokenSource cts = new CancellationTokenSource();
 #if netcoreapp
@@ -187,7 +178,7 @@ private async Task<AuthenticationResult> AcquireTokenInteractiveDeviceFlow(IPubl
                 else
                 {
                     AuthenticationResult result = await app.AcquireTokenWithDeviceCode(scopes,
-                    deviceCodeResult => deviceCodeResultCallback(deviceCodeResult)).ExecuteAsync();
+                    deviceCodeResult => DeviceFlowCallback(deviceCodeResult)).ExecuteAsync();
                     return result;
                 }
             }
@@ -199,7 +190,7 @@ private async Task<AuthenticationResult> AcquireTokenInteractiveDeviceFlow(IPubl
             }
         }
 
-        private Task DefaultDeviceFlowCallback(DeviceCodeResult result)
+        private Task DeviceFlowCallback(DeviceCodeResult result)
         {
             // This will print the message on the console which tells the user where to go sign-in using 
             // a separate browser and the code to enter once they sign in.

src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlAuthenticationProvider.cs

@@ -35,8 +35,5 @@ public virtual void BeforeUnload(SqlAuthenticationMethod authenticationMethod) {
 
         /// <include file='../../../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationProvider.xml' path='docs/members[@name="SqlAuthenticationProvider"]/AcquireTokenAsync/*'/>
         public abstract Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters);
-
-        /// <include file='../../../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationProvider.xml' path='docs/members[@name="SqlAuthenticationProvider"]/AcquireTokenAsync2/*'/>
-        public abstract Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters, Func<DeviceCodeResult, Task> deviceCodeResultCallback);
     }
 }

src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/ConnectivityTests/AADConnectionTest.cs

@@ -4,6 +4,7 @@
 
 using System;
 using System.Diagnostics;
+using System.Security;
 using Xunit;
 
 namespace Microsoft.Data.SqlClient.ManualTesting.Tests
@@ -307,7 +308,7 @@ public static void NoCredentialsActiveDirectoryServicePrincipal()
             // test Passes with correct connection string.
             string[] removeKeys = { "Authentication", "User ID", "Password", "UID", "PWD" };
             string connStr = DataTestUtility.RemoveKeysInConnStr(DataTestUtility.AADPasswordConnectionString, removeKeys) +
-                $"Authentication=Active Directory Service Principal; User ID={DataTestUtility.AADServicePrincipalId}; Password={DataTestUtility.AADServicePrincipalSecret};";
+                $"Authentication=Active Directory Service Principal; User ID={DataTestUtility.AADServicePrincipalId}; PWD={DataTestUtility.AADServicePrincipalSecret};";
             ConnectAndDisconnect(connStr);
 
             // connection fails with expected error message.
@@ -320,7 +321,41 @@ public static void NoCredentialsActiveDirectoryServicePrincipal()
             Assert.Contains(expectedMessage, e.Message);
         }
 
-        [ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsIntegratedSecuritySetup), nameof(DataTestUtility.AreConnStringsSetup)) ]
+        [ConditionalFact(nameof(IsAADConnStringsSetup))]
+        public static void ActiveDirectoryDeviceCodeFlowWithUserIdMustFail()
+        {
+            // connection fails with expected error message.
+            string[] credKeys = { "Authentication", "User ID", "Password", "UID", "PWD" };
+            string connStrWithUID = DataTestUtility.RemoveKeysInConnStr(DataTestUtility.AADPasswordConnectionString, credKeys) +
+                "Authentication=Active Directory Device Code Flow; UID=someuser;";
+            ArgumentException e = Assert.Throws<ArgumentException>(() => ConnectAndDisconnect(connStrWithUID));
+
+            string expectedMessage = "Cannot use 'Authentication=Active Directory Device Code Flow' with 'User ID', 'UID', 'Password' or 'PWD' connection string keywords.";
+            Assert.Contains(expectedMessage, e.Message);
+        }
+
+        [ConditionalFact(nameof(IsAADConnStringsSetup))]
+        public static void ActiveDirectoryDeviceCodeFlowWithCredentialsMustFail()
+        {
+            // connection fails with expected error message.
+            string[] credKeys = { "Authentication", "User ID", "Password", "UID", "PWD" };
+            string connStrWithNoCred = DataTestUtility.RemoveKeysInConnStr(DataTestUtility.AADPasswordConnectionString, credKeys) +
+                "Authentication=Active Directory Device Code Flow;";
+
+            SecureString str = new SecureString();
+            foreach (char c in "hello")
+            {
+                str.AppendChar(c);
+            }
+            str.MakeReadOnly();
+            SqlCredential credential = new SqlCredential("someuser", str);
+            InvalidOperationException e = Assert.Throws<InvalidOperationException>(() => ConnectAndDisconnect(connStrWithNoCred, credential));
+
+            string expectedMessage = "Cannot set the Credential property if 'Authentication=Active Directory Device Code Flow' has been specified in the connection string.";
+            Assert.Contains(expectedMessage, e.Message);
+        }
+
+        [ConditionalFact(typeof(DataTestUtility), nameof(DataTestUtility.IsIntegratedSecuritySetup), nameof(DataTestUtility.AreConnStringsSetup))]
         public static void ADInteractiveUsingSSPI()
         {
             // test Passes with correct connection string.