- Fixed auth provider error handling to mimic the old code.

Author: paulmedynski

src/Microsoft.Data.SqlClient.Extensions/Azure/src/ActiveDirectoryAuthenticationProvider.cs

@@ -41,10 +41,6 @@ public sealed class ActiveDirectoryAuthenticationProvider : SqlAuthenticationPro
     // https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/retry-after#simple-retry-for-errors-with-http-error-codes-500-600
     private const int MsalRetryStatusCode = 429;
 
-    // For unknown MSAL error codes, we will suggest that the action be retried
-    // after this period, in milliseconds.
-    private const int UnknownErrorRetryPeriod = 100;
-
     /// <include file='../doc/ActiveDirectoryAuthenticationProvider.xml' path='docs/members[@name="ActiveDirectoryAuthenticationProvider"]/ctor/*'/>
     public ActiveDirectoryAuthenticationProvider()
         : this(DefaultDeviceFlowCallback)
@@ -390,14 +386,15 @@ previousPw is byte[] previousPwBytes &&
             }
 
             // Check for an unknown error, which we will treat as implicitly
-            // retryable on a doubling-backoff period.
+            // retryable, but without a suggested period.
             if (ex.ErrorCode == MsalError.UnknownError)
             {
                 throw new Extensions.Azure.AuthenticationException(
                     parameters.AuthenticationMethod,
                     ex.ErrorCode,
                     true,
-                    UnknownErrorRetryPeriod,
+                    // Don't suggest a retry period.
+                    0,
                     ex.Message,
                     ex);
             }

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs

@@ -2489,8 +2489,6 @@ internal bool TryGetFedAuthTokenLocked(SqlFedAuthInfo fedAuthInfo, DbConnectionP
         /// <returns>SqlFedAuthToken</returns>
         internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
         {
-            Debug.Assert(fedAuthInfo != null, "fedAuthInfo should not be null.");
-
             // Number of milliseconds to sleep for the initial back off, if a
             // retry period is not specified by the provider.
             const int defaultRetryPeriod = 100;
@@ -2509,7 +2507,7 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
 
             // We will perform retries if the provider indicates an error that
             // is retryable.
-            for (int retryAttempt = 0; retryAttempt < maxRetryAttempts; ++retryAttempt)
+            for (int retryAttempt = 0; retryAttempt <= maxRetryAttempts; ++retryAttempt)
             {
                 try
                 {
@@ -2566,9 +2564,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;
                             }
                             break;
-#pragma warning disable 0618 // Type or member is obsolete
+                        #pragma warning disable 0618 // Type or member is obsolete
                         case SqlAuthenticationMethod.ActiveDirectoryPassword:
-#pragma warning restore 0618 // Type or member is obsolete
+                        #pragma warning restore 0618 // Type or member is obsolete
                         case SqlAuthenticationMethod.ActiveDirectoryServicePrincipal:
                             if (_activeDirectoryAuthTimeoutRetryHelper.State == ActiveDirectoryAuthenticationTimeoutRetryState.Retrying)
                             {
@@ -2633,17 +2631,15 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                 }
                 catch (SqlAuthenticationProviderException ex)
                 {
-                    // We use a doubling backoff if the provider didn't provide
-                    // a retry period.
-                    int retryPeriod = defaultRetryPeriod * (2 ^ retryAttempt);
-
-                    // Should we retry, and were we given a useful retry period?
-                    if (ex.ShouldRetry && ex.RetryPeriod > 0)
+                    // Is the error fatal or retryable?
+                    if (!ex.ShouldRetry)
                     {
-                        // Yes, so use it.
-                        retryPeriod = ex.RetryPeriod;
+                        // It's fatal, so translate into a SqlException.
+                        throw ADP.CreateSqlException(ex, ConnectionOptions, this, username);
                     }
 
+                    // We should retry.
+
                     // Could we retry if we wanted to?
                     if (_timeout.IsExpired || _timeout.MillisecondsRemaining <= 0)
                     {
@@ -2652,26 +2648,37 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                         throw SQL.ActiveDirectoryTokenRetrievingTimeout(Enum.GetName(typeof(SqlAuthenticationMethod), ConnectionOptions.Authentication), ex.FailureCode, ex);
                     }
 
-                    // We will retry, so log.
+                    // We use a doubling backoff if the provider didn't provide
+                    // a retry period.
+                    int retryPeriod =
+                      ex.RetryPeriod > 0
+                      ? ex.RetryPeriod
+                      : defaultRetryPeriod * (2 ^ retryAttempt);
+
                     SqlClientEventSource.Log.TryAdvancedTraceEvent("<sc.SqlInternalConnectionTds.GetFedAuthToken|ADV> {0}, Retry Attempt: {1}, sleeping {2}[Milliseconds]", ObjectID, retryAttempt, retryPeriod);
                     SqlClientEventSource.Log.TryAdvancedTraceEvent("<sc.SqlInternalConnectionTds.GetFedAuthToken|ADV> {0}, Retry Attempt: {1}, remaining {2}[Milliseconds]", ObjectID, retryAttempt, _timeout.MillisecondsRemaining);
 
                     // Sleep for the desired period.
                     Thread.Sleep(retryPeriod);
+
+                    // Fall through to retry...
                 }
             }
 
-            // if (_fedAuthToken is null)
-            // {
-            //     // TODO: This is a logic error - eliminate it.
-            //     throw SqlException.CreateException(
-            //         new SqlErrorCollection().Add(
-            //             new SqlError(
-            //                 0, (byte)0, (byte)0, "unknown",
-            //                 "Logic error; fedAuthToken is null",
-            //                 null, 0)),
-            //             "unknown", this, null, null);
-            // }
+            // Nullable context has exposed that _fedAuthToken may be null here,
+            // which the existing code didn't handle.
+            if (_fedAuthToken is null)
+            {
+                // We failed to acquire a token, so use a default one.
+                //
+                // TODO: The old code actually allowed the AccessToken byte
+                // array to be null, and then had Debug.Assert()s to verify it
+                // wasn't null.  We never test in debug, so those were never
+                // firing, and we were happily using a _fedAuthToken with a null
+                // AccessToken.  Now that SqlFedAuthToken doesn't allow a null
+                // AccessToken, we just create an empty one instead.
+                _fedAuthToken = new SqlFedAuthToken([], 0);
+            }
 
             // Store the newly generated token in _newDbConnectionPoolAuthenticationContext, only if using pooling.
             if (_dbConnectionPool != null)

src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs

@@ -2678,17 +2678,15 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                 }
                 catch (SqlAuthenticationProviderException ex)
                 {
-                    // We use a doubling backoff if the provider didn't provide
-                    // a retry period.
-                    int retryPeriod = defaultRetryPeriod * (2 ^ retryAttempt);
-
-                    // Should we retry, and were we given a useful retry period?
-                    if (ex.ShouldRetry && ex.RetryPeriod > 0)
+                    // Is the error fatal or retryable?
+                    if (!ex.ShouldRetry)
                     {
-                        // Yes, so use it.
-                        retryPeriod = ex.RetryPeriod;
+                        // It's fatal, so translate into a SqlException.
+                        throw ADP.CreateSqlException(ex, ConnectionOptions, this, username);
                     }
 
+                    // We should retry.
+
                     // Could we retry if we wanted to?
                     if (_timeout.IsExpired || _timeout.MillisecondsRemaining <= 0)
                     {
@@ -2697,26 +2695,37 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                         throw SQL.ActiveDirectoryTokenRetrievingTimeout(Enum.GetName(typeof(SqlAuthenticationMethod), ConnectionOptions.Authentication), ex.FailureCode, ex);
                     }
 
-                    // We will retry, so log.
+                    // We use a doubling backoff if the provider didn't provide
+                    // a retry period.
+                    int retryPeriod =
+                      ex.RetryPeriod > 0
+                      ? ex.RetryPeriod
+                      : defaultRetryPeriod * (2 ^ retryAttempt);
+
                     SqlClientEventSource.Log.TryAdvancedTraceEvent("<sc.SqlInternalConnectionTds.GetFedAuthToken|ADV> {0}, Retry Attempt: {1}, sleeping {2}[Milliseconds]", ObjectID, retryAttempt, retryPeriod);
                     SqlClientEventSource.Log.TryAdvancedTraceEvent("<sc.SqlInternalConnectionTds.GetFedAuthToken|ADV> {0}, Retry Attempt: {1}, remaining {2}[Milliseconds]", ObjectID, retryAttempt, _timeout.MillisecondsRemaining);
 
                     // Sleep for the desired period.
                     Thread.Sleep(retryPeriod);
+
+                    // Fall through to retry...
                 }
             }
 
-            // if (_fedAuthToken is null)
-            // {
-            //     // TODO: This is a logic error - eliminate it.
-            //     throw SqlException.CreateException(
-            //         new SqlErrorCollection().Add(
-            //             new SqlError(
-            //                 0, (byte)0, (byte)0, "unknown",
-            //                 "Logic error; fedAuthToken is null",
-            //                 null, 0)),
-            //             "unknown", this, null, null);
-            // }
+            // Nullable context has exposed that _fedAuthToken may be null here,
+            // which the existing code didn't handle.
+            if (_fedAuthToken is null)
+            {
+                // We failed to acquire a token, so use a default one.
+                //
+                // TODO: The old code actually allowed the AccessToken byte
+                // array to be null, and then had Debug.Assert()s to verify it
+                // wasn't null.  We never test in debug, so those were never
+                // firing, and we were happily using a _fedAuthToken with a null
+                // AccessToken.  Now that SqlFedAuthToken doesn't allow a null
+                // AccessToken, we just create an empty one instead.
+                _fedAuthToken = new SqlFedAuthToken([], 0);
+            }
 
             // Store the newly generated token in _newDbConnectionPoolAuthenticationContext, only if using pooling.
             if (_dbConnectionPool != null)