SqlAuthenticationProvider 類別
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
定義認證提供者的核心行為,並提供衍生類別的基底類別。
public ref class SqlAuthenticationProvider abstractpublic abstract class SqlAuthenticationProvidertype SqlAuthenticationProvider = classPublic MustInherit Class SqlAuthenticationProvider- 繼承
-
SqlAuthenticationProvider
- 衍生
範例
以下範例示範如何實作自訂的 SqlAuthenticationProvider,並將該服務提供給 SqlClient 以覆蓋裝置程式碼流程認證模式:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.Data.SqlClient;
using Microsoft.Identity.Client;
namespace CustomAuthenticationProviderExamples
{
/// <summary>
/// Example demonstrating creating a custom device code flow authentication provider and attaching it to the driver.
/// This is helpful for applications that wish to override the Callback for the Device Code Result implemented by the SqlClient driver.
/// </summary>
public class CustomDeviceCodeFlowAzureAuthenticationProvider : SqlAuthenticationProvider
{
private const string ClientId = "my-client-id";
private const string ClientName = "My Application Name";
private const string DefaultScopeSuffix = "/.default";
// Maintain a copy of the PublicClientApplication object to cache the underlying access tokens it provides
private static IPublicClientApplication pcApplication;
public override async Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthenticationParameters parameters)
{
string[] scopes = [ parameters.Resource.EndsWith(DefaultScopeSuffix) ? parameters.Resource : parameters.Resource + DefaultScopeSuffix ];
IPublicClientApplication app = pcApplication;
if (app == null)
{
pcApplication = app = PublicClientApplicationBuilder.Create(ClientId)
.WithAuthority(parameters.Authority)
.WithClientName(ClientName)
.WithRedirectUri("https://login.microsoftonline.com/common/oauth2/nativeclient")
.Build();
}
AuthenticationResult result;
using CancellationTokenSource connectionTimeoutCancellation = new CancellationTokenSource(TimeSpan.FromSeconds(parameters.ConnectionTimeout));
try
{
IEnumerable<IAccount> accounts = await app.GetAccountsAsync();
result = await app.AcquireTokenSilent(scopes, accounts.FirstOrDefault())
.ExecuteAsync(connectionTimeoutCancellation.Token);
}
catch (MsalUiRequiredException)
{
result = await app.AcquireTokenWithDeviceCode(scopes, deviceCodeResult => CustomDeviceFlowCallback(deviceCodeResult))
.ExecuteAsync(connectionTimeoutCancellation.Token);
}
return new SqlAuthenticationToken(result.AccessToken, result.ExpiresOn);
}
public override bool IsSupported(SqlAuthenticationMethod authenticationMethod) =>
authenticationMethod.Equals(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow);
private Task CustomDeviceFlowCallback(DeviceCodeResult result)
{
Console.WriteLine(result.Message);
return Task.CompletedTask;
}
}
public class Program
{
public static void Main()
{
// Register our custom authentication provider class to override Active Directory Device Code Flow
SqlAuthenticationProvider.SetProvider(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow, new CustomDeviceCodeFlowAzureAuthenticationProvider());
using (SqlConnection sqlConnection = new SqlConnection("Server=<myserver>.database.windows.net;Authentication=Active Directory Device Code Flow;Database=<db>;"))
{
sqlConnection.Open();
Console.WriteLine("Connected successfully!");
}
}
}
}
備註
若衍生類別能從 app.config 檔案實例化,必須提供無參數建構子。
建構函式
| 名稱 | Description |
|---|---|
| SqlAuthenticationProvider() |
定義認證提供者的核心行為,並提供衍生類別的基底類別。 |
方法
| 名稱 | Description |
|---|---|
| AcquireTokenAsync(SqlAuthenticationParameters) |
從當局取得存取權杖。 |
| BeforeLoad(SqlAuthenticationMethod) |
此方法會在提供者加入 SQL 認證提供者登錄檔前立即呼叫。 |
| BeforeUnload(SqlAuthenticationMethod) |
此方法會在提供者從 SQL 認證提供者登錄檔移除前立即呼叫。 |
| GetProvider(SqlAuthenticationMethod) |
透過方法取得認證提供者。 |
| IsSupported(SqlAuthenticationMethod) |
顯示是否支援指定的認證方法。 |
| SetProvider(SqlAuthenticationMethod, SqlAuthenticationProvider) |
依方法設定認證提供者。 |