search

microsoft / vscode-mssql

Visual Studio Code SQL Server extension.
Other
1.55k stars 458 forks source link

Add Connection fails when using Microsoft Entra Account in US DoD cloud #17848

Open randomnote1 opened 1 year ago

randomnote1 commented 1 year ago

Steps to Reproduce:

  1. Enter the command > MS SQL: Add Microsoft Entra Account in the command palette and press Enter.
  2. The login dialog opens in the web browser. Notice this defaults to login.microsoftonline.com. There does not appear to be an option to change this behavior.
  3. Select Use another account.
  4. Enter the US DoD username and click Next
  5. The login window now redirects to login.microsoftonline.us. Complete the login process.
  6. When the Your account was added successfully! page is displayed, close the browser window.
  7. In the lower right-hand corner of VS Code a notification appears that the Microsoft Entra account was successfully added.
  8. Enter the command > MS SQL: Add Connection in the command palette and press Enter.
  9. Enter the hostname of the SQL instance you wish to connect to. I have tried both Azure SQL and a dedicated Synapse SQL pool.
  10. Enter the database name. This is optional.
  11. Select Microsoft Entra Id - Universal w/ MFA Support.
  12. Select the previously registered Entra account.
  13. Enter a name for the connection profile.
  14. Connection fails with the following error:
mssql: Failed to connect: Microsoft.Data.SqlClient.SqlException (0x80131904): User account '<redacted>@<redacted>' not found in MSAL cache, please add linked account or refresh account credentials.
 ---> System.Exception: User account '<redacted>@<redacted>' not found in MSAL cache, please add linked account or refresh account credentials.
   at Microsoft.SqlTools.Authentication.Authenticator.GetTokenAsync(AuthenticationParams params, CancellationToken cancellationToken) in /_/src/Microsoft.SqlTools.Authentication/Authenticator.cs:line 129
   at Microsoft.SqlTools.Authentication.Sql.AuthenticationProvider.AcquireTokenAsync(SqlAuthenticationParameters parameters) in /_/src/Microsoft.SqlTools.Authentication/Sql/AuthenticationProvider.cs:line 90
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.<>c__DisplayClass147_1.<<GetFedAuthToken>b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OnFedAuthInfo(SqlFedAuthInfo fedAuthInfo)
   at Microsoft.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
   at Microsoft.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken, DbConnectionPool pool)
   at Microsoft.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
   at Microsoft.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnection owningObject, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)
   at Microsoft.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)
   at Microsoft.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnection owningObject, DbConnectionOptions userOptions, DbConnectionInternal oldConnection)
   at Microsoft.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
   at Microsoft.Data.ProviderBase.DbConnectionPool.WaitForPendingOpen()
--- End of stack trace from previous location ---
   at Microsoft.Data.SqlClient.SqlRetryLogicProvider.ExecuteAsync(Object sender, Func`1 function, CancellationToken cancellationToken)
   at Microsoft.Data.SqlClient.SqlRetryLogicProvider.ExecuteAsync(Object sender, Func`1 function, CancellationToken cancellationToken)
   at Microsoft.SqlTools.ServiceLayer.Connection.ReliableConnection.ReliableSqlConnection.<>c__DisplayClass30_0.<<OpenAsync>b__0>d.MoveNext() in /_/src/Microsoft.SqlTools.ManagedBatchParser/ReliableConnection/ReliableSqlConnection.cs:line 319
--- End of stack trace from previous location ---
   at Microsoft.SqlTools.ServiceLayer.Connection.ConnectionService.TryOpenConnection(ConnectionInfo connectionInfo, ConnectParams connectionParams) in /_/src/Microsoft.SqlTools.ServiceLayer/Connection/ConnectionService.cs:line 705
ClientConnectionId:fb772cc5-31bb-4426-8b56-da756a0b841b
11qqaazzqwerty commented 7 months ago

Is there any solution for this issue?

kburtram commented 2 months ago

I think this is basically a duplicate of https://github.com/microsoft/vscode-mssql/issues/17654 in terms of implementation, but I'll keep both open until we can investigate if there are different requirements for Sovereign and DoD clouds.