Backport PR 1213: Fix Async thread blocking on SqlConnection open for AAD modes

cheenamalhotra · cheenamalhotra · commit 7f7b547bd0b1 · 2021-09-21T13:53:33.000-07:00
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs
@@ -2352,7 +2352,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                             }
                             else
                             {
-                                _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                // We use Task.Run here in all places to execute task synchronously in the same context.
+                                // Fixes block-over-async deadlock possibilities https://github.com/dotnet/SqlClient/issues/1209
+                                _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;
                             }
                             break;
@@ -2368,7 +2370,7 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                             else
                             {
                                 authParamsBuilder.WithUserId(ConnectionOptions.UserID);
-                                _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;
                             }
                             break;
@@ -2384,13 +2386,13 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                                 {
                                     username = _credential.UserId;
                                     authParamsBuilder.WithUserId(username).WithPassword(_credential.Password);
-                                    _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                    _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 }
                                 else
                                 {
                                     username = ConnectionOptions.UserID;
                                     authParamsBuilder.WithUserId(username).WithPassword(ConnectionOptions.Password);
-                                    _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                    _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 }
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;
                             }
@@ -2444,8 +2446,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                         || _timeout.MillisecondsRemaining <= sleepInterval)
                     {
                         SqlClientEventSource.Log.TryTraceEvent("<sc.SqlInternalConnectionTds.GetFedAuthToken.MSALException error:> {0}", msalException.ErrorCode);
+
                         // Error[0]
-                        SqlErrorCollection sqlErs = new SqlErrorCollection();
+                        SqlErrorCollection sqlErs = new();
                         sqlErs.Add(new SqlError(0, (byte)0x00, (byte)TdsEnums.MIN_ERROR_CLASS, ConnectionOptions.DataSource, StringsHelper.GetString(Strings.SQL_MSALFailure, username, ConnectionOptions.Authentication.ToString("G")), ActiveDirectoryAuthentication.MSALGetAccessTokenFunctionName, 0));
 
                         // Error[1]
@@ -2632,7 +2635,7 @@ internal void OnFeatureExtAck(int featureId, byte[] data)
                         Debug.Assert(_tceVersionSupported <= TdsEnums.MAX_SUPPORTED_TCE_VERSION, "Client support TCE version 2");
                         _parser.IsColumnEncryptionSupported = true;
                         _parser.TceVersionSupported = _tceVersionSupported;
-                        _parser.AreEnclaveRetriesSupported = _tceVersionSupported == 3; 
+                        _parser.AreEnclaveRetriesSupported = _tceVersionSupported == 3;
 
                         if (data.Length > 1)
                         {
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Resources/Strings.Designer.cs b/src/Microsoft.Data.SqlClient/netcore/src/Resources/Strings.Designer.cs
diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Resources/Strings.resx b/src/Microsoft.Data.SqlClient/netcore/src/Resources/Strings.resx
@@ -1348,7 +1348,7 @@
     <value>Failed to authenticate the user {0} in Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Error code 0x{0}; state {1}</value>
+    <value>Error code 0x{0}</value>
   </data>
   <data name="SQL_ParsingErrorWithState" xml:space="preserve">
     <value>Internal connection fatal error. Error state: {0}.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/Common/DbConnectionStringCommon.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/Common/DbConnectionStringCommon.cs
@@ -705,7 +705,7 @@ internal static string ColumnEncryptionSettingToString(SqlConnectionColumnEncryp
 
         internal static bool IsValidAuthenticationTypeValue(SqlAuthenticationMethod value)
         {
-            Debug.Assert(Enum.GetNames(typeof(SqlAuthenticationMethod)).Length == 9, "SqlAuthenticationMethod enum has changed, update needed");
+            Debug.Assert(Enum.GetNames(typeof(SqlAuthenticationMethod)).Length == 10, "SqlAuthenticationMethod enum has changed, update needed");
             return value == SqlAuthenticationMethod.SqlPassword
                 || value == SqlAuthenticationMethod.ActiveDirectoryPassword
                 || value == SqlAuthenticationMethod.ActiveDirectoryIntegrated
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs
@@ -2790,7 +2790,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                             }
                             else
                             {
-                                fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                // We use Task.Run here in all places to execute task synchronously in the same context.
+                                // Fixes block-over-async deadlock possibilities https://github.com/dotnet/SqlClient/issues/1209
+                                fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = fedAuthToken;
                             }
                             break;
@@ -2806,7 +2808,7 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                             else
                             {
                                 authParamsBuilder.WithUserId(ConnectionOptions.UserID);
-                                fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = fedAuthToken;
                             }
                             break;
@@ -2822,13 +2824,13 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                                 {
                                     username = _credential.UserId;
                                     authParamsBuilder.WithUserId(username).WithPassword(_credential.Password);
-                                    fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                    fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 }
                                 else
                                 {
                                     username = ConnectionOptions.UserID;
                                     authParamsBuilder.WithUserId(username).WithPassword(ConnectionOptions.Password);
-                                    fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();
+                                    fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();
                                 }
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = fedAuthToken;
                             }
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.Designer.cs b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.Designer.cs
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.de.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.de.resx
@@ -2563,7 +2563,7 @@
     <value>Fehler beim Authentifizieren des Benutzers "{0}" in Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Fehlercode 0x{0}; Status {1}</value>
+    <value>Fehlercode 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword erfordert SQL Server 9.0 oder höher.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.es.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.es.resx
@@ -2563,7 +2563,7 @@
     <value>Error al autenticar el usuario {0} en Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Código de error 0x{0}; estado{1}</value>
+    <value>Código de error 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword requiere SQL Server 9.0 o posterior.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.fr.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.fr.resx
@@ -2563,7 +2563,7 @@
     <value>Échec de l'authentification de l'utilisateur {0} dans Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Code d'erreur 0x{0} ; état {1}</value>
+    <value>Code d'erreur 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword requiert SQL Server 9.0 ou version ultérieure.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.it.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.it.resx
@@ -2563,7 +2563,7 @@
     <value>Non è possibile autenticare l'utente {0} in Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Codice errore: 0x{0}. Stato: {1}</value>
+    <value>Codice errore: 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword richiede SQL Server 9.0 o versione successiva.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.ja.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.ja.resx
@@ -2563,7 +2563,7 @@
     <value>ユーザー {0} を Active Directory (Authentication={1}) で認証できませんでした。</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>エラー コード 0x{0}、状態 {1}</value>
+    <value>エラー コード 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword を使用するには SQL Server 9.0 以降が必要です。</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.ko.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.ko.resx
@@ -2563,7 +2563,7 @@
     <value>Active Directory의 {0} 사용자를 인증하지 못했습니다(Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>오류 코드 0x{0}, 상태 {1}</value>
+    <value>오류 코드 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword를 사용하려면 SQL Server 9.0 이상이 필요합니다.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.pt-BR.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.pt-BR.resx
@@ -2563,7 +2563,7 @@
     <value>Falha ao autenticar o usuário {0} no Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Código do erro 0x{0}; estado {1}</value>
+    <value>Código do erro 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword requer SQL Server 9.0 ou posterior.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.resx
@@ -2563,7 +2563,7 @@
     <value>Failed to authenticate the user {0} in Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Error code 0x{0}; state {1}</value>
+    <value>Error code 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword requires SQL Server 9.0 or later.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.ru.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.ru.resx
@@ -2563,7 +2563,7 @@
     <value>Не удалось проверить подлинность пользователя {0} в Active Directory (Authentication={1}).</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>Код ошибки 0x{0}; состояние {1}</value>
+    <value>Код ошибки 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>Для ChangePassword требуется SQL Server 9.0 или более поздней версии.</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.zh-Hans.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.zh-Hans.resx
@@ -2563,7 +2563,7 @@
     <value>未能对 Active Directory 中的用户 {0} 进行身份验证(Authentication={1})。</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>错误代码 0x{0}；状态 {1}</value>
+    <value>错误代码 0x{0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword 要求 SQL Server 9.0 或更高版本。</value>
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.zh-Hant.resx b/src/Microsoft.Data.SqlClient/netfx/src/Resources/Strings.zh-Hant.resx
@@ -2563,7 +2563,7 @@
     <value>無法在 Active Directory (Authentication={1}) 中驗證使用者 {0}。</value>
   </data>
   <data name="SQL_MSALInnerException" xml:space="preserve">
-    <value>錯誤碼 0x {0}; 狀態 {1}</value>
+    <value>錯誤碼 0x {0}</value>
   </data>
   <data name="SQL_ChangePasswordRequiresYukon" xml:space="preserve">
     <value>ChangePassword 需要 SQL Server 9.0 或更新的版本。</value>
diff --git a/src/Microsoft.Data.SqlClient/tests/ManualTests/DataCommon/DataTestUtility.cs b/src/Microsoft.Data.SqlClient/tests/ManualTests/DataCommon/DataTestUtility.cs
@@ -728,6 +728,29 @@ public static string GetValueString(object paramValue)
             return paramValue.ToString();
         }
 
+        public static string FetchKeyInConnStr(string connStr, string[] keys)
+        {
+            // tokenize connection string and find matching key
+            if (connStr != null && keys != null)
+            {
+                string[] connProps = connStr.Split(';');
+                foreach (string cp in connProps)
+                {
+                    if (!string.IsNullOrEmpty(cp.Trim()))
+                    {
+                        foreach (var key in keys)
+                        {
+                            if (cp.Trim().ToLower().StartsWith(key.Trim().ToLower()))
+                            {
+                                return cp.Substring(cp.IndexOf('=') + 1);
+                            }
+                        }
+                    }
+                }
+            }
+            return null;
+        }
+
         public static string RemoveKeysInConnStr(string connStr, string[] keysToRemove)
         {
             // tokenize connection string and remove input keys.
diff --git a/src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/ConnectivityTests/AADConnectionTest.cs b/src/Microsoft.Data.SqlClient/tests/ManualTests/SQL/ConnectivityTests/AADConnectionTest.cs

Original file line number	Diff line number	Diff line change
`@@ -2352,7 +2352,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)`
`2352`	`2352`	`}`
`2353`	`2353`	`else`
`2354`	`2354`	`{`
`2355`		`- _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2355`	`+ // We use Task.Run here in all places to execute task synchronously in the same context.`
	`2356`	`+ // Fixes block-over-async deadlock possibilities https://github.com/dotnet/SqlClient/issues/1209`
	`2357`	`+ _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2356`	`2358`	`_activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;`
`2357`	`2359`	`}`
`2358`	`2360`	`break;`
`@@ -2368,7 +2370,7 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)`
`2368`	`2370`	`else`
`2369`	`2371`	`{`
`2370`	`2372`	`authParamsBuilder.WithUserId(ConnectionOptions.UserID);`
`2371`		`- _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2373`	`+ _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2372`	`2374`	`_activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;`
`2373`	`2375`	`}`
`2374`	`2376`	`break;`
`@@ -2384,13 +2386,13 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)`
`2384`	`2386`	`{`
`2385`	`2387`	`username = _credential.UserId;`
`2386`	`2388`	`authParamsBuilder.WithUserId(username).WithPassword(_credential.Password);`
`2387`		`- _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2389`	`+ _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2388`	`2390`	`}`
`2389`	`2391`	`else`
`2390`	`2392`	`{`
`2391`	`2393`	`username = ConnectionOptions.UserID;`
`2392`	`2394`	`authParamsBuilder.WithUserId(username).WithPassword(ConnectionOptions.Password);`
`2393`		`- _fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2395`	`+ _fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2394`	`2396`	`}`
`2395`	`2397`	`_activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;`
`2396`	`2398`	`}`
`@@ -2444,8 +2446,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)`
`2444`	`2446`	`\|\| _timeout.MillisecondsRemaining <= sleepInterval)`
`2445`	`2447`	`{`
`2446`	`2448`	`SqlClientEventSource.Log.TryTraceEvent("<sc.SqlInternalConnectionTds.GetFedAuthToken.MSALException error:> {0}", msalException.ErrorCode);`
	`2449`	`+`
`2447`	`2450`	`// Error[0]`
`2448`		`- SqlErrorCollection sqlErs = new SqlErrorCollection();`
	`2451`	`+ SqlErrorCollection sqlErs = new();`
`2449`	`2452`	`sqlErs.Add(new SqlError(0, (byte)0x00, (byte)TdsEnums.MIN_ERROR_CLASS, ConnectionOptions.DataSource, StringsHelper.GetString(Strings.SQL_MSALFailure, username, ConnectionOptions.Authentication.ToString("G")), ActiveDirectoryAuthentication.MSALGetAccessTokenFunctionName, 0));`
`2450`	`2453`
`2451`	`2454`	`// Error[1]`
`@@ -2632,7 +2635,7 @@ internal void OnFeatureExtAck(int featureId, byte[] data)`
`2632`	`2635`	`Debug.Assert(_tceVersionSupported <= TdsEnums.MAX_SUPPORTED_TCE_VERSION, "Client support TCE version 2");`
`2633`	`2636`	`_parser.IsColumnEncryptionSupported = true;`
`2634`	`2637`	`_parser.TceVersionSupported = _tceVersionSupported;`
`2635`		`- _parser.AreEnclaveRetriesSupported = _tceVersionSupported == 3;`
	`2638`	`+ _parser.AreEnclaveRetriesSupported = _tceVersionSupported == 3;`
`2636`	`2639`
`2637`	`2640`	`if (data.Length > 1)`
`2638`	`2641`	`{`
Original file line number	Diff line number	Diff line change
`@@ -705,7 +705,7 @@ internal static string ColumnEncryptionSettingToString(SqlConnectionColumnEncryp`
`705`	`705`
`706`	`706`	`internal static bool IsValidAuthenticationTypeValue(SqlAuthenticationMethod value)`
`707`	`707`	`{`
`708`		`- Debug.Assert(Enum.GetNames(typeof(SqlAuthenticationMethod)).Length == 9, "SqlAuthenticationMethod enum has changed, update needed");`
	`708`	`+ Debug.Assert(Enum.GetNames(typeof(SqlAuthenticationMethod)).Length == 10, "SqlAuthenticationMethod enum has changed, update needed");`
`709`	`709`	`return value == SqlAuthenticationMethod.SqlPassword`
`710`	`710`	`\|\| value == SqlAuthenticationMethod.ActiveDirectoryPassword`
`711`	`711`	`\|\| value == SqlAuthenticationMethod.ActiveDirectoryIntegrated`
Original file line number	Diff line number	Diff line change
`@@ -2790,7 +2790,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)`
`2790`	`2790`	`}`
`2791`	`2791`	`else`
`2792`	`2792`	`{`
`2793`		`- fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2793`	`+ // We use Task.Run here in all places to execute task synchronously in the same context.`
	`2794`	`+ // Fixes block-over-async deadlock possibilities https://github.com/dotnet/SqlClient/issues/1209`
	`2795`	`+ fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2794`	`2796`	`_activeDirectoryAuthTimeoutRetryHelper.CachedToken = fedAuthToken;`
`2795`	`2797`	`}`
`2796`	`2798`	`break;`
`@@ -2806,7 +2808,7 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)`
`2806`	`2808`	`else`
`2807`	`2809`	`{`
`2808`	`2810`	`authParamsBuilder.WithUserId(ConnectionOptions.UserID);`
`2809`		`- fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2811`	`+ fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2810`	`2812`	`_activeDirectoryAuthTimeoutRetryHelper.CachedToken = fedAuthToken;`
`2811`	`2813`	`}`
`2812`	`2814`	`break;`
`@@ -2822,13 +2824,13 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)`
`2822`	`2824`	`{`
`2823`	`2825`	`username = _credential.UserId;`
`2824`	`2826`	`authParamsBuilder.WithUserId(username).WithPassword(_credential.Password);`
`2825`		`- fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2827`	`+ fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2826`	`2828`	`}`
`2827`	`2829`	`else`
`2828`	`2830`	`{`
`2829`	`2831`	`username = ConnectionOptions.UserID;`
`2830`	`2832`	`authParamsBuilder.WithUserId(username).WithPassword(ConnectionOptions.Password);`
`2831`		`- fedAuthToken = authProvider.AcquireTokenAsync(authParamsBuilder).Result.ToSqlFedAuthToken();`
	`2833`	`+ fedAuthToken = Task.Run(async () => await authProvider.AcquireTokenAsync(authParamsBuilder)).GetAwaiter().GetResult().ToSqlFedAuthToken();`
`2832`	`2834`	`}`
`2833`	`2835`	`_activeDirectoryAuthTimeoutRetryHelper.CachedToken = fedAuthToken;`
`2834`	`2836`	`}`