AOT-safe auth provider with feature switch and trimmer support by paulmedynski · Pull Request #4348 · dotnet/SqlClient

paulmedynski · 2026-06-09T13:56:29Z

Summary

Make SqlAuthenticationProviderManager public with a static GetProvider/SetProvider API and add trimmer/AOT support via a feature switch.

Changes

Public API: Expose SqlAuthenticationProviderManager.GetProvider() and SetProvider() as the public surface for authentication provider registration
Feature switch: Microsoft.Data.SqlClient.EnableReflectionBasedAuthenticationProviderDiscovery
- Uses [FeatureSwitchDefinition] on .NET 9+ for linker-integrated trimming
- Uses ILLink.Substitutions.xml for .NET 8 trimmer support
- When set to false, the reflection-based LoadAzureExtensionProvider() is trimmed away
ILLink substitutions: A single cross-platform ILLink.Substitutions.xml (embedded on all non-net462 TFMs) contains both the auth provider feature switch and UseManagedNetworkingOnWindows entries. The UseManagedNetworking property uses a runtime platform guard (!OperatingSystem.IsWindows() || UseManagedNetworkingOnWindows) so the trimmer substitution of UseManagedNetworkingOnWindows is safe on all platforms — Unix always returns true regardless of the substituted value.
Ref assembly: Updated without nullable annotations (per existing codebase convention)
AotCompatibility test app (tools/AotCompatibility/): Validates Native AOT publish succeeds and verifies trimmer removes reflection code when feature switch is disabled
Unit tests:
- New tests for the public provider manager API
- New ILLinkSubstitutionsTests verifying correct embedded resources per platform

Verification

dotnet build -t:Build succeeds (0 warnings, 0 errors)
Unit tests pass (782/783 — 1 pre-existing failure unrelated to this PR)
dotnet publish with Native AOT succeeds for net9.0/net10.0
ILC map file confirms LoadAzureExtensionProvider is trimmed when feature switch is false
Single ILLink.Substitutions.xml embedded in assembly on all platforms

Notes

The notsupported files need regeneration via GenAPI to pick up the ref assembly changes (not included in this PR to avoid noise)
Nullable annotations are intentionally omitted from the ref assembly, consistent with existing patterns (e.g., SspiAuthenticationParameters, column encryption providers)

Copilot

Pull request overview

This PR exposes an AOT-friendly public authentication provider registration surface (SqlAuthenticationProviderManager) and introduces a feature switch to enable trimming away reflection-based Azure extension provider discovery for NativeAOT/trimming scenarios.

Changes:

Made SqlAuthenticationProviderManager public with GetProvider/SetProvider APIs and added ApplicationClientId as part of the public surface.
Added Microsoft.Data.SqlClient.EnableReflectionBasedAuthenticationProviderDiscovery feature switch with trimmer support ([FeatureSwitchDefinition] on .NET 9+ and ILLink.Substitutions.xml for .NET 8).
Added an tools/AotCompatibility test app plus new/updated unit & functional tests covering the new public API and config behavior.

Reviewed changes

Copilot reviewed 19 out of 19 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
tools/AotCompatibility/README.md	Documents the AOT compatibility test app and feature switch usage.
tools/AotCompatibility/Program.cs	Implements runtime checks and trimming verification via the ILC map file.
tools/AotCompatibility/Directory.Packages.props	Enables CPM for the tool (project-mode, no package versions).
tools/AotCompatibility/Directory.Build.props	Prevents inheriting repo-wide build props for the tool.
tools/AotCompatibility/AotCompatibility.csproj	Adds the NativeAOT/trimming test app and propagates the feature switch via `RuntimeHostConfigurationOption`.
src/Microsoft.Data.SqlClient/tests/UnitTests/Microsoft/Data/SqlClient/SqlAuthenticationProviderManagerTests.cs	Adds unit tests for the new public manager API and interop with Abstractions.
src/Microsoft.Data.SqlClient/tests/UnitTests/Microsoft/Data/SqlClient/LocalAppContextSwitchesTest.cs	Extends default-switch tests to cover the new auth discovery switch.
src/Microsoft.Data.SqlClient/tests/FunctionalTests/SqlAuthenticationProviderManagerTests.cs	Adjusts tests (pragma) and adds validation for reading `ApplicationClientId` from config.
src/Microsoft.Data.SqlClient/tests/FunctionalTests/app.config	Adds `applicationClientId` attribute to the auth provider config section.
src/Microsoft.Data.SqlClient/tests/FunctionalTests/AADAuthenticationTests.cs	Adds pragma suppression around newly-obsoleted Abstractions API usage.
src/Microsoft.Data.SqlClient/tests/Common/LocalAppContextSwitchesHelper.cs	Adds helper plumbing to reset the new switch in tests.
src/Microsoft.Data.SqlClient/src/Resources/ILLink.Substitutions.xml	Adds substitutions for the new feature switch (and retains UseManagedNetworking stubs).
src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.cs	Makes the type public and guards reflection-based discovery behind the new switch; adds AOT/trimming annotations.
src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/LocalAppContextSwitches.cs	Introduces the new switch property and `[FeatureSwitchDefinition]` for .NET 9+.
src/Microsoft.Data.SqlClient/src/Microsoft.Data.SqlClient.csproj	Embeds `ILLink.Substitutions.xml` for all non-net462 TFMs.
src/Microsoft.Data.SqlClient/ref/Microsoft.Data.SqlClient.cs	Adds the new public API to the reference assembly (without nullable annotations).
src/Microsoft.Data.SqlClient.Extensions/Abstractions/src/SqlAuthenticationProvider.Internal.cs	Updates reflection binding flags to target public manager methods.
src/Microsoft.Data.SqlClient.Extensions/Abstractions/src/SqlAuthenticationProvider.cs	Marks legacy Abstractions APIs obsolete in favor of the new manager APIs.
doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationProviderManager.xml	Adds public XML doc content for the new manager API.

Comments suppressed due to low confidence (1)

src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.cs:346

SetProvider is now a public API but does not validate the provider argument; passing null currently results in a NullReferenceException. Public APIs should throw ArgumentNullException for null arguments.

        /// <include file='../../../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationProviderManager.xml' path='docs/members[@name="SqlAuthenticationProviderManager"]/SetProvider/*'/>
        public static bool SetProvider(SqlAuthenticationMethod authenticationMethod, SqlAuthenticationProvider provider)
        {
            if (!provider.IsSupported(authenticationMethod))
            {
                throw SQL.UnsupportedAuthenticationByProvider(authenticationMethod.ToString(), provider.GetType().Name);

- Fix SetProvider exception docs: SqlException → NotSupportedException - Clarify AOT remarks: static ctor uses reflection by default; describe how to disable it for full AOT compatibility - Return non-zero exit code on SqlConnection construction failure - Replace Directory.GetFiles with EnumerateFiles(IgnoreInaccessible) - Clarify README: 'the test app default' vs library default - Add XML summary docs to all new unit test methods - Remove [Obsolete] from SqlAuthenticationProvider.GetProvider/SetProvider; add remarks pointing to SqlAuthenticationProviderManager equivalents noting future deprecation and removal - Remove corresponding #pragma CS0618 suppressions from tests - Document applicationClientId in test app.config

paulmedynski

I decided against the obsoletion.

Copilot

Pull request overview

Copilot reviewed 22 out of 22 changed files in this pull request and generated 6 comments.

… doc fixes - Wrap `using System.Diagnostics.CodeAnalysis` in #if NET (unused on net462) - Gate ILLink substitution tests by TFM; add NETFRAMEWORK negative assertions - Fix remarks: "on all TFMs" -> "on .NET 8+" (net462 has no trimmer) - Add -f/-r flags to AotCompatibility README publish examples

paulmedynski · 2026-06-09T17:35:22Z

Addressed all actionable review feedback in 11d75ab:

Unused using on net462 (comment): Wrapped using System.Diagnostics.CodeAnalysis; in #if NET since the attributes are only referenced inside that conditional.
Missing using for SqlConnection (comment): No change needed — SqlConnection resolves via parent namespace (Microsoft.Data.SqlClient.UnitTests → Microsoft.Data.SqlClient). Build confirms clean with no CS0246.
Cross-platform substitution assertion on net462 (comment): Added #if NETFRAMEWORK branch with negative assertion (DoesNotContain) confirming the resource is correctly excluded, matching the csproj condition.
Windows substitution assertion on net462 (comment): Same approach — net462 now asserts DoesNotContain("ILLink.Substitutions.Windows.xml").
"on all TFMs" wording (comment): Reworded to "on .NET 8+" to accurately reflect that net462 has no trimmer support.
Publish commands missing -f/-r (comment): Added explicit -f net9.0 -r linux-x64 (and -r win-x64 for Windows) so the commands match the documented output paths.

codecov · 2026-06-09T19:18:28Z

Codecov Report

❌ Patch coverage is 77.77778% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 63.42%. Comparing base (47f4e52) to head (f02279b).

Files with missing lines	Patch %	Lines
...icrosoft/Data/SqlClient/LocalAppContextSwitches.cs	63.63%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4348      +/-   ##
==========================================
- Coverage   65.39%   63.42%   -1.98%     
==========================================
  Files         285      280       -5     
  Lines       43331    66217   +22886     
==========================================
+ Hits        28337    41999   +13662     
- Misses      14994    24218    +9224

Flag	Coverage Δ
CI-SqlClient	`?`
PR-SqlClient-Project	`63.42% <77.77%> (?)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Copilot

Pull request overview

Copilot reviewed 21 out of 21 changed files in this pull request and generated 6 comments.

- Rename s_useManagedNetworking → s_useManagedNetworkingOnWindows in LocalAppContextSwitchesHelper to match field rename in LocalAppContextSwitches (3 sites: ctor, Dispose, property) - Use parameterless ActiveDirectoryAuthenticationProvider ctor when ApplicationClientId is null to preserve built-in default client ID - Add -f net9.0 -r linux-x64 to AOT README publish-with-reflection example

Copilot

Pull request overview

Copilot reviewed 21 out of 21 changed files in this pull request and generated 4 comments.

- Stream ILC map file line-by-line instead of File.ReadAllText to avoid memory pressure from large map files (tools/AotCompatibility) - Add warning when AppContext feature switch is absent (expected in JIT mode) - Fix stale app.config comment referencing removed public ApplicationClientId - Move app.config auth provider tests from FunctionalTests to UnitTests - Add separate token-acquisition test for config-registered provider - Remove duplicate IsDummySqlAuthenticationProviderSetByDefault test, its DummySqlAuthenticationProvider, and app.config from FunctionalTests - Add internal ApplicationClientId property for test verification

paulmedynski · 2026-06-18T17:23:07Z

We have another design approach that we would like to explore, so pausing this PR for the time being.

…stractions Bare-minimum changes to produce and test signed assemblies in the CI Package pipeline, plus the Abstractions strong-name verification of the SqlClient assembly. - Add the download-assembly-signing-key pipeline step and thread SigningKeyPath / TestSigningKeyPath through the CI Package build, pack, and test jobs so the SqlClient package and its tests are produced and run signed. - Thread isInternalBuild through the SqlClient and Abstractions package stages. - In SqlAuthenticationProvider (Abstractions), verify the loaded Microsoft.Data.SqlClient assembly's public key token when STRONG_NAME_SIGNING is defined, with defense-in-depth post-load verification on .NET Core. - Add conditional signed InternalsVisibleTo and test-assembly signing for the Abstractions project and its tests.

- Make SqlAuthenticationProviderManager public with static GetProvider/SetProvider API - Add FeatureSwitchDefinition for reflection-based provider discovery (Microsoft.Data.SqlClient.EnableReflectionBasedAuthenticationProviderDiscovery) - Add ILLink.Substitutions.xml for net8.0 trimmer support - Add AotCompatibility test app (tools/AotCompatibility) validating Native AOT publish and trimmer behavior - Update ref assembly (no nullable annotations, per codebase convention) - Add unit tests for provider manager public API

- Fix SetProvider exception docs: SqlException → NotSupportedException - Clarify AOT remarks: static ctor uses reflection by default; describe how to disable it for full AOT compatibility - Return non-zero exit code on SqlConnection construction failure - Replace Directory.GetFiles with EnumerateFiles(IgnoreInaccessible) - Clarify README: 'the test app default' vs library default - Add XML summary docs to all new unit test methods - Remove [Obsolete] from SqlAuthenticationProvider.GetProvider/SetProvider; add remarks pointing to SqlAuthenticationProviderManager equivalents noting future deprecation and removal - Remove corresponding #pragma CS0618 suppressions from tests - Document applicationClientId in test app.config

Separate UseManagedNetworkingOnWindows entries into a Windows-only ILLink.Substitutions.Windows.xml file to prevent a breaking change for cross-platform consumers who set the switch to false expecting it to be a no-op on Unix. Add unit tests verifying the correct substitution files are embedded per platform.

… doc fixes - Wrap `using System.Diagnostics.CodeAnalysis` in #if NET (unused on net462) - Gate ILLink substitution tests by TFM; add NETFRAMEWORK negative assertions - Fix remarks: "on all TFMs" -> "on .NET 8+" (net462 has no trimmer) - Add -f/-r flags to AotCompatibility README publish examples

- Remove 'using Microsoft.Data.SqlClient.Tests.Common;' from SqlAuthenticationProviderManagerTests.cs - Remove 'using System.Reflection;' from ILLinkSubstitutionsTests.cs Both would cause CS8019 with warnings-as-errors.

Restructure UseManagedNetworking so it no longer needs a per-OS ILLink substitution file: public static bool UseManagedNetworking => The platform guard guarantees managed SNI on non-Windows regardless of the trimmer-substituted value of UseManagedNetworkingOnWindows, making it safe to embed the substitution entries in the cross-platform ILLink.Substitutions.xml on all platforms. Changes: - LocalAppContextSwitches: split UseManagedNetworking into a public expression-bodied property with platform guard + private UseManagedNetworkingOnWindows property (trimmer target) - Widen UseManagedNetworkingOnWindowsString and cache field from '#if NET && _WINDOWS' to '#if NET' - Merge ILLink.Substitutions.Windows.xml entries into the cross-platform ILLink.Substitutions.xml (targeting get_UseManagedNetworkingOnWindows instead of get_UseManagedNetworking) - Delete ILLink.Substitutions.Windows.xml - Remove conditional Windows-only embedding from csproj - Update ILLinkSubstitutionsTests to match: single cross-platform resource on all .NET TFMs, no Windows-specific resource

- Rename s_useManagedNetworking → s_useManagedNetworkingOnWindows in LocalAppContextSwitchesHelper to match field rename in LocalAppContextSwitches (3 sites: ctor, Dispose, property) - Use parameterless ActiveDirectoryAuthenticationProvider ctor when ApplicationClientId is null to preserve built-in default client ID - Add -f net9.0 -r linux-x64 to AOT README publish-with-reflection example

- Remove the public static ApplicationClientId property from the Manager - Remove it from the ref assembly and XML docs - Skip app.config loading when reflection-based discovery is disabled - Split into two constructors: no-arg (AOT-safe) and object-arg (config-driven) - Update AotCompatibility test app to supply a random GUID as client ID - Remove related unit and functional tests

- Stream ILC map file line-by-line instead of File.ReadAllText to avoid memory pressure from large map files (tools/AotCompatibility) - Add warning when AppContext feature switch is absent (expected in JIT mode) - Fix stale app.config comment referencing removed public ApplicationClientId - Move app.config auth provider tests from FunctionalTests to UnitTests - Add separate token-acquisition test for config-registered provider - Remove duplicate IsDummySqlAuthenticationProviderSetByDefault test, its DummySqlAuthenticationProvider, and app.config from FunctionalTests - Add internal ApplicationClientId property for test verification

Copilot

Pull request overview

Copilot reviewed 45 out of 45 changed files in this pull request and generated 2 comments.

+        /// <include file='../../../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationProviderManager.xml' path='docs/members[@name="SqlAuthenticationProviderManager"]/ApplicationClientId/*'/>
+        public static string? ApplicationClientId => Instance._applicationClientId;
+        /// <summary>
+        /// Gets the application client ID read from the app.config configuration section,
+        /// or <see langword="null"/> if none was configured.
+        /// </summary>
+        internal static string? ApplicationClientId => Instance._applicationClientId;
+


+using Xunit;
+


… bridge Relocates the authentication provider registry into the shared Abstractions assembly and removes the Abstractions->core reflection bridge. A lazy, core-side AuthenticationBootstrapper performs config-driven and Azure extension provider discovery, seeding the Abstractions registry on first federated authentication. - Add internal AuthenticationProviderRegistry + resource infra (AbstractionsStrings) to Abstractions; wire SqlAuthenticationProvider Get/SetProvider to it directly. - Delete SqlAuthenticationProvider.Internal reflection bridge. - Replace public SqlAuthenticationProviderManager with internal AuthenticationBootstrapper in core; remove it from the public ref surface and notsupported stubs. - Trigger bootstrap from SqlConnectionInternal.GetFedAuthToken. - Redistribute manager tests into Abstractions.Test (registry) and UnitTests (bootstrapper); Azure DefaultAuthProviderTests triggers bootstrap via reflection (TODO: switch to IVT once PR #4385 signs Azure.Test). - Update AotCompatibility tool/docs and doc-comment references.

Copilot AI review requested due to automatic review settings June 9, 2026 13:56

github-project-automation Bot added this to SqlClient Board Jun 9, 2026

github-project-automation Bot moved this to To triage in SqlClient Board Jun 9, 2026

Copilot started reviewing on behalf of paulmedynski June 9, 2026 13:56 View session

paulmedynski moved this from To triage to In progress in SqlClient Board Jun 9, 2026

paulmedynski added Public API 🆕 Issues/PRs that introduce new APIs to the driver. Area\Azure Connectivity Use this to tag issues that are related to Azure connectivity. Hotfix 7.0.2 PRs targeting main that should be backported to release/7.0 for the 7.0.2 release. labels Jun 9, 2026

paulmedynski added this to the 7.1.0-preview2 milestone Jun 9, 2026

paulmedynski linked an issue Jun 9, 2026 that may be closed by this pull request

Entra ID authentication broken under NativeAOT in v7.0 — Extensions.Azure reflection-based discovery is AOT-incompatible #4193

Open

Copilot AI reviewed Jun 9, 2026

View reviewed changes

paulmedynski commented Jun 9, 2026

View reviewed changes

Comment thread src/Microsoft.Data.SqlClient.Extensions/Abstractions/src/SqlAuthenticationProvider.cs Outdated

paulmedynski changed the title ~~feat: AOT-safe auth provider with feature switch and trimmer support~~ AOT-safe auth provider with feature switch and trimmer support Jun 9, 2026

paulmedynski commented Jun 9, 2026

View reviewed changes

Copilot AI review requested due to automatic review settings June 9, 2026 17:05

Copilot started reviewing on behalf of paulmedynski June 9, 2026 17:05 View session

paulmedynski mentioned this pull request Jun 9, 2026

Backport AOT-safe auth provider to release/7.0 branch #4349

Open

5 tasks

Copilot AI reviewed Jun 9, 2026

View reviewed changes

paulmedynski commented Jun 10, 2026

View reviewed changes

Comment thread src/Microsoft.Data.SqlClient/src/Microsoft.Data.SqlClient.csproj

paulmedynski marked this pull request as ready for review June 10, 2026 11:34

paulmedynski requested a review from a team as a code owner June 10, 2026 11:34

Copilot AI review requested due to automatic review settings June 10, 2026 11:34

paulmedynski enabled auto-merge (squash) June 10, 2026 11:34

Copilot started reviewing on behalf of paulmedynski June 10, 2026 11:34 View session

github-actions Bot assigned cheenamalhotra and priyankatiwari08 Jun 10, 2026

Copilot AI review requested due to automatic review settings June 16, 2026 10:41

Copilot started reviewing on behalf of paulmedynski June 16, 2026 10:41 View session

Copilot AI reviewed Jun 16, 2026

View reviewed changes

Copilot AI review requested due to automatic review settings June 17, 2026 21:24

Copilot started reviewing on behalf of paulmedynski June 17, 2026 21:24 View session

Copilot AI reviewed Jun 17, 2026

View reviewed changes

Comment thread tools/AotCompatibility/Program.cs Outdated

Comment thread src/Microsoft.Data.SqlClient/tests/FunctionalTests/app.config Outdated

Comment thread src/Microsoft.Data.SqlClient/ref/Microsoft.Data.SqlClient.cs Outdated

Comment thread tools/AotCompatibility/Program.cs Outdated

paulmedynski removed this from the 7.1.0-preview2 milestone Jun 18, 2026

paulmedynski marked this pull request as draft June 18, 2026 17:22

auto-merge was automatically disabled June 18, 2026 17:22
Pull request was converted to draft

paulmedynski unassigned cheenamalhotra and priyankatiwari08 Jun 18, 2026

paulmedynski removed the Hotfix 7.0.2 PRs targeting main that should be backported to release/7.0 for the 7.0.2 release. label Jun 18, 2026

paulmedynski added 10 commits June 19, 2026 12:51

Remove unused using directives flagged by PR review

d2bd1d6

- Remove 'using Microsoft.Data.SqlClient.Tests.Common;' from SqlAuthenticationProviderManagerTests.cs - Remove 'using System.Reflection;' from ILLinkSubstitutionsTests.cs Both would cause CS8019 with warnings-as-errors.

Copilot AI review requested due to automatic review settings June 19, 2026 17:52

paulmedynski force-pushed the dev/paul/aot branch from f1da5b1 to 99a0cb9 Compare June 19, 2026 17:52

Copilot started reviewing on behalf of paulmedynski June 19, 2026 17:52 View session

Copilot AI reviewed Jun 19, 2026

View reviewed changes

Conversation

paulmedynski commented Jun 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Changes

Verification

Notes

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Reviewed changes

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

paulmedynski left a comment

Choose a reason for hiding this comment

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

paulmedynski commented Jun 9, 2026

Uh oh!

codecov Bot commented Jun 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

paulmedynski commented Jun 18, 2026

Uh oh!

Copilot AI left a comment

Choose a reason for hiding this comment

Pull request overview

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

paulmedynski commented Jun 9, 2026 •

edited

Loading

codecov Bot commented Jun 9, 2026 •

edited

Loading