Deprecate 'Active Directory Password' authentication mode. (#3219)

Author: cheenamalhotra

doc/snippets/Microsoft.Data.SqlClient/ActiveDirectoryAuthenticationProvider.xml

@@ -180,7 +180,7 @@
       <remarks>
         The supported authentication modes with <see cref="T:Microsoft.Data.SqlClient.ActiveDirectoryAuthenticationProvider" /> are:
         <list type="bullet">
-          <item>Active Directory Password</item>
+          <item>Active Directory Password (deprecated)</item>
           <item>Active Directory Integrated</item>
           <item>Active Directory Interactive</item>
           <item>Active Directory Service Principal</item>

doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml

@@ -12,7 +12,7 @@
       <value>1</value>
     </SqlPassword>
     <ActiveDirectoryPassword>
-      <summary>The authentication method uses Active Directory Password. Use Active Directory Password to connect to a SQL Database using a Microsoft Entra principal name and password.</summary>
+      <summary>The authentication method uses Active Directory Password. Use Active Directory Password to connect to a SQL Database using a Microsoft Entra principal name and password. This authentication method is now deprecated, and will be removed in a future release.</summary>
       <value>2</value>
     </ActiveDirectoryPassword>
     <ActiveDirectoryIntegrated>

doc/snippets/Microsoft.Data.SqlClient/SqlConnection.xml

@@ -1330,9 +1330,9 @@
                 Valid values are:
               </para>
               <list type="bullet">
+                <item><c>Active Directory Password (deprecated)</c></item>
                 <item><c>Active Directory Integrated</c></item>
                 <item><c>Active Directory Interactive</c></item>
-                <item><c>Active Directory Password</c></item>
                 <item><c>Active Directory Service Principal</c></item>
                 <item><c>Active Directory Device Code Flow</c></item>
                 <item><c>Active Directory Managed Identity</c></item>
@@ -1874,7 +1874,7 @@
                         <item>.database.windows.net</item>
                       </list>
                     </item>
-                    <item><c>Authentication</c> is 'Active Directory Password' or 'Active Directory Integrated'</item>
+                    <item><c>Authentication</c> is one of the 'Active Directory' authentication types.</item>
                   </list>
                 </item>
                 <item><c>true</c> in all other cases.</item>

doc/snippets/Microsoft.Data.SqlClient/SqlConnectionStringBuilder.xml

@@ -1641,7 +1641,7 @@
             </list>
           </item>
           <item>
-            <c>Authentication</c> is 'Active Directory Password' or 'Active Directory Integrated'
+            <c>Authentication</c> is one of the 'Active Directory' authentication types.
           </item>
           <item>Otherwise it defaults to <c>true</c>.</item>
         </list>

src/Microsoft.Data.SqlClient/netcore/ref/Microsoft.Data.SqlClient.cs

@@ -190,6 +190,7 @@ public enum SqlAuthenticationMethod
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/SqlPassword/*'/>
         SqlPassword = 1,
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/ActiveDirectoryPassword/*'/>
+        [System.Obsolete("ActiveDirectoryPassword is deprecated.")]
         ActiveDirectoryPassword = 2,
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/ActiveDirectoryIntegrated/*'/>
         ActiveDirectoryIntegrated = 3,

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnection.cs

@@ -2001,7 +2001,9 @@ private bool TryOpen(TaskCompletionSource<DbConnectionInternal> retry, SqlConnec
 
             if (connectionOptions != null &&
                 (connectionOptions.Authentication == SqlAuthenticationMethod.SqlPassword ||
+                    #pragma warning disable 0618
                     connectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryPassword ||
+                    #pragma warning restore 0618
                     connectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryServicePrincipal) &&
                 (!connectionOptions._hasUserIdKeyword || !connectionOptions._hasPasswordKeyword) &&
                 _credential == null)

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs

@@ -1329,7 +1329,9 @@ private void Login(ServerInfo server, TimeoutTimer timeout, string newPassword,
             // If the workflow being used is Active Directory Authentication and server's prelogin response
             // for FEDAUTHREQUIRED option indicates Federated Authentication is required, we have to insert FedAuth Feature Extension
             // in Login7, indicating the intent to use Active Directory Authentication for SQL Server.
+            #pragma warning disable 0618
             if (ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryPassword
+            #pragma warning restore 0618
                 || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryInteractive
                 || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow
                 || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryServicePrincipal
@@ -2486,7 +2488,9 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                                 _activeDirectoryAuthTimeoutRetryHelper.CachedToken = _fedAuthToken;
                             }
                             break;
+                        #pragma warning disable 0618
                         case SqlAuthenticationMethod.ActiveDirectoryPassword:
+                        #pragma warning restore 0618
                         case SqlAuthenticationMethod.ActiveDirectoryServicePrincipal:
                             if (_activeDirectoryAuthTimeoutRetryHelper.State == ActiveDirectoryAuthenticationTimeoutRetryState.Retrying)
                             {

src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsParser.cs

@@ -8314,7 +8314,9 @@ internal int WriteFedAuthFeatureRequest(FederatedAuthenticationFeatureExtensionD
                         byte workflow = 0x00;
                         switch (fedAuthFeatureData.authentication)
                         {
+                            #pragma warning disable 0618
                             case SqlAuthenticationMethod.ActiveDirectoryPassword:
+                            #pragma warning restore 0618
                                 workflow = TdsEnums.MSALWORKFLOW_ACTIVEDIRECTORYPASSWORD;
                                 break;
                             case SqlAuthenticationMethod.ActiveDirectoryIntegrated:

src/Microsoft.Data.SqlClient/netfx/ref/Microsoft.Data.SqlClient.cs

@@ -129,6 +129,7 @@ public enum SqlAuthenticationMethod
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/SqlPassword/*'/>
         SqlPassword = 1,
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/ActiveDirectoryPassword/*'/>
+        [System.Obsolete("ActiveDirectoryPassword is deprecated.")]
         ActiveDirectoryPassword = 2,
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/ActiveDirectoryIntegrated/*'/>
         ActiveDirectoryIntegrated = 3,

src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SqlConnection.cs

@@ -2058,7 +2058,9 @@ private bool TryOpen(TaskCompletionSource<DbConnectionInternal> retry, SqlConnec
 
             if (connectionOptions != null &&
                 (connectionOptions.Authentication == SqlAuthenticationMethod.SqlPassword ||
+                    #pragma warning disable 0618
                     connectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryPassword ||
+                    #pragma warning restore 0618
                     connectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryServicePrincipal) &&
                 (!connectionOptions._hasUserIdKeyword || !connectionOptions._hasPasswordKeyword) &&
                 _credential == null)