Expose SSPI context provider as public

[twsouthwick]

This change:

• Adds a property to SqlConnection to allow setting a provider
• Plumbs that property into the TdsParser so that it can be used if set

Fixes #2253

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 59.06%. Comparing base (63443f4) to head (ee6c4cf).

❗ There is a different number of reports uploaded between BASE (63443f4) and HEAD (ee6c4cf). Click for more details.

HEAD has 1 upload less than BASE

Flag	BASE (63443f4)	HEAD (ee6c4cf)
addons	1	0

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #2494       +/-   ##
===========================================
- Coverage   69.90%   59.06%   -10.84%     
===========================================
  Files         276      270        -6     
  Lines       62414    62098      -316     
===========================================
- Hits        43629    36677     -6952     
- Misses      18785    25421     +6636     

Flag	Coverage Δ
addons	?
netcore	61.71% <ø> (-11.13%)	⬇️
netfx	62.71% <ø> (-6.91%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[benrr101]

Overall, really like the goal and implementation. Most of my comments are style related, since I'm sure my colleagues have tackled the bigger questions.

[paulmedynski]

Made an initial pass, and came up with some questions/comments.

[paulmedynski]

Factory vs instance in the netfx code, and a few questions about docs.

[nhart12]

Latest package still works for our use-case

[twsouthwick]

ping @mdaigle @paulmedynski @benrr101 @David-Engel

[mdaigle]

A few small things I'd like to see addressed. I will also leave this blocked until we complete a security review. We need to do one soon for our upcoming releases anyway.

[mdaigle]

It would be nice to find a way to test the positive case, so that we know we can successfully connect via a custom context provider.

[twsouthwick]

Yeah, I struggled to figure out how to test it even for this. The main problem with a positive case is that the implementation is wildly different between frameworks so testing it starts being difficult. My thought here was to ensure it gets plumbed through, and the existing tests ensure that once it's being called that it works correctly.

If you have ideas here, please let me know how to proceed.

[paulmedynski]

@twsouthwick - Need to resolve conflicts here, but I know @benrr101 is also working on merging the .NET and .NET Framework instances of this class, so please coordinate with him.

[paulmedynski]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 2 pipeline(s).

[twsouthwick]

@paulmedynski @mdaigle the two failures look to be test failures with sql server setup. otherwise it's ready again

[twsouthwick]

@mdaigle @paulmedynski any updates on timing here? Are we still waiting for a security review?

[mdaigle]

@twsouthwick yes, we still need to set up a security review. We had originally planned on doing that for the 6.1 release but opted to avoid security sensitive changes. I'm hoping I'll have a chance soon to update out threat model diagrams for this feature and then schedule a feature specific review.

[twsouthwick]

@mdaigle I've created a separate PR to make the non-public changes so that future merge conflicts are minimal: #3511