Update 11.2 servicing branch to run on test pipelines + dependency update (#2602)

* Update build.gradle

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Update pom.xml

* Update pom.xml

* ManagedIdentity I

Signed-off-by: Jeff Wasty <[email protected]>

* Updates for running tests with managed identity (#2416)

Signed-off-by: Jeff Wasty <[email protected]>

# Conflicts:
#	src/test/java/com/microsoft/sqlserver/jdbc/SQLServerConnectionTest.java
#	src/test/java/com/microsoft/sqlserver/jdbc/TestResource.java
#	src/test/java/com/microsoft/sqlserver/jdbc/TestUtils.java
#	src/test/java/com/microsoft/sqlserver/jdbc/connection/TimeoutTest.java
#	src/test/java/com/microsoft/sqlserver/jdbc/databasemetadata/DatabaseMetaDataTest.java
#	src/test/java/com/microsoft/sqlserver/jdbc/unit/statement/BatchExecutionTest.java

* Delete mistakenly added files

* Delete mistakenly added files

* Revert "Delete mistakenly added files"

This reverts commit 19abc22.

* Revert "Delete mistakenly added files"

This reverts commit 04f8c82.

* Revert "Updates for running tests with managed identity (#2416)"

This reverts commit b727a96.

* Revert "ManagedIdentity I"

This reverts commit 6d5c519.

* Delete garbage

* Fixed Managed Identity tests (#1935)

Signed-off-by: Jeff Wasty <[email protected]>

# Conflicts:
#	src/test/java/com/microsoft/sqlserver/jdbc/AlwaysEncrypted/MSITest.java

* Managed Identity dev experience improvements #1936

Signed-off-by: Jeff Wasty <[email protected]>

* Updates for running tests with managed identity #2416

Signed-off-by: Jeff Wasty <[email protected]>

* cleanup

Signed-off-by: Jeff Wasty <[email protected]>

* Update tests for Kerberos

Signed-off-by: Jeff Wasty <[email protected]>

* Remove unused test

* tsc=true for ae

Signed-off-by: Jeff Wasty <[email protected]>

* Add tags for testDefaultRetry

* Remove unstable test

Signed-off-by: Jeff Wasty <[email protected]>

* Add throttling error message to tests (#2044)

Signed-off-by: Jeff Wasty <[email protected]>

* Updated fedauth tests to run on diff test server (#2062)

Signed-off-by: Jeff Wasty <[email protected]>

* Update fedauth tests to use cached tokens and retry if throttled (#2077)

Signed-off-by: Jeff Wasty <[email protected]>

* Add back missing import

Signed-off-by: Jeff Wasty <[email protected]>

* Resolve static issue with IOBuffer

Signed-off-by: Jeff Wasty <[email protected]>

* Add back a missing import

* Fixed TestUtils

* Remove mistakenly added code

* Cleanup

* Cleanup testutils

* More cleanup

* Add more time for 'testDefaultRetry' &
Fix tests for testing encrypt options (#2215)

* Update setAEConnectionString

* Updated fedauth error tests (#2538)

Signed-off-by: Jeff Wasty <[email protected]>

# Conflicts:
#	src/test/java/com/microsoft/sqlserver/jdbc/fedauth/ErrorMessageTest.java
#	src/test/java/com/microsoft/sqlserver/jdbc/fedauth/FedauthCommon.java

* Update fedAuth tests

* Revert "Updated fedauth error tests (#2538)"

This reverts commit dfb4b77.

* Revert "Update fedAuth tests"

This reverts commit da5c58b.

* Added ActiveDirectoryServicePrincipalCertificate for tests

* Add 'requireSecret' exclude tag for tests which require adding a secret to app registration

* Version update

* Add connection retry changes from 2513 to ensure existing timing tests pass

* Adjust timings on tests as the fix requires code changes we should not incorporate for this release

* Changelog

* Update dependency versions

---------

Signed-off-by: Jeff Wasty <[email protected]>
Co-authored-by: lilgreenbird <[email protected]>
Co-authored-by: Terry Chow <[email protected]>

Author: 3 people

CHANGELOG.md

@@ -3,6 +3,15 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 
+## [11.2.4] HotFix & Stable Release
+### Added
+- Added support for Azure Active Directory Service Principal Certificate Authentication [2128](https://github.com/microsoft/mssql-jdbc/pull/2128)
+### Changed
+- Made jdk.net optional OSGi import [2069](https://github.com/microsoft/mssql-jdbc/pull/2069)
+- Upgraded to latest OSGi JDBC specification [2017](https://github.com/microsoft/mssql-jdbc/pull/2017)
+- Managed Identity authentication uses Azure Identity library instead [1936](https://github.com/microsoft/mssql-jdbc/pull/1936)
+- Updated azure-security-keyvault-keys, azure-identity, antlr4, bouncycastle, junit, slf4j, gemini, gson, and h2 library versions
+
 ## [11.2.3] HotFix & Stable Release
 ### Fixed issues
 - Fixed null SQL state and zero error code when database exception is thrown [2022](https://github.com/microsoft/mssql-jdbc/pull/2022)

README.md

@@ -82,7 +82,7 @@ We're now on the Maven Central Repository. Add the following to your POM file to
 <dependency>
 	<groupId>com.microsoft.sqlserver</groupId>
 	<artifactId>mssql-jdbc</artifactId>
-	<version>11.2.1.jre18</version>
+	<version>11.2.4.jre18</version>
 </dependency>
 ```
 The driver can be downloaded from [Microsoft](https://aka.ms/downloadmssqljdbc).
@@ -93,7 +93,7 @@ To get the latest version of the driver, add the following to your POM file:
 <dependency>
 	<groupId>com.microsoft.sqlserver</groupId>
 	<artifactId>mssql-jdbc</artifactId>
-	<version>11.2.1.jre18</version>
+	<version>11.2.4.jre18</version>
 </dependency>
 ```
 
@@ -128,7 +128,7 @@ Projects that require either of the two features need to explicitly declare the
 <dependency>
 	<groupId>com.microsoft.sqlserver</groupId>
 	<artifactId>mssql-jdbc</artifactId>
-	<version>11.2.1.jre18</version>
+	<version>11.2.4.jre18</version>
 	<scope>compile</scope>
 </dependency>
 
@@ -146,7 +146,7 @@ Projects that require either of the two features need to explicitly declare the
 <dependency>
 	<groupId>com.microsoft.sqlserver</groupId>
 	<artifactId>mssql-jdbc</artifactId>
-	<version>11.2.1.jre18</version>
+	<version>11.2.4.jre18</version>
 	<scope>compile</scope>
 </dependency>
 
@@ -173,7 +173,7 @@ When setting 'useFmtOnly' property to 'true' for establishing a connection or cr
 <dependency>
 	<groupId>com.microsoft.sqlserver</groupId>
 	<artifactId>mssql-jdbc</artifactId>
-	<version>11.2.1.jre18</version>
+	<version>11.2.4.jre18</version>
 </dependency>
 
 <dependency>

build.gradle

@@ -11,7 +11,7 @@
 
 apply plugin: 'java'
 
-version = '11.2.3'
+version = '11.2.4'
 def jreVersion = ""
 def testOutputDir = file("build/classes/java/test")
 def archivesBaseName = 'mssql-jdbc'
@@ -128,31 +128,30 @@ repositories {
 
 dependencies {
     implementation 'org.osgi:org.osgi.core:6.0.0',
-			'org.osgi:org.osgi.compendium:5.0.0'
-	compileOnly 'com.azure:azure-security-keyvault-keys:4.2.8',
-			'com.azure:azure-identity:1.7.0-beta.2',
-			'org.antlr:antlr4-runtime:4.9.2',
-			'com.google.code.gson:gson:2.8.7',
-			'org.bouncycastle:bcprov-jdk15on:1.69',
-			'org.bouncycastle:bcpkix-jdk15on:1.69'
-    testImplementation 'org.junit.platform:junit-platform-console:1.5.2',
-			'org.junit.platform:junit-platform-commons:1.5.2',
-			'org.junit.platform:junit-platform-engine:1.5.2',
-			'org.junit.platform:junit-platform-launcher:1.5.2',
-			'org.junit.platform:junit-platform-runner:1.5.2',
+			'org.osgi:org.osgi.service.jdbc:1.1.0'
+	compileOnly 'com.azure:azure-security-keyvault-keys:4.9.2',
+			'com.azure:azure-identity:1.15.3',
+			'org.antlr:antlr4-runtime:4.9.3',
+			'com.google.code.gson:gson:2.11.0',
+			'org.bouncycastle:bcprov-jdk18on:1.79',
+			'org.bouncycastle:bcpkix-jdk18on:1.79'
+    testImplementation 'org.junit.platform:junit-platform-console:1.11.4',
+			'org.junit.platform:junit-platform-commons:1.11.4',
+			'org.junit.platform:junit-platform-engine:1.11.4',
+			'org.junit.platform:junit-platform-launcher:1.11.4',
+			'org.junit.platform:junit-platform-runner:1.11.4',
 			'org.junit.platform:junit-platform-surefire-provider:1.3.2',
-			'org.junit.jupiter:junit-jupiter-api:5.6.0',
-			'org.junit.jupiter:junit-jupiter-engine:5.6.0',
-			'org.junit.jupiter:junit-jupiter-params:5.6.0',
+			'org.junit.jupiter:junit-jupiter-api:5.11.4',
+			'org.junit.jupiter:junit-jupiter-engine:5.11.4',
+			'org.junit.jupiter:junit-jupiter-params:5.11.4',
 			'com.zaxxer:HikariCP:3.4.2',
-			'org.apache.commons:commons-dbcp2:2.7.0',
-			'org.slf4j:slf4j-nop:1.7.30',
-			'org.antlr:antlr4-runtime:4.9.2',
-			'org.eclipse.gemini.blueprint:gemini-blueprint-mock:2.1.0.RELEASE',
-			'com.google.code.gson:gson:2.8.7',
-			'org.bouncycastle:bcprov-jdk15on:1.69',
-			'com.azure:azure-security-keyvault-keys:4.2.8',
-			'com.azure:azure-identity:1.7.0-beta.2',
-			'com.microsoft.azure:adal4j:1.6.7',
-			'com.h2database:h2:1.4.200'
+			'org.apache.commons:commons-dbcp2:2.13.0',
+			'org.slf4j:slf4j-nop:1.7.36',
+			'org.antlr:antlr4-runtime:4.9.3',
+			'org.eclipse.gemini.blueprint:gemini-blueprint-mock:3.0.0.M01',
+			'com.google.code.gson:gson:2.11.0',
+			'org.bouncycastle:bcprov-jdk18on:1.79',
+			'com.azure:azure-security-keyvault-keys:4.9.1',
+			'com.azure:azure-identity:1.15.0',
+			'com.h2database:h2:2.2.220'
 }

mssql-jdbc_auth_LICENSE

@@ -1,5 +1,5 @@
 MICROSOFT SOFTWARE LICENSE TERMS
-MICROSOFT JDBC DRIVER 11.2.3 FOR SQL SERVER
+MICROSOFT JDBC DRIVER 11.2.4 FOR SQL SERVER
 
 These license terms are an agreement between you and Microsoft Corporation (or one of its affiliates). They apply to the software named above and any Microsoft services or software updates (except to the extent such services or updates are accompanied by new or additional terms, in which case those different terms apply prospectively and do not alter your or Microsoft’s rights relating to pre-updated software or services). IF YOU COMPLY WITH THESE LICENSE TERMS, YOU HAVE THE RIGHTS BELOW.  BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS.
 

pom.xml

@@ -6,7 +6,7 @@
 
 	<groupId>com.microsoft.sqlserver</groupId>
 	<artifactId>mssql-jdbc</artifactId>
-	<version>11.2.3</version>
+	<version>11.2.4</version>
 	<packaging>jar</packaging>
 
 	<name>Microsoft JDBC Driver for SQL Server</name>
@@ -50,37 +50,36 @@
 			xAzureSQLDB - - - - For tests not compatible with Azure SQL Database - - 
 			xAzureSQLDW - - - - For tests not compatible with Azure Data Warehouse - 
 			xAzureSQLMI - - - - For tests not compatible with Azure SQL Managed Instance 
-			NTLM - - - - - - For tests using NTLM Authentication mode (excluded by default) 
-			reqExternalSetup - For tests requiring external setup (excluded by default) 
+			NTLM  - - - - - - - For tests using NTLM Authentication mode (excluded by default)
+			Kerberos -  - - - - For tests using Kerberos authentication (excluded by default)
+			reqExternalSetup - For tests requiring external setup (excluded by default)
 			clientCertAuth - - For tests requiring client certificate authentication 
 			setup (excluded by default) - - - - - - - - - - - - - - - - - - - - - - - 
+			requireSecret - For tests requiring setting up secrets manually
 			- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
 			Default testing enabled with SQL Server 2019 (SQLv15) -->
-		<excludedGroups>xSQLv12,xSQLv15,NTLM,MSI,reqExternalSetup,clientCertAuth,fedAuth</excludedGroups>
-
+		<excludedGroups>xSQLv12,xSQLv15,NTLM,MSI,reqExternalSetup,clientCertAuth,fedAuth,kerberos,requireSecret</excludedGroups>
 		<!-- Use -preview for preview release, leave empty for official release. -->
 		<releaseExt></releaseExt>
-
+		
 		<!-- Driver Dependencies -->
 		<org.osgi.core.version>6.0.0</org.osgi.core.version>
-		<azure-security-keyvault-keys.version>4.4.4</azure-security-keyvault-keys.version>
-		<azure-identity.version>1.5.3</azure-identity.version>
-		<msal.version>1.13.0</msal.version>
-		<org.osgi.compendium.version>5.0.0</org.osgi.compendium.version>
+		<azure-security-keyvault-keys.version>4.9.2</azure-security-keyvault-keys.version>
+		<azure-identity.version>1.15.3</azure-identity.version>
+		<msal.version>1.17.2</msal.version>
+		<osgi.jdbc.version>1.1.0</osgi.jdbc.version>
 		<antlr-runtime.version>4.9.3</antlr-runtime.version>
-		<com.google.code.gson.version>2.9.0</com.google.code.gson.version>
-		<bcprov-jdk15on.version>1.70</bcprov-jdk15on.version>
-		<bcpkix-jdk15on.version>1.70</bcpkix-jdk15on.version>
-
+		<com.google.code.gson.version>2.11.0</com.google.code.gson.version>
+		<bcprov-jdk18on.version>1.79</bcprov-jdk18on.version>
+		<bcpkix-jdk18on.version>1.79</bcpkix-jdk18on.version>
 		<!-- JUnit Test Dependencies -->
-		<junit.platform.version>[1.3.2, 1.9.0]</junit.platform.version>
-		<junit.jupiter.version>5.8.2</junit.jupiter.version>
+		<junit.platform.version>[1.3.2, 1.11.4]</junit.platform.version>
+		<junit.jupiter.version>5.11.4</junit.jupiter.version>
 		<hikaricp.version>3.4.2</hikaricp.version>
-		<dbcp2.version>2.7.0</dbcp2.version>
-		<slf4j.nop.version>1.7.30</slf4j.nop.version>
-		<gemini.mock.version>2.1.0.RELEASE</gemini.mock.version>
-		<h2.version>2.1.210</h2.version>
-
+		<dbcp2.version>2.13.0</dbcp2.version>
+		<slf4j.nop.version>1.7.36</slf4j.nop.version>
+		<gemini.mock.version>3.0.0.M01</gemini.mock.version>
+		<h2.version>2.2.220</h2.version>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>${project.build.sourceEncoding}</project.reporting.outputEncoding>
 		<enforcer.skip>false</enforcer.skip>
@@ -109,7 +108,7 @@
 		<dependency>
 			<groupId>com.microsoft.azure</groupId>
 			<artifactId>msal4j</artifactId>
-			<version>1.13.0</version>
+			<version>${msal.version}</version>
 			<optional>true</optional>
 		</dependency>
 
@@ -130,15 +129,15 @@
 		</dependency>
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
-			<artifactId>bcprov-jdk15on</artifactId>
-			<version>${bcprov-jdk15on.version}</version>
+			<artifactId>bcprov-jdk18on</artifactId>
+			<version>${bcprov-jdk18on.version}</version>
 			<optional>true</optional>
 		</dependency>
 		<!-- dependencies for Client Certificate Authentication -->
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
-			<artifactId>bcpkix-jdk15on</artifactId>
-			<version>${bcpkix-jdk15on.version}</version>
+			<artifactId>bcpkix-jdk18on</artifactId>
+			<version>${bcpkix-jdk18on.version}</version>
 			<optional>true</optional>
 		</dependency>
 		<!-- dependencies provided by an OSGi-Framework -->
@@ -150,8 +149,8 @@
 		</dependency>
 		<dependency>
 			<groupId>org.osgi</groupId>
-			<artifactId>org.osgi.compendium</artifactId>
-			<version>${org.osgi.compendium.version}</version>
+			<artifactId>org.osgi.service.jdbc</artifactId>
+			<version>${osgi.jdbc.version}</version>
 			<scope>provided</scope>
 		</dependency>
 
@@ -241,7 +240,30 @@
 			<scope>test</scope>
 		</dependency>
 	</dependencies>
-
+	<repositories>
+		<repository>
+			<id>central</id>
+			<url>https://sqlclientdrivers.pkgs.visualstudio.com/public/_packaging/mssql-jdbc/maven/v1</url>
+			<releases>
+				<enabled>true</enabled>
+			</releases>
+			<snapshots>
+				<enabled>true</enabled>
+			</snapshots>
+		</repository>
+	</repositories>
+	<pluginRepositories>
+		<pluginRepository>
+			<id>central</id>
+			<url>https://sqlclientdrivers.pkgs.visualstudio.com/public/_packaging/mssql-jdbc/maven/v1</url>
+			<releases>
+				<enabled>true</enabled>
+			</releases>
+			<snapshots>
+				<enabled>true</enabled>
+			</snapshots>
+		</pluginRepository>
+	</pluginRepositories>
 	<profiles>
 		<profile>
 			<id>jre8</id>
@@ -495,7 +517,7 @@
 							com.microsoft.sqlserver.jdbc.dataclassification,
 							microsoft.sql
 						</_exportcontents>
-						<Import-Package>!microsoft.sql,*</Import-Package>
+						<Import-Package>!microsoft.sql,jdk.net;resolution:=optional,*</Import-Package>
 						<Bundle-Activator>com.microsoft.sqlserver.jdbc.osgi.Activator</Bundle-Activator>
 					</instructions>
 				</configuration>
@@ -539,7 +561,7 @@
 			<plugin>
 				<groupId>org.jacoco</groupId>
 				<artifactId>jacoco-maven-plugin</artifactId>
-				<version>0.8.8</version>
+				<version>0.8.12</version>
 				<executions>
 					<execution>
 						<id>pre-test</id>

src/main/java/com/microsoft/sqlserver/jdbc/IOBuffer.java

@@ -15,6 +15,7 @@
 import java.io.Reader;
 import java.io.Serializable;
 import java.io.UnsupportedEncodingException;
+import java.lang.reflect.InvocationTargetException;
 import java.math.BigDecimal;
 import java.math.BigInteger;
 import java.math.RoundingMode;
@@ -196,12 +197,17 @@ final class TDS {
     static final int TDS_FEDAUTH_LIBRARY_SECURITYTOKEN = 0x01;
     static final int TDS_FEDAUTH_LIBRARY_ADAL = 0x02;
     static final int TDS_FEDAUTH_LIBRARY_RESERVED = 0x7F;
+
+    // workflows
     static final byte ADALWORKFLOW_ACTIVEDIRECTORYPASSWORD = 0x01;
     static final byte ADALWORKFLOW_ACTIVEDIRECTORYINTEGRATED = 0x02;
-    static final byte ADALWORKFLOW_ACTIVEDIRECTORYMSI = 0x03;
+    static final byte ADALWORKFLOW_ACTIVEDIRECTORYMANAGEDIDENTITY = 0x03;
     static final byte ADALWORKFLOW_ACTIVEDIRECTORYINTERACTIVE = 0x03;
+    static final byte ADALWORKFLOW_ACTIVEDIRECTORYDEFAULT = 0x03;
     static final byte ADALWORKFLOW_ACTIVEDIRECTORYSERVICEPRINCIPAL = 0x01; // Using the Password byte as that is the
-                                                                           // closest we have.
+                                                                           // closest we have
+    static final byte ADALWORKFLOW_ACTIVEDIRECTORYSERVICEPRINCIPALCERTIFICATE = 0x01;
+
     static final byte FEDAUTH_INFO_ID_STSURL = 0x01; // FedAuthInfoData is token endpoint URL from which to acquire fed
                                                      // auth token
     static final byte FEDAUTH_INFO_ID_SPN = 0x02; // FedAuthInfoData is the SPN to use for acquiring fed auth token
@@ -795,6 +801,28 @@ final InetSocketAddress open(String host, int port, int timeoutMillis, boolean u
         return (InetSocketAddress) channelSocket.getRemoteSocketAddress();
     }
 
+    /**
+     * Set TCP keep-alive options for idle connection resiliency
+     */
+    private void setSocketOptions(Socket tcpSocket, TDSChannel channel) throws IOException {
+        try {
+            if (SQLServerDriver.socketSetOptionMethod != null && SQLServerDriver.socketKeepIdleOption != null
+                    && SQLServerDriver.socketKeepIntervalOption != null) {
+                if (logger.isLoggable(Level.FINER)) {
+                    logger.finer(channel.toString() + ": Setting KeepAlive extended socket options.");
+                }
+
+                SQLServerDriver.socketSetOptionMethod.invoke(tcpSocket, SQLServerDriver.socketKeepIdleOption, 30); // 30 seconds
+                SQLServerDriver.socketSetOptionMethod.invoke(tcpSocket, SQLServerDriver.socketKeepIntervalOption, 1); // 1 second
+            }
+        } catch (IllegalAccessException | InvocationTargetException e) {
+            if (logger.isLoggable(Level.FINER)) {
+                logger.finer(channel.toString() + ": KeepAlive extended socket options not supported on this platform. "
+                        + e.getMessage());
+            }
+        }
+    }
+
     /**
      * Disables SSL on this TDS channel.
      */
@@ -1756,7 +1784,7 @@ else if (con.getTrustManagerClass() != null) {
             if (logger.isLoggable(Level.FINEST))
                 logger.finest(toString() + " Getting TLS or better SSL context");
 
-            KeyManager[] km = (null != clientCertificate && clientCertificate.length() > 0) ? SQLServerCertificateUtils
+            KeyManager[] km = (null != clientCertificate && !clientCertificate.isEmpty()) ? SQLServerCertificateUtils
                     .getKeyManagerFromFile(clientCertificate, clientKey, clientKeyPassword) : null;
 
             sslContext = SSLContext.getInstance(sslProtocol);

src/main/java/com/microsoft/sqlserver/jdbc/ISQLServerConnection.java

@@ -409,17 +409,16 @@ CallableStatement prepareCall(String sql, int nType, int nConcur, int nHold,
     String getIPAddressPreference();
 
     /**
-     * Gets the time-to-live for the the cached MSI token
-     *
-     * @return time-to-live for the cached MSI token
+     * Deprecated. Time-to-live is no longer supported for the cached Managed Identity tokens.
+     * This method will always return 0 and is for backwards compatibility only.
      */
+    @Deprecated
     int getMsiTokenCacheTtl();
 
     /**
-     * Sets time-to-live for the the cached MSI token
-     *
-     * @param timeToLive
-     *        Changes the setting as per description
+     * Deprecated. Time-to-live is no longer supported for the cached Managed Identity tokens.
+     * This method is a no-op for backwards compatibility only.
      */
+    @Deprecated
     void setMsiTokenCacheTtl(int timeToLive);
 }