2

I am getting the below error while trying to enable column encryption with azure key vault

cannot convert from 'method group' to 'TokenCredential'

I am using .Net Core 3.1

Main class

static void Main(string[] args)
{          

        InitializeAzureKeyVaultProvider();
}


private static void InitializeAzureKeyVaultProvider()
{
        _clientCredential = new ClientCredential(clientId, clientSecret);
        SqlColumnEncryptionAzureKeyVaultProvider azureKeyVaultProvider =
          new SqlColumnEncryptionAzureKeyVaultProvider(GetToken);  // error comes here

        Dictionary<string, SqlColumnEncryptionKeyStoreProvider> providers =
          new Dictionary<string, SqlColumnEncryptionKeyStoreProvider>();

        providers.Add(SqlColumnEncryptionAzureKeyVaultProvider.ProviderName, azureKeyVaultProvider);
        SqlConnection.RegisterColumnEncryptionKeyStoreProviders(providers);
    }

private static async Task<string> GetToken(string authority, string resource, string scope)
{
        var authContext = new AuthenticationContext(authority);
        AuthenticationResult result = await authContext.AcquireTokenAsync(resource, _clientCredential);

        if (result == null)
            throw new InvalidOperationException("Failed to obtain the access token");
        return result.AccessToken;
}

I am trying to use key vault to decrypt the encrypted column values in SQL Server , I am referring this document : https://learn.microsoft.com/en-us/azure/azure-sql/database/always-encrypted-azure-key-vault-configure?tabs=azure-powershell

kudlatiger
  • 3,028
  • 8
  • 48
  • 98
  • 2
    You're missing the parentheses to invoke the method, add `()` to the end of `GetToken` and pass it the correct parameters – MindSwipe Mar 29 '21 at 11:52
  • @MindSwipe No, I have tried even that. Added Microsoft document link. – kudlatiger Mar 29 '21 at 11:54
  • If you put the parentheses at the correct spot, i.e `GetToken()`, the error message will change to something along the lines of `There is no argument given that corresponds to the required formal parameter 'authority' of 'Program.GetToken(string, string, string)'`, to solve that one you'll need to provide the parameters, something like `GetToken(myAuthority, myResource, myScope)` – MindSwipe Mar 29 '21 at 11:58
  • Related: [What is a method group in C#](https://stackoverflow.com/a/886840/9363973) which has a comment stating that method group is defined in section 7.1 of the C# 3.0 specification which can be downloaded [here](https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwithqPxudXvAhVM4qQKHQ7hBYMQFjAAegQIBRAD&url=https%3A%2F%2Fdownload.microsoft.com%2Fdownload%2F3%2F8%2F8%2F388e7205-bc10-4226-b2a8-75351c669b09%2Fcsharp%2520language%2520specification.doc&usg=AOvVaw2OdB2hE2cQcpxZ-CYRDCQz) – MindSwipe Mar 29 '21 at 12:00
  • 1
    That code was written for version 1 of the `Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider` package but you have imported v2 – DavidG Mar 29 '21 at 12:00
  • 1
    DavidG is right, the constructor your trying to call is [this](https://learn.microsoft.com/en-us/dotnet/api/microsoft.data.sqlclient.alwaysencrypted.azurekeyvaultprovider.sqlcolumnencryptionazurekeyvaultprovider.-ctor?view=akvprovider-dotnet-core-1.1#Microsoft_Data_SqlClient_AlwaysEncrypted_AzureKeyVaultProvider_SqlColumnEncryptionAzureKeyVaultProvider__ctor_Microsoft_Azure_KeyVault_KeyVaultClient_AuthenticationCallback_) one [... due to insanely long Microsoft docs link] – MindSwipe Mar 29 '21 at 12:05
  • , which takes a parameter in the form of a [`KeyValutClient.AutenticationCallback`](https://learn.microsoft.com/en-us/dotnet/api/microsoft.azure.keyvault.keyvaultclient.authenticationcallback?view=azure-dotnet-legacy) which is the delegate your `GetToken` is. So, which version of the `Azure SDK for .NET` are you using? – MindSwipe Mar 29 '21 at 12:05
  • 1
    You need to do something like `new SqlColumnEncryptionAzureKeyVaultProvider(new ClientCertificateCredential(tenantId, clientId, clientCertPath))` – DavidG Mar 29 '21 at 12:13
  • Great, let me try the recommendations. keep you all posted. Code sample or link could u share? – kudlatiger Mar 29 '21 at 13:42
  • @MindSwipe I am using .Net Core 3.1 – kudlatiger Mar 29 '21 at 13:45
  • 1
    @DavidG By downgrading to v1 error is resolved. Awesome. Let me test further. – kudlatiger Mar 29 '21 at 13:49
  • @DavidG GetToken is not firing!! any idea why its not? – kudlatiger Mar 29 '21 at 17:10

1 Answers1

0

As explained by DavidG and MindSwipe, the Issue resolved by downgrading the below nuget package to v1

 Microsoft.Data.SqlClient.AlwaysEncrypted.AzureKeyVaultProvider
kudlatiger
  • 3,028
  • 8
  • 48
  • 98