From 96c5ec81e2f983f963e7d8312f909c627e7ef3a2 Mon Sep 17 00:00:00 2001
From: Simon Sabin <1209963+simonsabin@users.noreply.github.com>
Date: Thu, 20 Apr 2023 16:49:47 +0100
Subject: [PATCH] Enable empty passwords (#2021)

---
 .../Connection/ConnectionService.cs           |  5 +++-
 .../Connection/ConnectionServiceTests.cs      | 30 +++++++++++++++++--
 2 files changed, 32 insertions(+), 3 deletions(-)

diff --git a/src/Microsoft.SqlTools.ServiceLayer/Connection/ConnectionService.cs b/src/Microsoft.SqlTools.ServiceLayer/Connection/ConnectionService.cs
index b365a159..1be64041 100644
--- a/src/Microsoft.SqlTools.ServiceLayer/Connection/ConnectionService.cs
+++ b/src/Microsoft.SqlTools.ServiceLayer/Connection/ConnectionService.cs
@@ -1377,7 +1377,10 @@ namespace Microsoft.SqlTools.ServiceLayer.Connection
                         break;
                     case SqlLogin:
                         connectionBuilder.UserID = connectionDetails.UserName;
-                        connectionBuilder.Password = connectionDetails.Password;
+                        if (!string.IsNullOrEmpty(connectionDetails.Password))
+                        {
+                            connectionBuilder.Password = connectionDetails.Password;
+                        }
                         connectionBuilder.Authentication = SqlAuthenticationMethod.SqlPassword;
                         break;
                     case AzureMFA:
diff --git a/test/Microsoft.SqlTools.ServiceLayer.UnitTests/Connection/ConnectionServiceTests.cs b/test/Microsoft.SqlTools.ServiceLayer.UnitTests/Connection/ConnectionServiceTests.cs
index 2f03677a..1b76c0b1 100644
--- a/test/Microsoft.SqlTools.ServiceLayer.UnitTests/Connection/ConnectionServiceTests.cs
+++ b/test/Microsoft.SqlTools.ServiceLayer.UnitTests/Connection/ConnectionServiceTests.cs
@@ -469,8 +469,35 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
             Assert.That(connectionResult.ErrorMessage, Is.Not.Null.Or.Empty, "check that an error was caught");
         }
 
-        static readonly object[] noUserNameOrPassword =
+        static readonly object[] noPassword =
         {
+            new object[] {"sa", null},
+            new object[] {"sa", ""},
+        };
+
+      
+        /// <summary>
+        /// Verify that when using sql logins, the password can be empty.
+        /// </summary>
+        [Test, TestCaseSource(nameof(noPassword))]
+        public void ConnectingWithNoPasswordWorksForSqlLogin(string userName, string password)
+        {
+            // Connect
+            var connectionResult = 
+                ConnectionService.CreateConnectionStringBuilder(new ConnectionDetails()
+                    {
+                        ServerName = "my-server",
+                        DatabaseName = "test",
+                        UserName = userName,
+                        Password = password,
+                        AuthenticationType = SqlLogin
+                    });
+
+            Assert.That(connectionResult, Is.Not.Null.Or.Empty, "check that the connection was successful");
+        }
+
+        static readonly object[] noUserNameOrPassword =
+    {
             new object[] {null, null},
             new object[] {null, ""},
             new object[] {"", null},
@@ -480,7 +507,6 @@ namespace Microsoft.SqlTools.ServiceLayer.UnitTests.Connection
             new object[] {null, "12345678"},
             new object[] {"", "12345678"},
         };
-
         /// <summary>
         /// Verify that when using integrated authentication, the username and/or password can be empty.
         /// </summary>