Skip to content

Fix ConfigureAwait(false) deadlock issue in BaseBearerTokenAuthenticationProvider#555

Merged
baywet merged 3 commits into
mainfrom
copilot/fix-554
Jul 4, 2025
Merged

Fix ConfigureAwait(false) deadlock issue in BaseBearerTokenAuthenticationProvider#555
baywet merged 3 commits into
mainfrom
copilot/fix-554

Conversation

Copilot AI commented Jul 3, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

The AuthenticateRequestAsync method in BaseBearerTokenAuthenticationProvider.cs was missing .ConfigureAwait(false) on its await call, which can cause deadlocks in legacy (.NET Framework) applications when used with synchronous blocking calls.

Problem

When using Microsoft.Graph (which uses Kiota) in non-async contexts with patterns like:

graphClient.Users["email"].SendMail
    .PostAsync(requestBody)
    .ConfigureAwait(false)
    .GetAwaiter()
    .GetResult();

The authentication provider's AuthenticateRequestAsync method would deadlock because it wasn't using ConfigureAwait(false) internally.

Solution

Added .ConfigureAwait(false) to the await call in BaseBearerTokenAuthenticationProvider.cs:

// Before
var token = await AccessTokenProvider.GetAuthorizationTokenAsync(request.URI, additionalAuthenticationContext, cancellationToken);

// After  
var token = await AccessTokenProvider.GetAuthorizationTokenAsync(request.URI, additionalAuthenticationContext, cancellationToken).ConfigureAwait(false);

This change follows the existing pattern used throughout the Kiota codebase and prevents deadlocks when the authentication provider is used in synchronous contexts.

Testing

  • Added a new test BaseBearerTokenAuthenticationProviderUsesConfigureAwaitFalse to validate the fix
  • All existing authentication tests continue to pass
  • Verified no other similar issues exist in the authentication provider files

Fixes #554.

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

@baywet
Fix ConfigureAwait(false) deadlock issue in BaseBearerTokenAuthentica…
4dd3553 
…tionProvider

Co-authored-by: baywet <7905502+baywet@users.noreply.github.com>
Copilot AI changed the title [WIP] AuthenticateRequestAsync in BaseBearerTokenAuthenticationProvider.cs lacks ConfigureAait(false), causing deadlocks Fix ConfigureAwait(false) deadlock issue in BaseBearerTokenAuthenticationProvider Jul 3, 2025
Copilot AI requested a review from baywet July 3, 2025 13:45
Copilot finished work on behalf of baywet July 3, 2025 13:45
@baywet baywet marked this pull request as ready for review July 3, 2025 13:49
@baywet baywet requested a review from a team as a code owner July 3, 2025 13:49
@baywet baywet enabled auto-merge July 3, 2025 13:50
@sonarqubecloud

sonarqubecloud Bot commented Jul 3, 2025

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarqubecloud

sonarqubecloud Bot commented Jul 3, 2025

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@baywet baywet merged commit 473b886 into main Jul 4, 2025
12 checks passed
@baywet baywet deleted the copilot/fix-554 branch July 4, 2025 19:13
@github-project-automation github-project-automation Bot moved this to Done ✔️ in Kiota Jul 4, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adrian05-ms adrian05-ms adrian05-ms approved these changes

+1 more reviewer

@baywet baywet baywet approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@baywet baywet

Copilot code review Copilot

Labels

None yet

Projects

Kiota
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AuthenticateRequestAsync in BaseBearerTokenAuthenticationProvider.cs lacks ConfigureAait(false), causing deadlocks

3 participants

@baywet @adrian05-ms