Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Customised bearerTokenAuthenticationPolicy will fail to get access token at the first time #21820

Closed
1 of 3 tasks
MaryGao opened this issue May 11, 2022 · 1 comment · Fixed by #22324
Closed
1 of 3 tasks

Customised bearerTokenAuthenticationPolicy will fail to get access token at the first time #21820

MaryGao opened this issue May 11, 2022 · 1 comment · Fixed by #22324
Assignees
@MaryGao
Labels
Azure.Core Client This issue points to a problem in the data-plane of the library.
Milestone
2022-07

Comments

@MaryGao
Copy link
Member

MaryGao commented May 11, 2022
edited
Loading

  • Package Name: @azure/core-rest-pipeline
  • Package Version: 1.8.2
  • Operating system: Windows
  • Is the bug related to documentation in

Describe the bug

In HLC we have below codes to add bearerTokenAuthenticationPolicy to enable the CAE feature, but once the policy is enabled we fail to authenticate and got below error. If I didn't add this policy I could get the first token but failed to pass CAE process.

import * as coreRestPipeline from "@azure/core-rest-pipeline";

export class SubscriptionClient extends coreClient.ServiceClient {
constructor(
    credentials: coreAuth.TokenCredential,
    options?: SubscriptionClientOptionalParams
  ) {
   // Add our customised policy by function bearerTokenAuthenticationPolicy
   this.pipeline.addPolicy(
        coreRestPipeline.bearerTokenAuthenticationPolicy({
          scopes: `${optionsWithDefaults.baseUri}/.default`,
          challengeCallbacks: {
            authorizeRequestOnChallenge:
              coreClient.authorizeRequestOnClaimChallenge
          }
        })
      );
    }
}

Error

status: 401,
    headers: HttpHeadersImpl {
      _headersMap: Map(14) {
        'www-authenticate' => {
          name: 'www-authenticate',
          value: `Bearer authorization_uri="https://login.windows.net/", error="invalid_token", error_description="The 
authentication failed because of missing 'Authorization' header."`
        },

To Reproduce
Steps to reproduce the behavior:

  1. Choose whatever the client you like, here I chose @azure/arm-subscriptions
  2. Upgrade the client to use the @azure/core-rest-pipeline@1.8.2
  3. Add the above policy to do authentication
  4. Get the 401 errors
  5. I debugged into the code I found below code failed to get access token
await callbacks.authorizeRequest({
        scopes: Array.isArray(scopes) ? scopes : [scopes],
        request,
        getAccessToken,
        logger,
      });

Expected behavior
Expect the auth could be successful and if we test in CAE tenant it could pass the challenges

Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
If I didn't add our policy by function bearerTokenAuthenticationPolicy I could get the first auth token but fail to finish CAE process.
@ghost ghost added the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label May 11, 2022
@azure-sdk
Copy link
Collaborator

Label prediction was below confidence level 0.6 for Model:ServiceLabels: 'Azure.Core:0.18170801,Storage:0.14154309,Docs:0.06791836'

@MaryGao MaryGao mentioned this issue May 11, 2022
Merged
@xirzec xirzec added Client This issue points to a problem in the data-plane of the library. Azure.Core labels May 17, 2022
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label May 17, 2022
@xirzec xirzec added this to the [2022] June milestone May 17, 2022
@xirzec xirzec modified the milestones: [2022] June, [2022] July Jun 13, 2022
@MaryGao MaryGao assigned MaryGao and unassigned joheredi Jun 16, 2022
@MaryGao MaryGao mentioned this issue Jul 6, 2022
Merged
azure-sdk pushed a commit to azure-sdk/azure-sdk-for-js that referenced this issue Dec 15, 2022
CodeGen from PR 21820 in Azure/azure-rest-api-specs
09a885b 
[Hub Generated] Publish private branch 'dev/armohommed/200' (Azure#21820)

* add or modify files

* fix model
@github-actions github-actions bot locked and limited conversation to collaborators Apr 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@MaryGao MaryGao

Labels
Azure.Core Client This issue points to a problem in the data-plane of the library.
Projects
None yet
Milestone
2022-07
Development

Successfully merging a pull request may close this issue.

Fix the CAE bug in js core lib MaryGao/azure-sdk-for-js
4 participants
@xirzec @MaryGao @joheredi @azure-sdk