From 37071c6bfd419fe63d2f1679b52d5c1212111a23 Mon Sep 17 00:00:00 2001 From: Tu Zhanle Date: Mon, 9 Dec 2019 00:27:25 -0800 Subject: [PATCH 1/8] DefaultAzureCredential exception issues #8936 --- .../Azure.Identity/src/AuthenticationFailedException.cs | 4 ++-- sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs | 2 +- sdk/identity/Azure.Identity/src/EnvironmentCredential.cs | 2 +- sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs b/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs index 6a75d50b86a81..7aabc7f6ffe87 100644 --- a/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs +++ b/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs @@ -40,11 +40,11 @@ internal static AuthenticationFailedException CreateAggregateException(string me { if (innerExceptions[i] is CredentialUnavailableException) { - exStr.AppendLine($" {credentials.Span[i].GetType().Name} is unavailable {innerExceptions[i].Message}."); + exStr.AppendLine($" {credentials.Span[i].GetType().Name} is unavailable. {innerExceptions[i].Message}"); } else { - exStr.AppendLine($" {credentials.Span[i].GetType().Name} failed with {innerExceptions[i].Message}."); + exStr.AppendLine($" {credentials.Span[i].GetType().Name} failed with {innerExceptions[i].Message}"); } } diff --git a/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs b/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs index 483eb464efa2b..6a5970549ca50 100644 --- a/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs +++ b/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs @@ -115,7 +115,7 @@ private async Task GetTokenAsync(bool isAsync, TokenRequestContext { exceptions.Add(exToken.Exception); - throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage} {_sources[i].GetType().Name} failed with unhandled exception {exToken.Exception.Message}.", new ReadOnlyMemory(_sources, 0, i + 1), exceptions)); + throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage} {_sources[i].GetType().Name} failed with unhandled exception. {exToken.Exception.Message}", new ReadOnlyMemory(_sources, 0, i+1 ), exceptions)); } } diff --git a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs index bb366bd5c9d6a..5e4de00594548 100644 --- a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs +++ b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs @@ -100,7 +100,7 @@ internal EnvironmentCredential(CredentialPipeline pipeline) builder.Append(" AZURE_PASSWORD"); } - _unavailbleErrorMessage = builder.Append(" ]").ToString(); + _unavailbleErrorMessage = builder.Append(" ].").ToString(); } } diff --git a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs index 3f95ffc8c0120..37925a0f67511 100644 --- a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs +++ b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs @@ -19,9 +19,9 @@ namespace Azure.Identity /// public class SharedTokenCacheCredential : TokenCredential, IExtendedTokenCredential { - internal const string NoAccountsInCacheMessage = "No accounts were found in thecache. To authenticate with the SharedTokenCacheCredential, login an account through developer tooling supporting Azure single sign on."; + internal const string NoAccountsInCacheMessage = "No accounts were found in the cache. To authenticate with the SharedTokenCacheCredential, log in an account with a development tool that supports Azure single sign on."; internal const string MultipleAccountsInCacheMessage = "Multiple accounts were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {0}"; - internal const string NoMatchingAccountsInCacheMessage = "No account matching the specified{0}{1} was found in the cache. To authenticate with the SharedTokenCacheCredential, login an account through developer tooling supporting Azure single sign on. {2}"; + internal const string NoMatchingAccountsInCacheMessage = "No account matching the specified{0}{1} was found in the cache. To authenticate with the SharedTokenCacheCredential, login an account with a development tool that supports Azure single sign on. {2}"; internal const string MultipleMatchingAccountsInCacheMessage = "Multiple accounts matching the specified{0}{1} were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {2}"; private readonly MsalPublicClient _client; From f4ae9e8930c900fcf10892afc5dfae12e4bb0ca6 Mon Sep 17 00:00:00 2001 From: Tu Zhanle Date: Wed, 11 Dec 2019 02:20:19 -0800 Subject: [PATCH 2/8] Simplify and consistent error messages across all Credential classes --- .../src/AuthenticationFailedException.cs | 21 +++--- sdk/identity/Azure.Identity/src/Constants.cs | 2 +- .../src/DefaultAzureCredential.cs | 8 +-- .../src/EnvironmentCredential.cs | 69 ++++++++++--------- .../src/ManagedIdentityCredential.cs | 2 +- .../src/SharedTokenCacheCredential.cs | 4 +- 6 files changed, 54 insertions(+), 52 deletions(-) diff --git a/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs b/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs index 7aabc7f6ffe87..77fbcb76e2422 100644 --- a/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs +++ b/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs @@ -34,21 +34,22 @@ public AuthenticationFailedException(string message, Exception innerException) internal static AuthenticationFailedException CreateAggregateException(string message, ReadOnlyMemory credentials, IList innerExceptions) { - StringBuilder exStr = new StringBuilder(message).AppendLine(); + StringBuilder exStr = new StringBuilder(message); for (int i = 0; i < credentials.Length; i++) { - if (innerExceptions[i] is CredentialUnavailableException) - { - exStr.AppendLine($" {credentials.Span[i].GetType().Name} is unavailable. {innerExceptions[i].Message}"); - } - else - { - exStr.AppendLine($" {credentials.Span[i].GetType().Name} failed with {innerExceptions[i].Message}"); - } + //if (innerExceptions[i] is CredentialUnavailableException) + //{ + // exStr.AppendLine($" {credentials.Span[i].GetType().Name} is unavailable. {innerExceptions[i].Message}."); + //} + //else + //{ + // exStr.AppendLine($" {credentials.Span[i].GetType().Name} failed with {innerExceptions[i].Message}."); + //} + exStr.Append($" {credentials.Span[i].GetType().Name}: {innerExceptions[i].Message}."); } - exStr.Append("See inner exception for more detail."); + //exStr.Append("See inner exception for more detail."); return new AuthenticationFailedException(exStr.ToString(), new AggregateException(message, innerExceptions.ToArray())); } diff --git a/sdk/identity/Azure.Identity/src/Constants.cs b/sdk/identity/Azure.Identity/src/Constants.cs index 9a6aaf6f23215..cc7aeed5173d7 100644 --- a/sdk/identity/Azure.Identity/src/Constants.cs +++ b/sdk/identity/Azure.Identity/src/Constants.cs @@ -13,7 +13,7 @@ internal class Constants // TODO: Currently this is piggybacking off the Azure CLI client ID, but needs to be switched once the Developer Sign On application is available public const string DeveloperSignOnClientId = "04b07795-8ddb-461a-bbee-02f9e1bf7b46"; - public const string AuthenticationUnhandledExceptionMessage = "The authentication request failed due to an unhandled exception. See inner exception for details."; + public const string AuthenticationUnhandledExceptionMessage = "The authentication request failed due to an unhandled exception. See inner exception for details"; public static string SharedTokenCacheFilePath { get { return Path.Combine(DefaultCacheDirectory, "msal.cache"); } } diff --git a/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs b/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs index 6a5970549ca50..2d141c3cb76af 100644 --- a/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs +++ b/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs @@ -28,8 +28,8 @@ namespace Azure.Identity /// public class DefaultAzureCredential : TokenCredential { - private const string DefaultExceptionMessage = "The DefaultAzureCredential failed to retrieve a token from the included credentials."; - private const string UnhandledExceptionMessage = "The DefaultAzureCredential failed due to an unhandled exception: "; + private const string DefaultExceptionMessage = "DefaultAzureCredential was unable to retrieve a token. Please review the Azure Identity documentation for instructions on how to configure each credential."; + private const string UnhandledExceptionMessage = "DefaultAzureCredential failed due to an unhandled exception: "; private static readonly IExtendedTokenCredential[] s_defaultCredentialChain = GetDefaultAzureCredentialChain(new DefaultAzureCredentialFactory(CredentialPipeline.GetInstance(null)), new DefaultAzureCredentialOptions()); private readonly IExtendedTokenCredential[] _sources; @@ -106,7 +106,6 @@ private async Task GetTokenAsync(bool isAsync, TokenRequestContext { return scope.Succeeded(exToken.AccessToken); } - if (exToken.Exception is CredentialUnavailableException) { exceptions.Add(exToken.Exception); @@ -115,7 +114,8 @@ private async Task GetTokenAsync(bool isAsync, TokenRequestContext { exceptions.Add(exToken.Exception); - throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage} {_sources[i].GetType().Name} failed with unhandled exception. {exToken.Exception.Message}", new ReadOnlyMemory(_sources, 0, i+1 ), exceptions)); + //throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage} {_sources[i].GetType().Name} failed with unhandled exception. {exToken.Exception.Message}", new ReadOnlyMemory(_sources, 0, i + 1), exceptions)); + throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage}", new ReadOnlyMemory(_sources, 0, i + 1), exceptions)); } } diff --git a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs index 5e4de00594548..ef1ed532f83aa 100644 --- a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs +++ b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs @@ -28,7 +28,8 @@ public class EnvironmentCredential : TokenCredential, IExtendedTokenCredential { private readonly CredentialPipeline _pipeline; private readonly TokenCredential _credential; - private readonly string _unavailbleErrorMessage; + //private readonly string _unavailbleErrorMessage; + private const string UnavailableErrorMessage = "Environment variables not set"; /// /// Creates an instance of the EnvironmentCredential class and reads client secret details from environment variables. @@ -71,37 +72,37 @@ internal EnvironmentCredential(CredentialPipeline pipeline) } } - if (_credential is null) - { - StringBuilder builder = new StringBuilder("Environment variables not fully configured. AZURE_TENANT_ID and AZURE_CLIENT_ID must be set, along with either AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD. Currently set variables [ "); - - if (tenantId != null) - { - builder.Append(" AZURE_TENANT_ID"); - } - - if (clientId != null) - { - builder.Append(" AZURE_CLIENT_ID"); - } - - if (clientSecret != null) - { - builder.Append(" AZURE_CLIENT_SECRET"); - } - - if (username != null) - { - builder.Append(" AZURE_USERNAME"); - } - - if (password != null) - { - builder.Append(" AZURE_PASSWORD"); - } - - _unavailbleErrorMessage = builder.Append(" ].").ToString(); - } + //if (_credential is null) + //{ + // StringBuilder builder = new StringBuilder("Environment variables not fully configured. AZURE_TENANT_ID and AZURE_CLIENT_ID must be set, along with either AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD. Currently set variables [ "); + + // if (tenantId != null) + // { + // builder.Append(" AZURE_TENANT_ID"); + // } + + // if (clientId != null) + // { + // builder.Append(" AZURE_CLIENT_ID"); + // } + + // if (clientSecret != null) + // { + // builder.Append(" AZURE_CLIENT_SECRET"); + // } + + // if (username != null) + // { + // builder.Append(" AZURE_USERNAME"); + // } + + // if (password != null) + // { + // builder.Append(" AZURE_PASSWORD"); + // } + + // _unavailbleErrorMessage = builder.Append(" ]").ToString(); + //} } internal EnvironmentCredential(CredentialPipeline pipeline, TokenCredential credential) @@ -159,7 +160,7 @@ private ExtendedAccessToken GetTokenImpl(TokenRequestContext requestContext, Can if (_credential is null) { - return new ExtendedAccessToken(scope.Failed(new CredentialUnavailableException(_unavailbleErrorMessage))); + return new ExtendedAccessToken(scope.Failed(new CredentialUnavailableException(UnavailableErrorMessage))); } try @@ -186,7 +187,7 @@ private async ValueTask GetTokenImplAsync(TokenRequestConte if (_credential is null) { - return new ExtendedAccessToken(scope.Failed(new CredentialUnavailableException(_unavailbleErrorMessage))); + return new ExtendedAccessToken(scope.Failed(new CredentialUnavailableException(UnavailableErrorMessage))); } try diff --git a/sdk/identity/Azure.Identity/src/ManagedIdentityCredential.cs b/sdk/identity/Azure.Identity/src/ManagedIdentityCredential.cs index 7412bc2d5b835..e186c61f1e1ef 100644 --- a/sdk/identity/Azure.Identity/src/ManagedIdentityCredential.cs +++ b/sdk/identity/Azure.Identity/src/ManagedIdentityCredential.cs @@ -19,7 +19,7 @@ namespace Azure.Identity /// public class ManagedIdentityCredential : TokenCredential, IExtendedTokenCredential { - internal const string MsiUnavailableError = "No managed identity endpoint found."; + internal const string MsiUnavailableError = "Managed identity endpoint not found"; private readonly string _clientId; private readonly CredentialPipeline _pipeline; diff --git a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs index 37925a0f67511..7d41023f5c31c 100644 --- a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs +++ b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs @@ -19,8 +19,8 @@ namespace Azure.Identity /// public class SharedTokenCacheCredential : TokenCredential, IExtendedTokenCredential { - internal const string NoAccountsInCacheMessage = "No accounts were found in the cache. To authenticate with the SharedTokenCacheCredential, log in an account with a development tool that supports Azure single sign on."; - internal const string MultipleAccountsInCacheMessage = "Multiple accounts were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {0}"; + internal const string NoAccountsInCacheMessage = "Local account not found"; + internal const string MultipleAccountsInCacheMessage = "Multiple local accounts were found. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {0}"; internal const string NoMatchingAccountsInCacheMessage = "No account matching the specified{0}{1} was found in the cache. To authenticate with the SharedTokenCacheCredential, login an account with a development tool that supports Azure single sign on. {2}"; internal const string MultipleMatchingAccountsInCacheMessage = "Multiple accounts matching the specified{0}{1} were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {2}"; From 2a4e02109e2b6e32dfc328a33edb0ae188bbf8d2 Mon Sep 17 00:00:00 2001 From: Tu Zhanle Date: Wed, 11 Dec 2019 02:31:46 -0800 Subject: [PATCH 3/8] removed commented code --- .../src/AuthenticationFailedException.cs | 10 ------ .../src/EnvironmentCredential.cs | 33 ------------------- 2 files changed, 43 deletions(-) diff --git a/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs b/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs index 77fbcb76e2422..8bdf0ad385603 100644 --- a/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs +++ b/sdk/identity/Azure.Identity/src/AuthenticationFailedException.cs @@ -38,19 +38,9 @@ internal static AuthenticationFailedException CreateAggregateException(string me for (int i = 0; i < credentials.Length; i++) { - //if (innerExceptions[i] is CredentialUnavailableException) - //{ - // exStr.AppendLine($" {credentials.Span[i].GetType().Name} is unavailable. {innerExceptions[i].Message}."); - //} - //else - //{ - // exStr.AppendLine($" {credentials.Span[i].GetType().Name} failed with {innerExceptions[i].Message}."); - //} exStr.Append($" {credentials.Span[i].GetType().Name}: {innerExceptions[i].Message}."); } - //exStr.Append("See inner exception for more detail."); - return new AuthenticationFailedException(exStr.ToString(), new AggregateException(message, innerExceptions.ToArray())); } } diff --git a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs index ef1ed532f83aa..cc0da3ec8674e 100644 --- a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs +++ b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs @@ -28,7 +28,6 @@ public class EnvironmentCredential : TokenCredential, IExtendedTokenCredential { private readonly CredentialPipeline _pipeline; private readonly TokenCredential _credential; - //private readonly string _unavailbleErrorMessage; private const string UnavailableErrorMessage = "Environment variables not set"; /// @@ -71,38 +70,6 @@ internal EnvironmentCredential(CredentialPipeline pipeline) _credential = new UsernamePasswordCredential(username, password, clientId, tenantId, _pipeline); } } - - //if (_credential is null) - //{ - // StringBuilder builder = new StringBuilder("Environment variables not fully configured. AZURE_TENANT_ID and AZURE_CLIENT_ID must be set, along with either AZURE_CLIENT_SECRET or AZURE_USERNAME and AZURE_PASSWORD. Currently set variables [ "); - - // if (tenantId != null) - // { - // builder.Append(" AZURE_TENANT_ID"); - // } - - // if (clientId != null) - // { - // builder.Append(" AZURE_CLIENT_ID"); - // } - - // if (clientSecret != null) - // { - // builder.Append(" AZURE_CLIENT_SECRET"); - // } - - // if (username != null) - // { - // builder.Append(" AZURE_USERNAME"); - // } - - // if (password != null) - // { - // builder.Append(" AZURE_PASSWORD"); - // } - - // _unavailbleErrorMessage = builder.Append(" ]").ToString(); - //} } internal EnvironmentCredential(CredentialPipeline pipeline, TokenCredential credential) From b3cdc7cd57454922b50e1d4adf4d22e78f27eed7 Mon Sep 17 00:00:00 2001 From: Tu Zhanle Date: Wed, 11 Dec 2019 02:38:59 -0800 Subject: [PATCH 4/8] remove comments --- sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs | 2 -- 1 file changed, 2 deletions(-) diff --git a/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs b/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs index 2d141c3cb76af..28fbe5f60cd4e 100644 --- a/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs +++ b/sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs @@ -113,8 +113,6 @@ private async Task GetTokenAsync(bool isAsync, TokenRequestContext else { exceptions.Add(exToken.Exception); - - //throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage} {_sources[i].GetType().Name} failed with unhandled exception. {exToken.Exception.Message}", new ReadOnlyMemory(_sources, 0, i + 1), exceptions)); throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage}", new ReadOnlyMemory(_sources, 0, i + 1), exceptions)); } } From 143711608bf4095c742b45bcf6f61850ba6ab1f6 Mon Sep 17 00:00:00 2001 From: Tu Zhanle Date: Wed, 11 Dec 2019 02:54:40 -0800 Subject: [PATCH 5/8] change "Multiple accounts were found in the cache." of MultipleAccountsInCacheMessage back --- sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs index 7d41023f5c31c..75b420be40c2d 100644 --- a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs +++ b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs @@ -20,7 +20,7 @@ namespace Azure.Identity public class SharedTokenCacheCredential : TokenCredential, IExtendedTokenCredential { internal const string NoAccountsInCacheMessage = "Local account not found"; - internal const string MultipleAccountsInCacheMessage = "Multiple local accounts were found. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {0}"; + internal const string MultipleAccountsInCacheMessage = "Multiple accounts were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {0}"; internal const string NoMatchingAccountsInCacheMessage = "No account matching the specified{0}{1} was found in the cache. To authenticate with the SharedTokenCacheCredential, login an account with a development tool that supports Azure single sign on. {2}"; internal const string MultipleMatchingAccountsInCacheMessage = "Multiple accounts matching the specified{0}{1} were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {2}"; From d1183f3797f57661fb3cd526cfd62c4f0f34a5e5 Mon Sep 17 00:00:00 2001 From: Tu Zhanle Date: Wed, 11 Dec 2019 21:01:58 -0800 Subject: [PATCH 6/8] Simplify error message for ChainedTokenCredential --- sdk/identity/Azure.Identity/src/ChainedTokenCredential.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sdk/identity/Azure.Identity/src/ChainedTokenCredential.cs b/sdk/identity/Azure.Identity/src/ChainedTokenCredential.cs index f84a5432c2af5..92cf08d789599 100644 --- a/sdk/identity/Azure.Identity/src/ChainedTokenCredential.cs +++ b/sdk/identity/Azure.Identity/src/ChainedTokenCredential.cs @@ -70,7 +70,7 @@ public override AccessToken GetToken(TokenRequestContext requestContext, Cancell { exceptions.Add(e); - throw AuthenticationFailedException.CreateAggregateException(AggregateCredentialFailedErrorMessage + e.Message, new ReadOnlyMemory(_sources, 0, i + 1), exceptions); + throw AuthenticationFailedException.CreateAggregateException(AggregateCredentialFailedErrorMessage, new ReadOnlyMemory(_sources, 0, i + 1), exceptions); } } @@ -101,7 +101,7 @@ public override async ValueTask GetTokenAsync(TokenRequestContext r { exceptions.Add(e); - throw AuthenticationFailedException.CreateAggregateException(AggregateCredentialFailedErrorMessage + e.Message, new ReadOnlyMemory(_sources, 0, i + 1), exceptions); + throw AuthenticationFailedException.CreateAggregateException(AggregateCredentialFailedErrorMessage, new ReadOnlyMemory(_sources, 0, i + 1), exceptions); } } From c6cbf5fcdcdc554247c919962c43c5b894fcdd5d Mon Sep 17 00:00:00 2001 From: Zhanle Tu <35680310+tzhanl@users.noreply.github.com> Date: Thu, 16 Jan 2020 21:33:25 -0800 Subject: [PATCH 7/8] replace "in the cache" with "local" of SharedTokenCacheCredential Messages --- .../src/SharedTokenCacheCredential.cs | 6 +++--- .../tests/SharedTokenCacheCredentialTests.cs | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs index 75b420be40c2d..8dda117a7802a 100644 --- a/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs +++ b/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs @@ -20,9 +20,9 @@ namespace Azure.Identity public class SharedTokenCacheCredential : TokenCredential, IExtendedTokenCredential { internal const string NoAccountsInCacheMessage = "Local account not found"; - internal const string MultipleAccountsInCacheMessage = "Multiple accounts were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {0}"; - internal const string NoMatchingAccountsInCacheMessage = "No account matching the specified{0}{1} was found in the cache. To authenticate with the SharedTokenCacheCredential, login an account with a development tool that supports Azure single sign on. {2}"; - internal const string MultipleMatchingAccountsInCacheMessage = "Multiple accounts matching the specified{0}{1} were found in the cache. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {2}"; + internal const string MultipleAccountsInCacheMessage = "Multiple local accounts were found. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {0}"; + internal const string NoMatchingAccountsInCacheMessage = "No local account matching the specified{0}{1} was found. To authenticate with the SharedTokenCacheCredential, login an account with a development tool that supports Azure single sign on. {2}"; + internal const string MultipleMatchingAccountsInCacheMessage = "Multiple local accounts matching the specified{0}{1} were found. To authenticate with the SharedTokenCacheCredential, set the AZURE_USERNAME and AZURE_TENANT_ID environment variables to the preferred username and tenantId, or specify them to the constructor. {2}"; private readonly MsalPublicClient _client; private readonly CredentialPipeline _pipeline; diff --git a/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs b/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs index b26d4c4a83c63..e8ef7f5b050fb 100644 --- a/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs +++ b/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs @@ -164,7 +164,7 @@ public async Task MultipleAccountsNoTenantIdOrUsername() var ex = Assert.ThrowsAsync(async () => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); - Assert.True(ex.Message.StartsWith("Multiple accounts were found in the cache.")); + Assert.True(ex.Message.StartsWith("Multiple local accounts were found.")); Assert.True(ex.Message.Contains($"username: fakeuser@fakedomain.com tenantId: {fakeuserTenantId}")); @@ -192,7 +192,7 @@ public async Task NoMatchingAccountsUsernameOnly() var ex = Assert.ThrowsAsync(async () => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); - Assert.True(ex.Message.StartsWith("No account matching the specified username: mockuser@mockdomain.com was found in the cache.")); + Assert.True(ex.Message.StartsWith("No local account matching the specified username: mockuser@mockdomain.com was found.")); Assert.True(ex.Message.Contains($"username: fakeuser@fakedomain.com tenantId: {fakeuserTenantId}")); @@ -221,7 +221,7 @@ public async Task NoMatchingAccountsTenantIdOnly() var ex = Assert.ThrowsAsync(async () => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); - Assert.True(ex.Message.StartsWith($"No account matching the specified tenantId: {tenantId} was found in the cache.")); + Assert.True(ex.Message.StartsWith($"No local account matching the specified tenantId: {tenantId} was found.")); Assert.True(ex.Message.Contains($"username: fakeuser@fakedomain.com tenantId: {fakeuserTenantId}")); @@ -250,7 +250,7 @@ public async Task NoMatchingAccountsTenantIdAndUsername() var ex = Assert.ThrowsAsync(async () => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); - Assert.True(ex.Message.StartsWith($"No account matching the specified username: mockuser@mockdomain.com tenantId: {tenantId} was found in the cache.")); + Assert.True(ex.Message.StartsWith($"No local account matching the specified username: mockuser@mockdomain.com tenantId: {tenantId} was found.")); Assert.True(ex.Message.Contains($"username: fakeuser@fakedomain.com tenantId: {fakeuserTenantId}")); @@ -278,7 +278,7 @@ public async Task MultipleMatchingAccountsUsernameOnly() var ex = Assert.ThrowsAsync(async () => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); - Assert.True(ex.Message.StartsWith("Multiple accounts matching the specified username: mockuser@mockdomain.com were found in the cache")); + Assert.True(ex.Message.StartsWith("Multiple local accounts matching the specified username: mockuser@mockdomain.com were found")); Assert.True(ex.Message.Contains($"username: fakeuser@fakedomain.com tenantId: {fakeuserTenantId}")); @@ -308,7 +308,7 @@ public async Task MultipleMatchingAccountsTenantIdOnly() var ex = Assert.ThrowsAsync(async () => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); - Assert.True(ex.Message.StartsWith($"Multiple accounts matching the specified tenantId: {mockuserGuestTenantId} were found in the cache")); + Assert.True(ex.Message.StartsWith($"Multiple local accounts matching the specified tenantId: {mockuserGuestTenantId} were found")); Assert.True(ex.Message.Contains($"username: fakeuser@fakedomain.com tenantId: {fakeuserTenantId}")); @@ -338,7 +338,7 @@ public async Task MultipleMatchingAccountsUsernameAndTenantId() var ex = Assert.ThrowsAsync(async () => await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default))); - Assert.True(ex.Message.StartsWith($"Multiple accounts matching the specified username: mockuser@mockdomain.com tenantId: {mockuserTenantId} were found in the cache")); + Assert.True(ex.Message.StartsWith($"Multiple local accounts matching the specified username: mockuser@mockdomain.com tenantId: {mockuserTenantId} were found")); Assert.True(ex.Message.Contains($"username: fakeuser@fakedomain.com tenantId: {fakeuserTenantId}")); From 62df1c3f65a54d9ee20d3cd425ac607e5e238077 Mon Sep 17 00:00:00 2001 From: Zhanle Tu <35680310+tzhanl@users.noreply.github.com> Date: Thu, 16 Jan 2020 22:29:29 -0800 Subject: [PATCH 8/8] add AuthFileCredential logic back --- sdk/identity/Azure.Identity/src/EnvironmentCredential.cs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs index dd5b3cdb6c1ed..757c0d0072aa0 100644 --- a/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs +++ b/sdk/identity/Azure.Identity/src/EnvironmentCredential.cs @@ -72,6 +72,11 @@ internal EnvironmentCredential(CredentialPipeline pipeline) } } + if (_credential is null && sdkAuthLocation != null) + { + _credential = new AuthFileCredential(sdkAuthLocation); + } + } internal EnvironmentCredential(CredentialPipeline pipeline, TokenCredential credential)