Skip to content

Descriptive error messages for troubleshooting #443

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 1, 2021
Merged

Descriptive error messages for troubleshooting #443

merged 1 commit into from
Dec 1, 2021

Conversation

rayluo
Copy link
Collaborator

@rayluo rayluo commented Nov 26, 2021

This is inspired from, and can also resolve Azure/azure-cli#20507

@rayluo rayluo mentioned this pull request Nov 26, 2021
Closed
@rayluo rayluo merged commit a734633 into dev Dec 1, 2021
@rayluo rayluo deleted the authority-error-messages branch December 1, 2021 19:19
@rayluo rayluo mentioned this pull request Feb 8, 2022
Merged
@jiasli jiasli mentioned this pull request Mar 21, 2022
Closed
@jiasli jiasli mentioned this pull request Apr 18, 2022
Closed
jiasli
jiasli reviewed Jun 13, 2022
View reviewed changes
msal/authority.py
Comment on lines +174 to +177
raise ValueError(
"OIDC Discovery endpoint rejects our request. Error: {}".format(
resp.text # Expose it as-is b/c OIDC defines no error response format
))
Copy link
Contributor

@jiasli jiasli Jun 13, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, I am rethinking about the error type. Since MSAL raises ValueError, CLI can't really tell whether the error comes from MSAL or other places if we use a centralized error handling logic.

Now we handle all PersistenceError in a centralized place:

https://github.com/Azure/azure-cli/blob/3dbcafbd273a5fefce793ba1e520dc61d8c468a8/src/azure-cli-core/azure/cli/core/util.py#L140-L151

    elif isinstance(ex, PersistenceError):
        # errno is already in strerror. str(ex) gives duplicated errno.
        az_error = azclierror.CLIInternalError(ex.strerror)
        if ex.errno == 0:
            az_error.set_recommendation(
                "Please report to us via Github: https://github.com/Azure/azure-cli/issues/20278")
        elif ex.errno == -2146893813:
            az_error.set_recommendation(
                "Please report to us via Github: https://github.com/Azure/azure-cli/issues/20231")
        elif ex.errno == -2146892987:
            az_error.set_recommendation(
                "Please report to us via Github: https://github.com/Azure/azure-cli/issues/21010")

But for this ValueError, we will have to capture it everywhere when MSAL interaction is made:

https://github.com/Azure/azure-cli/blob/1d973cceb38980181eeaa45934497d2148a3e7b2/src/azure-cli-core/azure/cli/core/auth/identity.py#L141-L143

        result = self._msal_app.acquire_token_interactive(
            scopes, prompt='select_account', port=8400 if self._is_adfs else None,
            success_template=success_template, error_template=error_template, **kwargs)

If we don't handle the error, the raw exception with traceback is shown, like in Azure/azure-cli#20507.

How about MSAL doing the same for this ValueError and make a new error type which inherents ValueError, such as AuthorityError, MsalValueError?

@jiasli jiasli mentioned this pull request Jun 13, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jiasli jiasli jiasli left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

az login fails: ValueError: Unable to get authority configuration for https://login.microsoftonline.com/9a2e....
2 participants
@rayluo @jiasli