[BUG] Azure.Identity should wrap MsalUiRequiredException as inner exception when throwing CredentialUnavailableException #20218
Comments
ghost
added
the
needs-triage
erich-wang
changed the title
jsquire
added
Azure.Identity
Client
ghost
removed
the
needs-triage
|
Only FYI: previously I asked It was eventually solved by exposing the original HTTP response (Azure/azure-sdk-for-python#17442). |
|
Hi @erich-wang - Which credential are you using where it is not being wrapped? |
christothes
added
the
needs-author-feedback
|
At least https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/identity/Azure.Identity/src/SharedTokenCacheCredential.cs#L119-L122, I did not go thru all credentials, but most of them do not expose it. |
ghost
added
needs-team-attention
|
tagging as 'blocking-release' for the May milestone |
|
Hi Josh, what's the release timeline of May milestone? We are considering whether it can be ready by the mid of May and we will release Az major release after some verifications. User hit this vague message because recently more and more companies deployed MFA policy. |
|
Code complete for the Azure SDK is always the first Friday of the month; and the release is early the following week. So code complete will be Friday May 7th and the release will be the week of May 10. |
Describe the bug
This is prerequisite for fix the issue Azure/azure-powershell#14717
When MsalUiRequiredException exception is thrown from MSAL library, Azure.Identity Credentials swallow the exception and throw general CredentialUnavailableException exception, e.g. SharedTokenCacheCredential. However Azure PowerShell needs to give user actionable message based on the detail error info from CredentialUnavailableException, e.g. suggest user to login with specific tenant id for MFA.
Environment:
The text was updated successfully, but these errors were encountered: