Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Update MSAL exception when server returns 500 to include request URI #4412

Closed
gladjohn opened this issue Nov 7, 2023 · 2 comments
Closed

[Feature Request] Update MSAL exception when server returns 500 to include request URI #4412

gladjohn opened this issue Nov 7, 2023 · 2 comments
Assignees
@trwalke
Labels
bug confidential-client P2

Comments

@gladjohn
Copy link
Contributor

gladjohn commented Nov 7, 2023

MSAL client type

Confidential

Problem Statement

When failure happens while fetching a MEX document during a federated auth scenario we get a service_not_available exeption, the error misleads to thinking it was from AAD for a 429.

for e.g. in the case of an ADFS issue we see this error

ERROR,"Token refresh failed. Encountered exception MSAL.Desktop.4.50.0.0.MsalServiceException: ErrorCode: service_not_available Microsoft.Identity.Client.MsalServiceException: Service is unavailable to process the request at Microsoft.Identity.Client.Http.HttpManager.

but also in the stack trace we see this, meaning failure to get the MEX

Microsoft.Identity.Client.WsTrust.WsTrustWebRequestManager.<GetMexDocumentAsync>d__2.MoveNext()

MSAL does not bubble up this error.

One possible solution is to add the request URI in the MSAL exception when server returns 500.

Proposed solution

No response

Alternatives

No response
@gladjohn gladjohn added untriaged Do not delete. Needed for Automation needs attention Delete label after triage P2 confidential-client public-client and removed untriaged Do not delete. Needed for Automation needs attention Delete label after triage labels Nov 7, 2023
@bgavrilMS
Copy link
Member

Let's take this as a confidential client fix.

@bgavrilMS
Copy link
Member

bgavrilMS commented Jun 17, 2024
edited
Loading

Pls ensure to log just the base URL (host + path) as non-PII. Query paramters are PII.

@trwalke trwalke self-assigned this Jun 20, 2024
@trwalke trwalke mentioned this issue Jun 25, 2024
Merged
1 task
@trwalke trwalke closed this as completed Oct 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@trwalke trwalke

Labels
bug confidential-client P2
Projects
MSAL Customer Trust / QM
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bgavrilMS @trwalke @gladjohn