search

Azure / azure-webpubsub

Azure Web PubSub Service helps you to manage WebSocket connections and do publish and subscribe in an easy way
https://azure.github.io/azure-webpubsub/
MIT License
132 stars 83 forks source link

[awps-tunnel] Better error message when Azure credential is invalid #640

Closed chenkennt closed 9 months ago

chenkennt commented 10 months ago

Describe the bug

There should be a clear message when the Azure credential is invalid

To Reproduce

When running awps-tunnel, if my Azure login is expired I will get a very long stack trace (see below) instead of a simple message about credential is invalid.

Exceptions (if any)

/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3015
                const err = new AggregateAuthenticationError(errors, "ChainedTokenCredential authentication failed.");
                            ^

AggregateAuthenticationError: ChainedTokenCredential authentication failed.
CredentialUnavailableError: EnvironmentCredential is unavailable. No underlying credential could be used. To troubleshoot, visit https://aka.ms/azsdk/js/identity/environmentcredential/troubleshoot.
CredentialUnavailableError: WorkloadIdentityCredential: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters.
      In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables -
      "AZURE_TENANT_ID",
      "AZURE_CLIENT_ID",
      "AZURE_FEDERATED_TOKEN_FILE". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot
CredentialUnavailableError: ManagedIdentityCredential: Authentication failed. Message ManagedIdentityCredential - No MSI credential available
CredentialUnavailableError: ERROR: AADSTS700082: The refresh token has expired due to inactivity. The token was issued on 2023-03-03T07:43:39.5824634Z and was inactive for 90.00:00:00. Trace ID: 7ac8ba34-4fcf-40b6-8627-87eb5bdd0700 Correlation ID: 7ce5c80a-b12b-4a52-b84b-043fcab008ce Timestamp: 2023-10-31 08:30:57Z
Interactive authentication is needed. Please run:
az login --scope https://webpubsub.azure.com/.default

CredentialUnavailableError: Error: Unable to execute PowerShell. Ensure that it is installed in your system. To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.
CredentialUnavailableError: Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.
    at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3015:29
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
    at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
    at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
    at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
    at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
    at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
    at async GeneratedClient.sendOperationRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-client/dist/index.js:1948:33)
    at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/web-pubsub/dist/index.js:2174:34 {
  errors: [
    CredentialUnavailableError: EnvironmentCredential is unavailable. No underlying credential could be used. To troubleshoot, visit https://aka.ms/azsdk/js/identity/environmentcredential/troubleshoot.
        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3456:19
        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:114
        at Object.withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:85:20)
        at withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:153:34)
        at Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:34)
        at EnvironmentCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3440:30)
        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:52
        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:114
        at Object.withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:85:20)
        at withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:153:34),
    CredentialUnavailableError: WorkloadIdentityCredential: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters.
          In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables -
          "AZURE_TENANT_ID",
          "AZURE_CLIENT_ID",
          "AZURE_FEDERATED_TOKEN_FILE". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot
        at DefaultWorkloadIdentityCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2078:19)
        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:52
        at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
        at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
        at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
        at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
        at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
        at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
        at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
        at async GeneratedClient.sendOperationRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-client/dist/index.js:1948:33),
    CredentialUnavailableError: ManagedIdentityCredential: Authentication failed. Message ManagedIdentityCredential - No MSI credential available
        at DefaultManagedIdentityCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2501:23)
        at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
        at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:29
        at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
        at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
        at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
        at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
        at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
        at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
        at async GeneratedClient.sendOperationRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-client/dist/index.js:1948:33),
    CredentialUnavailableError: ERROR: AADSTS700082: The refresh token has expired due to inactivity. The token was issued on 2023-03-03T07:43:39.5824634Z and was inactive for 90.00:00:00. Trace ID: 7ac8ba34-4fcf-40b6-8627-87eb5bdd0700 Correlation ID: 7ce5c80a-b12b-4a52-b84b-043fcab008ce Timestamp: 2023-10-31 08:30:57Z
    Interactive authentication is needed. Please run:
    az login --scope https://webpubsub.azure.com/.default

        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2727:31
        at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
        at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
        at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:29
        at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
        at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
        at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
        at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
        at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
        at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13),
    CredentialUnavailableError: Error: Unable to execute PowerShell. Ensure that it is installed in your system. To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.
        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2942:31
        at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
        at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28),
    CredentialUnavailableError: Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.
        at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3589:35
        at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
        at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
        at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:29
        at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
        at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
        at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
        at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
        at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
        at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
  ]
}