There should be a clear message when the Azure credential is invalid
To Reproduce
When running awps-tunnel, if my Azure login is expired I will get a very long stack trace (see below) instead of a simple message about credential is invalid.
Exceptions (if any)
/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3015
const err = new AggregateAuthenticationError(errors, "ChainedTokenCredential authentication failed.");
^
AggregateAuthenticationError: ChainedTokenCredential authentication failed.
CredentialUnavailableError: EnvironmentCredential is unavailable. No underlying credential could be used. To troubleshoot, visit https://aka.ms/azsdk/js/identity/environmentcredential/troubleshoot.
CredentialUnavailableError: WorkloadIdentityCredential: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters.
In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables -
"AZURE_TENANT_ID",
"AZURE_CLIENT_ID",
"AZURE_FEDERATED_TOKEN_FILE". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot
CredentialUnavailableError: ManagedIdentityCredential: Authentication failed. Message ManagedIdentityCredential - No MSI credential available
CredentialUnavailableError: ERROR: AADSTS700082: The refresh token has expired due to inactivity. The token was issued on 2023-03-03T07:43:39.5824634Z and was inactive for 90.00:00:00. Trace ID: 7ac8ba34-4fcf-40b6-8627-87eb5bdd0700 Correlation ID: 7ce5c80a-b12b-4a52-b84b-043fcab008ce Timestamp: 2023-10-31 08:30:57Z
Interactive authentication is needed. Please run:
az login --scope https://webpubsub.azure.com/.default
CredentialUnavailableError: Error: Unable to execute PowerShell. Ensure that it is installed in your system. To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.
CredentialUnavailableError: Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3015:29
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
at async GeneratedClient.sendOperationRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-client/dist/index.js:1948:33)
at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/web-pubsub/dist/index.js:2174:34 {
errors: [
CredentialUnavailableError: EnvironmentCredential is unavailable. No underlying credential could be used. To troubleshoot, visit https://aka.ms/azsdk/js/identity/environmentcredential/troubleshoot.
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3456:19
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:114
at Object.withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:85:20)
at withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:153:34)
at Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:34)
at EnvironmentCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3440:30)
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:52
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:114
at Object.withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:85:20)
at withContext (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:153:34),
CredentialUnavailableError: WorkloadIdentityCredential: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters.
In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables -
"AZURE_TENANT_ID",
"AZURE_CLIENT_ID",
"AZURE_FEDERATED_TOKEN_FILE". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot
at DefaultWorkloadIdentityCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2078:19)
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:52
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
at async GeneratedClient.sendOperationRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-client/dist/index.js:1948:33),
CredentialUnavailableError: ManagedIdentityCredential: Authentication failed. Message ManagedIdentityCredential - No MSI credential available
at DefaultManagedIdentityCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2501:23)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:29
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
at async GeneratedClient.sendOperationRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-client/dist/index.js:1948:33),
CredentialUnavailableError: ERROR: AADSTS700082: The refresh token has expired due to inactivity. The token was issued on 2023-03-03T07:43:39.5824634Z and was inactive for 90.00:00:00. Trace ID: 7ac8ba34-4fcf-40b6-8627-87eb5bdd0700 Correlation ID: 7ce5c80a-b12b-4a52-b84b-043fcab008ce Timestamp: 2023-10-31 08:30:57Z
Interactive authentication is needed. Please run:
az login --scope https://webpubsub.azure.com/.default
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2727:31
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:29
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13),
CredentialUnavailableError: Error: Unable to execute PowerShell. Ensure that it is installed in your system. To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2942:31
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28),
CredentialUnavailableError: Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.
at /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3589:35
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
at async /usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:3000:29
at async Object.withSpan (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-tracing/dist/index.js:140:28)
at async DefaultAzureCredential.getToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/identity/dist/index.js:2990:27)
at async tryGetAccessToken (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2005:32)
at async beginRefresh (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2013:17)
at async Object.defaultAuthorizeRequest [as authorizeRequest] (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2137:25)
at async Object.sendRequest (/usr/lib/node_modules/@azure/web-pubsub-tunnel-tool/node_modules/@azure/core-rest-pipeline/dist/index.js:2188:13)
]
}
Describe the bug
There should be a clear message when the Azure credential is invalid
To Reproduce
When running awps-tunnel, if my Azure login is expired I will get a very long stack trace (see below) instead of a simple message about credential is invalid.
Exceptions (if any)