AzureAD / microsoft-authentication-library-for-dotnet

Microsoft Authentication Library (MSAL) for .NET
https://aka.ms/msal-net
MIT License
1.41k stars 345 forks source link

Improve WAM error messages #4136

Open localden opened 1 year ago

localden commented 1 year ago

Right now, when WAM errors out, it throws an error that a developer might not understand the root cause of:

image

To reproduce this issue, I used WAM to access a resource without configuring the proper redirect URL.

Per @bgavrilMS:

You have to configure logging and set the PII flag to true there. But that's pretty hard to discover.

The error message from WAM actually told me that I was missing an app-specific redirect URL, but that is not clear from the error surface.

bgavrilMS commented 1 year ago
  1. If PII flag is not set, let's add a message like To see this message, set the logging PII flag to true. See aka.ms/logging
  2. For the redirect URI in particular, produce an error message telling the end user what they need to register.
gladjohn commented 1 year ago

@localden this is what we show in the scenario you mentioned above,

{"WAM Error \n Error Code: 3399614473 \n Error Message: ApiContractViolation \n WAM Error Message: (pii) \n Internal Error Code: 557973642 \n Possible causes: \n- Invalid redirect uri - ensure you have configured the following url in the application registration in Azure Portal: ms-appx-web://microsoft.aad.brokerplugin/507beea4-593d-47ab-91c9-911d3b0734aa \n"}

Image

are you not seeing this?

gladjohn commented 1 year ago

@localden checking on this one

localden commented 1 year ago

@gladjohn I think in my case it was cut-off (see scroll bar). Things like WAM Error Message: (pii) should likely be updated to something more descriptive.

Where in the source code are the documentation strings handled? Happy to create a PR.

gladjohn commented 1 year ago

that is thrown by MSALRuntime. We can discuss on how to best fix this

gladjohn commented 1 year ago

@gladjohn I think in my case it was cut-off (see scroll bar). Things like WAM Error Message: (pii) should likely be updated to something more descriptive.

Where in the source code are the documentation strings handled? Happy to create a PR.

@MSamWils Is this something that you are working on updating? Do you need a tracking item for this?