Open PhilipsonJoseph opened 3 months ago
@PhilipsonJoseph - can you please try to use https://login.partner.microsoftonline.cn/TENANT_ID
as authority?
@Robbie-Microsoft - the error message doesn't seem to provide enough details.
@bgavrilMS We will try your suggestion. But we also observe the same error is happening when the agents are running behind proxy
@bgavrilMS Sorry for the confusion Issue is not with the China Cloud when a cx uses a proxy we could observe this error, We are setting up INetworkModule incase if a customer uses proxy
@PhilipsonJoseph Sorry to hear you're having problem when proxy is used. I agree that the best course of action is to write a custom INetworkModule. You can see our sample here for custom INetworkModule here.
@Robbie-Microsoft @bgavrilMS We already using the custom INetworkModule. but the error occurs after updating from1.. to 2..
Can you post your custom INetworkModule here?
@Robbie-Microsoft this is how we implemented custom network module. FYI it used to work fine with older version on MSAL
Where is fetch
defined? Is that NodeJs's native fetch? Or is it from a 3rd party library?
@Robbie-Microsoft We are using node-fetch https://www.npmjs.com/package/node-fetch
auth: {
clientId: ******,
authority: https://login.chinacloudapi.cn/
},
system: {
loggerOptions: {
loggerCallback(loglevel, message, containsPii) {
loglevel == LogLevel.Error ? tl.error(message) : tl.debug(message);
},
piiLoggingEnabled: false,
logLevel: LogLevel.Info,
},
proxyUrl: <your proxy>,
networkClient: proxyNetworkClient
}
Try this
Core Library
MSAL Node (@azure/msal-node)
Core Library Version
2.9.2
Wrapper Library
Not Applicable
Wrapper Library Version
None
Public or Confidential Client?
Confidential
Description
few of China cloud customers have reported issues where in they are getting error in our azure pipeline task "_Error: Could not fetch access token for Azure. Status code: endpoints_resolution_error, status message: Error: could not resolve endpoints. Please check network and try again. Detail: ClientAuthError: openid_configerror: Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints. Attempted to retrieve endpoints from: https://login.partner.microsoftonline.cn/1338e9e4-3189-42f4-9a96-b67c3549f5c5/v2.0/.well-known/openid-configuration"
We are consuming MSAL_node(2.9.2) package through our azure pipeline tasks. Earlier we using MSAL_Node(1.14.5) with Node 16 and we seeing this error after upgrading to MSAL_Node(2.9.2) with Node 20
Error Message
_Error: Could not fetch access token for Azure. Status code: endpoints_resolution_error, status message: Error: could not resolve endpoints. Please check network and try again. Detail: ClientAuthError: openid_configerror: Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints. Attempted to retrieve endpoints from: https://login.partner.microsoftonline.cn/1338e9e4-3189-42f4-9a96-b67c3549f5c5/v2.0/.well-known/openid-configuration
MSAL Logs
No response
Network Trace (Preferrably Fiddler)
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
Expected Behavior
Task is able to fetch the token without no issues
Identity Provider
Entra ID (formerly Azure AD) / MSA
Browsers Affected (Select all that apply)
Chrome, Firefox, Edge, None (Server)
Regression
@azure/msal_node@1.14.5 with node 16
Source
Internal (Microsoft)