private MsalTokenResponse CreateMsalTokenResponse(
IWebTokenRequestResultWrapper wamResponse,
IWamPlugin wamPlugin,
bool isInteractive)
{
string internalErrorCode = null;
string errorMessage;
string errorCode;
switch (wamResponse.ResponseStatus)
{
case WebTokenRequestStatus.Success:
_logger.Info("WAM response status success");
return(wamPlugin.ParseSuccesfullWamResponse(wamResponse.ResponseData[0]));
// Account Switch occurs when a login hint is passed to WAM but the user chooses a different account for login.
// MSAL treats this as a success scenario
case WebTokenRequestStatus.AccountSwitch:
_logger.Info("WAM response status account switch. Treating as success");
return(wamPlugin.ParseSuccesfullWamResponse(wamResponse.ResponseData[0]));
case WebTokenRequestStatus.UserInteractionRequired:
errorCode =
wamPlugin.MapTokenRequestError(wamResponse.ResponseStatus, wamResponse.ResponseError?.ErrorCode ?? 0, isInteractive);
internalErrorCode = (wamResponse.ResponseError?.ErrorCode ?? 0).ToString(CultureInfo.InvariantCulture);
errorMessage = WamErrorPrefix +
$"Wam plugin {wamPlugin.GetType()}" +
$" error code: {internalErrorCode}" +
$" error: " + wamResponse.ResponseError?.ErrorMessage;
break;
case WebTokenRequestStatus.UserCancel:
errorCode = MsalError.AuthenticationCanceledError;
errorMessage = MsalErrorMessage.AuthenticationCanceled;
break;
case WebTokenRequestStatus.ProviderError:
errorCode =
wamPlugin.MapTokenRequestError(wamResponse.ResponseStatus, wamResponse.ResponseError?.ErrorCode ?? 0, isInteractive);
errorMessage = WamErrorPrefix + wamPlugin.GetType() + wamResponse.ResponseError?.ErrorMessage;
internalErrorCode = (wamResponse.ResponseError?.ErrorCode ?? 0).ToString(CultureInfo.InvariantCulture);
break;
default:
errorCode = MsalError.UnknownBrokerError;
internalErrorCode = wamResponse.ResponseError.ErrorCode.ToString(CultureInfo.InvariantCulture);
errorMessage = $"Unknown WebTokenRequestStatus {wamResponse.ResponseStatus} (internal error code {internalErrorCode})";
break;
}
return(new MsalTokenResponse()
{
Error = errorCode,
ErrorCodes = internalErrorCode != null ? new[] { internalErrorCode } : null,
ErrorDescription = errorMessage
});
}
internal static MsalTokenResponse CreateMsalResponseFromWamResponse(
IWebTokenRequestResultWrapper wamResponse,
IWamPlugin wamPlugin,
string clientId,
ICoreLogger logger,
bool isInteractive)
{
string internalErrorCode = null;
string errorMessage;
string errorCode;
switch (wamResponse.ResponseStatus)
{
case WebTokenRequestStatus.Success:
logger.Info("WAM response status success");
return(wamPlugin.ParseSuccessfullWamResponse(wamResponse.ResponseData[0], out _));
// Account Switch occurs when a login hint is passed to WAM but the user chooses a different account for login.
// MSAL treats this as a success scenario
case WebTokenRequestStatus.AccountSwitch:
logger.Info("WAM response status account switch. Treating as success");
return(wamPlugin.ParseSuccessfullWamResponse(wamResponse.ResponseData[0], out _));
case WebTokenRequestStatus.UserInteractionRequired:
errorCode =
wamPlugin.MapTokenRequestError(wamResponse.ResponseStatus, wamResponse.ResponseError?.ErrorCode ?? 0, isInteractive);
internalErrorCode = (wamResponse.ResponseError?.ErrorCode ?? 0).ToString(CultureInfo.InvariantCulture);
errorMessage = WamErrorPrefix +
$"Wam plugin {wamPlugin.GetType()}" +
$" Error code: {internalErrorCode}" +
$" Error Message: " + wamResponse.ResponseError?.ErrorMessage;
break;
case WebTokenRequestStatus.UserCancel:
errorCode = MsalError.AuthenticationCanceledError;
errorMessage = MsalErrorMessage.AuthenticationCanceled;
break;
case WebTokenRequestStatus.ProviderError:
errorCode =
wamPlugin.MapTokenRequestError(wamResponse.ResponseStatus, wamResponse.ResponseError?.ErrorCode ?? 0, isInteractive);
errorMessage =
$"{WamErrorPrefix} {wamPlugin.GetType()} \n" +
$" Error Code: {errorCode} \n" +
$" Error Message: {wamResponse.ResponseError?.ErrorMessage} \n" +
$" Possible causes: \n " +
$"- Invalid redirect uri - ensure you have configured the following url in the AAD portal App Registration: {GetExpectedRedirectUri(clientId)} \n" +
$"- No Internet connection \n" +
$"Please see https://aka.ms/msal-net-wam for details about Windows Broker integration";
internalErrorCode = (wamResponse.ResponseError?.ErrorCode ?? 0).ToString(CultureInfo.InvariantCulture);
break;
default:
errorCode = MsalError.UnknownBrokerError;
internalErrorCode = wamResponse.ResponseError.ErrorCode.ToString(CultureInfo.InvariantCulture);
errorMessage = $"Unknown WebTokenRequestStatus {wamResponse.ResponseStatus} (internal error code {internalErrorCode})";
break;
}
return(new MsalTokenResponse()
{
Error = errorCode,
ErrorCodes = internalErrorCode != null ? new[] { internalErrorCode } : null,
ErrorDescription = errorMessage
});
}
