private bool TryWrapException(ref Exception exception, string additionalMessageText = null)
{
if (exception is OperationCanceledException || exception is AuthenticationFailedException)
{
return(false);
}
if (exception is AggregateException aex)
{
CredentialUnavailableException firstCredentialUnavailable = aex.Flatten().InnerExceptions.OfType <CredentialUnavailableException>().FirstOrDefault();
if (firstCredentialUnavailable != default)
{
exception = new CredentialUnavailableException(firstCredentialUnavailable.Message, aex);
return(true);
}
}
string exceptionMessage = $"{_name.Substring(0, _name.IndexOf('.'))} authentication failed: {exception.Message}";
if (additionalMessageText != null)
{
exceptionMessage = exceptionMessage + $"\n{additionalMessageText}";
}
exception = new AuthenticationFailedException(exceptionMessage, exception);
return(true);
}
private async Task <AccessToken> GetTokenAsync(bool isAsync, TokenRequestContext requestContext, CancellationToken cancellationToken)
{
using CredentialDiagnosticScope scope = _pipeline.StartGetTokenScope("Azure.Identity.DefaultAcureCredential.GetToken", requestContext);
List <Exception> exceptions = new List <Exception>();
int i;
for (i = 0; i < _sources.Length && _sources[i] != null; i++)
{
ExtendedAccessToken exToken = isAsync ? await _sources[i].GetTokenAsync(requestContext, cancellationToken).ConfigureAwait(false) : _sources[i].GetToken(requestContext, cancellationToken);
if (exToken.Exception is null)
{
return(scope.Succeeded(exToken.AccessToken));
}
if (exToken.Exception is CredentialUnavailableException)
{
exceptions.Add(exToken.Exception);
}
else
{
exceptions.Add(exToken.Exception);
throw scope.Failed(AuthenticationFailedException.CreateAggregateException($"{UnhandledExceptionMessage} {_sources[i].GetType().Name} failed with unhandled exception {exToken.Exception.Message}.", new ReadOnlyMemory <object>(_sources, 0, i + 1), exceptions));
}
}
throw scope.Failed(AuthenticationFailedException.CreateAggregateException(DefaultExceptionMessage, new ReadOnlyMemory <object>(_sources, 0, i), exceptions));
}
public AuthenticationFailedException FailAndWrap(Exception ex)
{
if (!(ex is AuthenticationFailedException))
{
ex = new AuthenticationFailedException($"{_name.Substring(0, _name.IndexOf('.'))} authentication failed.", ex);
}
return((AuthenticationFailedException)Failed(ex));
}
public AuthenticationFailedException Failed(string message)
{
var exception = new AuthenticationFailedException(message);
AzureIdentityEventSource.Singleton.GetTokenFailed(_name, _context, exception);
_scope.Failed(exception);
return(exception);
}
public AuthenticationFailedException Failed(Exception ex)
{
if (!(ex is AuthenticationFailedException))
{
ex = new AuthenticationFailedException($"{_name.Substring(0, _name.IndexOf('.'))} authentication failed.", ex);
}
AzureIdentityEventSource.Singleton.GetTokenFailed(_name, _context, ex);
_scope.Failed(ex);
return((AuthenticationFailedException)ex);
}
public Exception FailWrapAndThrow(Exception ex)
{
if (ex is OperationCanceledException || ex is AuthenticationFailedException)
{
var info = ExceptionDispatchInfo.Capture(ex);
RegisterFailed(ex);
info.Throw();
}
ex = new AuthenticationFailedException($"{_name.Substring(0, _name.IndexOf('.'))} authentication failed.", ex);
RegisterFailed(ex);
throw ex;
}
public AuthenticationFailedException Failed(Exception ex)
{
if (!(ex is AuthenticationFailedException))
{
ex = new AuthenticationFailedException(Constants.AuthenticationUnhandledExceptionMessage, ex);
}
AzureIdentityEventSource.Singleton.GetTokenFailed(_name, _context, ex);
_scope.Failed(ex);
return((AuthenticationFailedException)ex);
}
/// <summary>
/// Sequentially calls <see cref="TokenCredential.GetToken"/> on all the specified sources, returning the first successfully obtained <see cref="AccessToken"/>. This method is called by Azure SDK clients. It isn't intended for use in application code.
/// </summary>
/// <param name="requestContext">The details of the authentication request.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
/// <returns>The first <see cref="AccessToken"/> returned by the specified sources. Any credential which raises a <see cref="CredentialUnavailableException"/> will be skipped.</returns>
public override async ValueTask <AccessToken> GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken = default)
{
List <Exception> exceptions = new List <Exception>();
for (int i = 0; i < _sources.Length; i++)
{
try
{
return(await _sources[i].GetTokenAsync(requestContext, cancellationToken).ConfigureAwait(false));
}
catch (CredentialUnavailableException e)
{
exceptions.Add(e);
}
catch (Exception e) when(!(e is OperationCanceledException))
{
exceptions.Add(e);
throw AuthenticationFailedException.CreateAggregateException(AggregateCredentialFailedErrorMessage + e.Message, new ReadOnlyMemory <object>(_sources, 0, i + 1), exceptions);
}
}
throw AuthenticationFailedException.CreateAggregateException(AggregateAllUnavailableErrorMessage, _sources, exceptions);
}
/// <summary>
/// Sequentially calls <see cref="TokenCredential.GetToken"/> on all the specified sources, returning the first successfully obtained <see cref="AccessToken"/>. This method is called by Azure SDK clients. It isn't intended for use in application code.
/// </summary>
/// <param name="requestContext">The details of the authentication request.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> controlling the request lifetime.</param>
/// <returns>The first <see cref="AccessToken"/> returned by the specified sources. Any credential which raises a <see cref="CredentialUnavailableException"/> will be skipped.</returns>
public override AccessToken GetToken(TokenRequestContext requestContext, CancellationToken cancellationToken = default)
{
List <Exception> exceptions = new List <Exception>();
for (int i = 0; i < _sources.Length; i++)
{
try
{
return(_sources[i].GetToken(requestContext, cancellationToken));
}
catch (CredentialUnavailableException e)
{
exceptions.Add(e);
}
catch (Exception e) when(!(e is OperationCanceledException))
{
exceptions.Add(e);
throw AuthenticationFailedException.CreateAggregateException(AggregateCredentialFailedErrorMessage + e.Message, exceptions);
}
}
throw AuthenticationFailedException.CreateAggregateException(AggregateAllUnavailableErrorMessage, exceptions);
}
