Skip to content

For proactive refresh log error to otel and change token source to IDP #4561

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
neha-bhargava merged 21 commits into from
Feb 22, 2024
Merged

For proactive refresh log error to otel and change token source to IDP #4561

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
53e202d
For proactive refresh log error to otel and change token source to IDP
neha-bhargava Jan 23, 2024
f35ac00
Merge branch 'main' into nebharg/4492
neha-bhargava Jan 23, 2024
6872b72
Merge branch 'main' into nebharg/4492
SimonCropp Jan 23, 2024
d690690
Merge branch 'main' into nebharg/4492
bgavrilMS Jan 23, 2024
00abf0e
Merge branch 'main' into nebharg/4492
neha-bhargava Jan 23, 2024
00cc21e
Address comments
neha-bhargava Jan 24, 2024
ac4dfd3
Merge branch 'nebharg/4492' of https://github.com/AzureAD/microsoft-a…
neha-bhargava Jan 24, 2024
c8f973b
Merge branch 'main' into nebharg/4492
neha-bhargava Jan 24, 2024
3e9a03b
Merge branch 'main' into nebharg/4492
neha-bhargava Feb 5, 2024
c8b6595
Merge remote-tracking branch 'origin/main' into nebharg/4492
neha-bhargava Feb 8, 2024
7c19bfc
Update as discussed in doc
neha-bhargava Feb 13, 2024
615f26f
Merge branch 'main' into nebharg/4492
neha-bhargava Feb 13, 2024
e71c5f9
Add tests for OBO to validate telemetry
neha-bhargava Feb 15, 2024
680a66c
Merge branch 'nebharg/4492' of https://github.com/AzureAD/microsoft-a…
neha-bhargava Feb 15, 2024
29f4187
Address comments
neha-bhargava Feb 16, 2024
4b9ec02
Update tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/…
neha-bhargava Feb 16, 2024
39cbfdb
Merge branch 'main' into nebharg/4492
neha-bhargava Feb 20, 2024
774d08a
Address comments
neha-bhargava Feb 20, 2024
0a386b2
Merge branch 'main' into nebharg/4492
neha-bhargava Feb 21, 2024
cd01204
Merge branch 'main' into nebharg/4492
neha-bhargava Feb 22, 2024
fc745d9
Merge branch 'main' into nebharg/4492
neha-bhargava Feb 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/client/Microsoft.Identity.Client/AuthenticationResultMetadata.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ public AuthenticationResultMetadata(TokenSource tokenSource)
/// <summary>
/// The source of the token in the result.
/// </summary>
public TokenSource TokenSource { get; }
public TokenSource TokenSource { get; internal set; }
Comment thread
neha-bhargava marked this conversation as resolved.
Outdated

/// <summary>
/// The token endpoint used to contact the Identity Provider (e.g. Azure Active Directory).
Expand Down
3 changes: 2 additions & 1 deletion src/client/Microsoft.Identity.Client/Internal/Requests/ClientCredentialRequest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(CancellationTok
if (proactivelyRefresh)
{
AuthenticationRequestParameters.RequestContext.ApiEvent.CacheInfo = CacheRefreshReason.ProactivelyRefreshed;
authResult.AuthenticationResultMetadata.TokenSource = TokenSource.IdentityProvider;

SilentRequestHelper.ProcessFetchInBackground(
cachedAccessTokenItem,
Expand All @@ -79,7 +80,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(CancellationTok
// Use a linked token source, in case the original cancellation token source is disposed before this background task completes.
using var tokenSource = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken);
return GetAccessTokenAsync(tokenSource.Token, logger);
}, logger);
}, logger, ServiceBundle, AuthenticationRequestParameters.RequestContext.ApiEvent.ApiId.ToString());
}
}
catch (MsalServiceException e)
Expand Down
4 changes: 2 additions & 2 deletions src/client/Microsoft.Identity.Client/Internal/Requests/ManagedIdentityAuthRequest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(CancellationTok
logger.Info("[ManagedIdentityRequest] Initiating a proactive refresh.");

AuthenticationRequestParameters.RequestContext.ApiEvent.CacheInfo = CacheRefreshReason.ProactivelyRefreshed;
authResult.AuthenticationResultMetadata.TokenSource = TokenSource.IdentityProvider;

SilentRequestHelper.ProcessFetchInBackground(
cachedAccessTokenItem,
Expand All @@ -69,7 +70,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(CancellationTok
// Use a linked token source, in case the original cancellation token source is disposed before this background task completes.
using var tokenSource = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken);
return GetAccessTokenAsync(tokenSource.Token, logger);
}, logger);
}, logger, ServiceBundle, AuthenticationRequestParameters.RequestContext.ApiEvent.ApiId.ToString());
}
}
catch (MsalServiceException e)
Expand Down Expand Up @@ -99,7 +100,6 @@ private async Task<AuthenticationResult> GetAccessTokenAsync(
AuthenticationResult authResult;
MsalAccessTokenCacheItem cachedAccessTokenItem = null;


// Requests to a managed identity endpoint must be throttled;
// otherwise, the endpoint will throw a HTTP 429.
logger.Verbose(() => "[ManagedIdentityRequest] Entering managed identity request semaphore.");
Expand Down
3 changes: 2 additions & 1 deletion src/client/Microsoft.Identity.Client/Internal/Requests/OnBehalfOfRequest.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(CancellationTok
if (shouldRefresh)
{
AuthenticationRequestParameters.RequestContext.ApiEvent.CacheInfo = CacheRefreshReason.ProactivelyRefreshed;
authResult.AuthenticationResultMetadata.TokenSource = TokenSource.IdentityProvider;

SilentRequestHelper.ProcessFetchInBackground(
cachedAccessToken,
Expand All @@ -128,7 +129,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(CancellationTok
// Use a linked token source, in case the original cancellation token source is disposed before this background task completes.
using var tokenSource = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken);
return RefreshRtOrFetchNewAccessTokenAsync(tokenSource.Token);
}, logger);
}, logger, ServiceBundle, AuthenticationRequestParameters.RequestContext.ApiEvent.ApiId.ToString());
}
}

Expand Down
10 changes: 6 additions & 4 deletions src/client/Microsoft.Identity.Client/Internal/Requests/RequestBase.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ public async Task<AuthenticationResult> RunAsync(CancellationToken cancellationT
AuthenticationRequestParameters.RequestContext.Logger.ErrorPii(ex);
LogMsalErrorTelemetryToClient(ex, telemetryEventDetails, telemetryClients);

LogMsalFailedTelemetryToOtel(ex.ErrorCode);
LogMsalFailedTelemetryToOtel(ex.ErrorCode, apiEvent.ApiId.ToString());
throw;
}
catch (Exception ex)
Expand All @@ -115,7 +115,7 @@ public async Task<AuthenticationResult> RunAsync(CancellationToken cancellationT
AuthenticationRequestParameters.RequestContext.Logger.ErrorPii(ex);
LogMsalErrorTelemetryToClient(ex, telemetryEventDetails, telemetryClients);

LogMsalFailedTelemetryToOtel(ex.GetType().Name);
LogMsalFailedTelemetryToOtel(ex.GetType().Name, apiEvent.ApiId.ToString());
throw;
}
finally
Expand All @@ -137,12 +137,14 @@ private void LogMsalSuccessTelemetryToOtel(AuthenticationResult authenticationRe
AuthenticationRequestParameters.RequestContext.Logger);
}

private void LogMsalFailedTelemetryToOtel(string errorCodeToLog)
private void LogMsalFailedTelemetryToOtel(string errorCodeToLog, string apiId)
{
// Log metrics
ServiceBundle.PlatformProxy.OtelInstrumentation.LogFailedMetrics(
ServiceBundle.PlatformProxy.GetProductName(),
errorCodeToLog);
errorCodeToLog,
apiId,
false);
}

private void LogMsalErrorTelemetryToClient(Exception ex, MsalTelemetryEventDetails telemetryEventDetails, ITelemetryClient[] telemetryClients)
Expand Down
3 changes: 2 additions & 1 deletion src/client/Microsoft.Identity.Client/Internal/Requests/Silent/CacheSilentStrategy.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@ public async Task<AuthenticationResult> ExecuteAsync(CancellationToken cancellat
if (shouldRefresh)
{
AuthenticationRequestParameters.RequestContext.ApiEvent.CacheInfo = CacheRefreshReason.ProactivelyRefreshed;
authResult.AuthenticationResultMetadata.TokenSource = TokenSource.IdentityProvider;

SilentRequestHelper.ProcessFetchInBackground(
cachedAccessTokenItem,
Expand All @@ -98,7 +99,7 @@ public async Task<AuthenticationResult> ExecuteAsync(CancellationToken cancellat
// Use a linked token source, in case the original cancellation token source is disposed before this background task completes.
using var tokenSource = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken);
return RefreshRtOrFailAsync(tokenSource.Token);
}, logger);
}, logger, ServiceBundle, AuthenticationRequestParameters.RequestContext.ApiEvent.ApiId.ToString());
}
}

Expand Down
21 changes: 20 additions & 1 deletion src/client/Microsoft.Identity.Client/Internal/Requests/SilentRequestHelper.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,10 +82,14 @@ internal static bool NeedsRefresh(MsalAccessTokenCacheItem oldAccessToken, out D
internal static void ProcessFetchInBackground(
MsalAccessTokenCacheItem oldAccessToken,
Func<Task<AuthenticationResult>> fetchAction,
ILoggerAdapter logger)
ILoggerAdapter logger,
IServiceBundle serviceBundle,
string apiId)
{
_ = Task.Run(async () =>
{
string error = null;

try
{
await fetchAction().ConfigureAwait(false);
Expand All @@ -101,14 +105,29 @@ internal static void ProcessFetchInBackground(
{
logger.ErrorPiiWithPrefix(ex, logMsg);
}

error = ex.ErrorCode;
}
catch (OperationCanceledException ex)
{
logger.WarningPiiWithPrefix(ex, ProactiveRefreshCancellationError);
error = ex.GetType().Name;
}
catch (Exception ex)
{
logger.ErrorPiiWithPrefix(ex, ProactiveRefreshGeneralError);
error = ex.GetType().Name;
}
finally
Comment thread
neha-bhargava marked this conversation as resolved.
Outdated
{
if (!string.IsNullOrEmpty(error))
{
serviceBundle.PlatformProxy.OtelInstrumentation.LogFailedMetrics(
serviceBundle.PlatformProxy.GetProductName(),
error,
apiId,
true);
}
}
});
}
Expand Down
23 changes: 16 additions & 7 deletions src/client/Microsoft.Identity.Client/Platforms/Features/OpenTelemetry/OtelInstrumentation.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,13 +95,20 @@ void IOtelInstrumentation.LogSuccessMetrics(
AuthenticationResultMetadata authResultMetadata,
ILoggerAdapter logger)
{
var tokenSource = authResultMetadata.TokenSource;

//if (authResultMetadata.CacheRefreshReason == CacheRefreshReason.ProactivelyRefreshed)
//{
// tokenSource = TokenSource.IdentityProvider;
Comment thread
neha-bhargava marked this conversation as resolved.
Outdated
//}

if (s_successCounter.Value.Enabled)
{
s_successCounter.Value.Add(1,
new(TelemetryConstants.MsalVersion, MsalIdHelper.GetMsalVersion()),
new(TelemetryConstants.Platform, platform),
new(TelemetryConstants.ApiId, apiId),
new(TelemetryConstants.TokenSource, authResultMetadata.TokenSource),
new(TelemetryConstants.TokenSource, tokenSource),
new(TelemetryConstants.CacheRefreshReason, authResultMetadata.CacheRefreshReason),
new(TelemetryConstants.CacheLevel, cacheLevel));
logger.Info("[OpenTelemetry] Completed incrementing to isSuccessful counter.");
Expand All @@ -113,7 +120,7 @@ void IOtelInstrumentation.LogSuccessMetrics(
new(TelemetryConstants.MsalVersion, MsalIdHelper.GetMsalVersion()),
new(TelemetryConstants.Platform, platform),
new(TelemetryConstants.ApiId, apiId),
new(TelemetryConstants.TokenSource, authResultMetadata.TokenSource),
new(TelemetryConstants.TokenSource, tokenSource),
new(TelemetryConstants.CacheLevel, cacheLevel));
}

Expand All @@ -127,7 +134,7 @@ void IOtelInstrumentation.LogSuccessMetrics(
}

// Only log duration in HTTP when token is fetched from IDP
if (s_durationInHttp.Value.Enabled && authResultMetadata.TokenSource.Equals(TokenSource.IdentityProvider))
if (s_durationInHttp.Value.Enabled && tokenSource.Equals(TokenSource.IdentityProvider))
Comment thread
neha-bhargava marked this conversation as resolved.
Outdated
{
s_durationInHttp.Value.Record(authResultMetadata.DurationInHttpInMs,
new(TelemetryConstants.MsalVersion, MsalIdHelper.GetMsalVersion()),
Expand All @@ -136,26 +143,28 @@ void IOtelInstrumentation.LogSuccessMetrics(
}

// Only log duration in microseconds when the cache level is L1.
if (s_durationInL1CacheInUs.Value.Enabled && authResultMetadata.TokenSource.Equals(TokenSource.Cache)
if (s_durationInL1CacheInUs.Value.Enabled && tokenSource.Equals(TokenSource.Cache)
&& authResultMetadata.CacheLevel.Equals(CacheLevel.L1Cache))
{
s_durationInL1CacheInUs.Value.Record(totalDurationInUs,
new(TelemetryConstants.MsalVersion, MsalIdHelper.GetMsalVersion()),
new(TelemetryConstants.Platform, platform),
new(TelemetryConstants.ApiId, apiId),
new(TelemetryConstants.TokenSource, authResultMetadata.TokenSource),
new(TelemetryConstants.TokenSource, tokenSource),
new(TelemetryConstants.CacheLevel, cacheLevel));
}
}

void IOtelInstrumentation.LogFailedMetrics(string platform, string errorCode)
void IOtelInstrumentation.LogFailedMetrics(string platform, string errorCode, string apiId, bool isProactiveTokenRefresh)
{
if (s_failureCounter.Value.Enabled)
{
s_failureCounter.Value.Add(1,
new(TelemetryConstants.MsalVersion, MsalIdHelper.GetMsalVersion()),
new(TelemetryConstants.Platform, platform),
new(TelemetryConstants.ErrorCode, errorCode));
new(TelemetryConstants.ErrorCode, errorCode),
new(TelemetryConstants.ApiId, apiId),
Comment thread
neha-bhargava marked this conversation as resolved.
new(TelemetryConstants.IsProactiveRefresh, isProactiveTokenRefresh));
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion src/client/Microsoft.Identity.Client/TelemetryCore/OpenTelemetry/IOtelInstrumentation.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,6 @@ internal void LogSuccessMetrics(
long totalDurationInUs,
AuthenticationResultMetadata authResultMetadata,
ILoggerAdapter logger);
internal void LogFailedMetrics(string platform, string errorCode);
internal void LogFailedMetrics(string platform, string errorCode, string apiId, bool isProactiveTokenRefresh);
}
}
2 changes: 1 addition & 1 deletion src/client/Microsoft.Identity.Client/TelemetryCore/OpenTelemetry/NullOtelInstrumentation.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ public void LogSuccessMetrics(
// No op
}

public void LogFailedMetrics(string platform, string errorCode)
public void LogFailedMetrics(string platform, string errorCode, string apiId, bool isProactiveTokenRefresh)
{
// No op
}
Expand Down
1 change: 1 addition & 0 deletions src/client/Microsoft.Identity.Client/TelemetryCore/TelemetryConstants.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ internal static class TelemetryConstants
public const string ClientId = "ClientId";
public const string Platform = "Platform";
public const string ApiId = "ApiId";
public const string IsProactiveRefresh = "IsProactiveRefresh";

#endregion
}
Expand Down
Loading