Map the notorious AADSTS7000218 to RedirectUriError in this WAM context

rayluo · rayluo · commit ef7107f05df6 · 2022-05-04T22:14:43.000-07:00
diff --git a/msal/broker.py b/msal/broker.py
@@ -45,7 +45,10 @@ def complete(self, result):
 
 def _convert_error(error, client_id):
     context = error.get_context()  # Available since pymsalruntime 0.0.4
-    if "AADSTS50011" in context:  # In WAM, this could happen on both interactive and silent flows
+    if (
+            "AADSTS50011" in context  # In WAM, this could happen on both interactive and silent flows
+            or "AADSTS7000218" in context  # This "request body must contain ... client_secret" is just a symptom of current app has no WAM redirect_uri
+            ):
         raise RedirectUriError(  # This would be seen by either the app developer or end user
             "MsalRuntime won't work unless this one more redirect_uri is registered to current app: "
             "ms-appx-web://Microsoft.AAD.BrokerPlugin/{}".format(client_id))
