DownstreamAPI does not indicate API failures unless trying to deserialize to an output object #2426
Description
Microsoft.Identity.Web Library
Microsoft.Identity.Web
Microsoft.Identity.Web version
2.11.1
Web app
Sign-in users and call web APIs
Web API
Protected web APIs call downstream web APIs
Token cache serialization
Not Applicable
Description
When using any of the convenience methods in DownstreamApi.HttpMethods.cs, if you do not try to deserialize the response into an object, then you will never get the return code from the API.
In the downstream api code, the only place response.EnsureSuccessStatusCode() is called is in the private DeserializeOutput method.
In order to call an api endpoint that only returns a status code one must call CallApiForUser, and manually set the http method, and then manually check for success on the response.
It appears that all the convenience methods in HttpMethods are setup to catch the HttpRequestException the only thing missing is to call EnsureSuccessStatusCode on the response.
Reproduction steps
Use DeleteForUserAsync<TOutput> to call any api that returns 404.
There is no indication that the call failed.
Error message
No response
Id Web logs
No response
Relevant code snippets
public async Task<IActionResult> OnPostDeleteAsync()
{
Logger.LogTrace("Entering OnPostDeleteAsync");
try
{
await API.DeleteForUserAsync("API", string.Empty, options =>{
options.RelativePath = $"RideEvents/{Id}";
});
}
catch(Exception ex)
{
Logger.LogError(ex, "Exception trying to delete RideEvent Id {Id}", Id);
PreviousPageAction = "RideEvent/Edit/OnPostDelete";
PreviousPageErrorMessage = $"Error deleting RideEvent. {ex.Message}";
}
return RedirectToPage("Index");
}Regression
No response
Expected behavior
I expect API.DeleteForUserAsync to throw an HttpResponseException with details of the non-success error code the api returned.