Merge pull request #305 from mjcheetham/osx-msal-restartmsg

Include better warning message on MSAL Keychain errors
git-ecosystem · Mar 10, 2021 · 293204e · 293204e
2 parents 3c3ae22 + 49ca302
commit 293204e
Showing 1 changed file with 13 additions and 3 deletions.
diff --git a/src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs b/src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
@@ -236,13 +236,23 @@ private async Task RegisterTokenCacheAsync(IPublicClientApplication app)
             }
             catch (MsalCachePersistenceException ex)
             {
-                Context.Streams.Error.WriteLine("warning: cannot persist Microsoft Authentication data securely!");
+                Context.Streams.Error.WriteLine("warning: cannot persist Microsoft authentication token cache securely!");
                 Context.Trace.WriteLine("Cannot persist Microsoft Authentication data securely!");
                 Context.Trace.WriteException(ex);
 
-                // On Linux the SecretService/keyring might not be available so we must fall-back to a plaintext file.
-                if (PlatformUtils.IsLinux())
+                if (PlatformUtils.IsMacOS())
                 {
+                    // On macOS sometimes the Keychain returns the "errSecAuthFailed" error - we don't know why
+                    // but it appears to be something to do with not being able to access the keychain.
+                    // Locking and unlocking (or restarting) often fixes this.
+                    Context.Streams.Error.WriteLine(
+                        "warning: there is a problem accessing the login Keychain - either manually lock and unlock the " +
+                        "login Keychain, or restart the computer to remedy this");
+                }
+                else if (PlatformUtils.IsLinux())
+                {
+                    // On Linux the SecretService/keyring might not be available so we must fall-back to a plaintext file.
+                    Context.Streams.Error.WriteLine("warning: using plain-text fallback token cache");
                     Context.Trace.WriteLine("Using fall-back plaintext token cache on Linux.");
                     var storageProps = CreateTokenCacheProps(clientId, useLinuxFallback: true);
                     helper = await MsalCacheHelper.CreateAsync(storageProps);