From 0b85ece2a53c1a5a67f9a88e631ba6278c2c4d92 Mon Sep 17 00:00:00 2001 From: Peter Ombwa Date: Wed, 24 May 2023 16:24:45 -0700 Subject: [PATCH 1/2] Write MSAL logs to debug stream. --- .../Utilities/AuthenticationHelpers.cs | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs b/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs index d7981db84c9..86bda5def4e 100644 --- a/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs +++ b/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs @@ -2,11 +2,13 @@ // Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information. // ------------------------------------------------------------------------------ using Azure.Core; +using Azure.Core.Diagnostics; using Azure.Identity; using Microsoft.Graph.PowerShell.Authentication.Core.Extensions; using Microsoft.Identity.Client; using Microsoft.Identity.Client.Extensions.Msal; using System; +using System.Diagnostics.Tracing; using System.Globalization; using System.IO; using System.Linq; @@ -201,8 +203,14 @@ public static async Task AuthenticateAsync(IAuthContext authContex { try { - signInAuthContext = await SignInAsync(authContext, cancellationToken).ConfigureAwait(false); - retrySignIn = false; + // Write MSAL logs to debug stream. + using (AzureEventSourceListener listener = new AzureEventSourceListener( + (args, message) => GraphSession.Instance.OutputWriter.WriteDebug($"{message}"), + level: EventLevel.Informational)) + { + signInAuthContext = await SignInAsync(authContext, cancellationToken).ConfigureAwait(false); + retrySignIn = false; + }; } catch (AuthenticationFailedException authEx) { From ed132462539f3e6fe1012d4c4218f098f5ba1453 Mon Sep 17 00:00:00 2001 From: Peter Ombwa Date: Wed, 24 May 2023 17:12:42 -0700 Subject: [PATCH 2/2] Add pester test to validate debug logs. --- .../Authentication/test/Connect-MgGraph.Tests.ps1 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1 b/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1 index 8e07a5f4f5c..06f213272df 100644 --- a/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1 +++ b/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1 @@ -95,9 +95,17 @@ Describe 'Connect-MgGraph In App Mode' { } } + Describe 'Connect-MgGraph Dependency Resolution' { It 'Should load Mg module side by side with Az module.' { { Connect-AzAccount -ApplicationId $RandomClientId -CertificateThumbprint "Invalid" -Tenant "Invalid" -ErrorAction Stop } | Should -Throw -ExpectedMessage "*Could not find tenant id*" { Connect-MgGraph -TenantId "thisdomaindoesnotexist.com" -ErrorAction Stop -UseDeviceAuthentication } | Should -Throw -ExpectedMessage "*AADSTS90002*" } +} + +Describe 'Connect-MgGraph Logging' { + It 'Should write MSAL logs to debug stream.' { + $MgDebugStream = $(Connect-MgGraph -TenantId "thisdomaindoesnotexist.com" -UseDeviceAuthentication -Debug -ErrorAction SilentlyContinue) 5>&1 + $MgDebugStream[0] | Should -Match "DeviceCodeCredential.Authenticate invoked. Scopes: \[ User.Read \]" + } } \ No newline at end of file