Skip to content

Commit 8cd2fdd

Browse files
rgmzrgmz
authored
feat(azure): log unhandled error codes (#3865)
1 parent d010607 commit 8cd2fdd

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

pkg/detectors/azure_entra/refreshtoken/refreshtoken.go

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -134,16 +134,18 @@ TokenLoop:
134134
continue
135135
} else if errors.Is(verificationErr, ErrTokenExpired) {
136136
continue TokenLoop
137+
} else {
138+
// Received an unexpected/unhandled error type.
139+
r = createResult(token, clientId, tenantId, isVerified, extraData, verificationErr)
140+
break ClientLoop
137141
}
138142
}
139143

140144
// The result is verified or there's only one associated client and tenant.
141145
if isVerified {
142-
r = createResult(tenantId, clientId, token, isVerified, extraData, verificationErr)
146+
r = createResult(token, clientId, tenantId, isVerified, extraData, verificationErr)
143147
break ClientLoop
144148
}
145-
146-
// The result may be valid for another client/tenant.
147149
}
148150
}
149151
}
@@ -244,17 +246,20 @@ func verifyMatch(ctx context.Context, client *http.Client, refreshToken string,
244246
// https://login.microsoftonline.com/error?code=9002313
245247
d := errResp.Description
246248
switch {
247-
case strings.HasPrefix(d, "AADSTS70008:"), strings.HasPrefix(d, "AADSTS700082:"):
249+
case strings.HasPrefix(d, "AADSTS70008:"),
250+
strings.HasPrefix(d, "AADSTS700082:"),
251+
strings.HasPrefix(d, "AADSTS70043:"):
248252
// https://login.microsoftonline.com/error?code=70008
249253
// https://login.microsoftonline.com/error?code=700082
254+
// https://login.microsoftonline.com/error?code=70043
250255
return false, nil, ErrTokenExpired
251256
case strings.HasPrefix(d, "AADSTS700016:"):
252257
// https://login.microsoftonline.com/error?code=700016
253258
return false, nil, ErrClientNotFoundInTenant
254259
case strings.HasPrefix(d, "AADSTS90002:"):
255260
// https://login.microsoftonline.com/error?code=90002
256261
return false, nil, ErrTenantNotFound
257-
case strings.HasPrefix(d, "AADSTS9002313"):
262+
case strings.HasPrefix(d, "AADSTS9002313:"):
258263
// This seems to be a generic "invalid token" error code.
259264
// 'invalid_grant': AADSTS9002313: Invalid request. Request is malformed or invalid.
260265
return false, nil, nil

0 commit comments

Comments
 (0)