Skip to content
This repository has been archived by the owner on Sep 7, 2023. It is now read-only.

Improved error message to steer users to .WithLinuxUnprotectedFile() or host workaround #154

Open
NeilMacMullen opened this issue Sep 22, 2021 · 2 comments
Open

Improved error message to steer users to .WithLinuxUnprotectedFile() or host workaround #154

NeilMacMullen opened this issue Sep 22, 2021 · 2 comments
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@NeilMacMullen
Copy link

When executing the following code on an application targeting .net 5 and the linux-x64 runtime and running on WSL (Ubuntu)

var storageProperties = new StorageCreationPropertiesBuilder(
        ".msalcache.bin", _directory)
        .WithCacheChangedEvent(_config.ClientId)
       .Build();
_cacheHelper = await MsalCacheHelper.CreateAsync(storageProperties);

I receive this exception:

System.ArgumentNullException: Value cannot be null. (Parameter 'attributeKey1')
   at Microsoft.Identity.Client.Extensions.Msal.LinuxKeyringAccessor..ctor(String cacheFilePath, String keyringCollection, String keyringSchemaName, String keyringSecretLabel, String attributeKey1, String attributeValue1, String attributeKey2, String attributeValue2, TraceSourceLogger logger)
   at Microsoft.Identity.Client.Extensions.Msal.Storage.Create(StorageCreationProperties creationProperties, TraceSource logger)
   at Microsoft.Identity.Client.Extensions.Msal.MsalCacheHelper..ctor(StorageCreationProperties storageCreationProperties, TraceSource logger, HashSet`1 knownAccountIds, FileSystemWatcher cacheWatcher)
   at Microsoft.Identity.Client.Extensions.Msal.MsalCacheHelper.CreateAsync(StorageCreationProperties storageCreationProperties, TraceSource logger)

A workaround is to add .WithLinuxUnprotectedFile()

var storageProperties = new StorageCreationPropertiesBuilder(
        ".msalcache.bin", _directory)
        .WithLinuxUnprotectedFile() // bypass secure storage
        .WithCacheChangedEvent(_config.ClientId)
       .Build();

It's also possible there is some piece of Linux magic that would allow the code to work with secure-storage (install lib-secret?)

I would suggest that if possible this scenario should be detected and a more useful exception/message generated. E.g. "No secure storage available: create Storage using "WithLinuxUnprotectedFile" or install lib-secret using "sudu apt-get install....".
@jmprieur jmprieur added the enhancement New feature or request label Sep 27, 2021
@bgavrilMS bgavrilMS added bug Something isn't working P2 and removed enhancement New feature or request labels Apr 18, 2022
@bgavrilMS bgavrilMS added the good first issue Good for newcomers label Aug 3, 2022
@bgavrilMS
Copy link
Member

@mjcheetham - what does GCM on WSL ?

@mjcheetham
Copy link

If you install GCM on Windows, and then 'link' to it from the WSL Git via config, we use the Windows APIs/cache storage.

If you install GCM natively in WSL, we treat it identically to a normal Linux install. We will try and use WithLinuxKeyring(..) - we then catch MsalCachePersistenceExceptions from .VerifyPersistence() and retry with WithLinuxUnprotectedFile() (and print a warning to the user).

https://github.com/GitCredentialManager/git-credential-manager/blob/bdc20d91d325d66647f2837ffb4e2b2fe98d7e70/src/shared/Core/Authentication/MicrosoftAuthentication.cs#L371-L407

@bgavrilMS bgavrilMS added enhancement New feature or request and removed bug Something isn't working P2 labels May 5, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mjcheetham @NeilMacMullen @bgavrilMS @jmprieur