Move auth error messages out of the bundle#7744
Merged
Merged
Conversation
konstantin-msft
commented
May 12, 2025
konstantin-msft
commented
Collaborator
- Move auth error messages out of the bundle
github-actions
Bot
added
documentation
konstantin-msft
requested review from
a team,
Robbie-Microsoft,
hectormmg,
jo-arroyo,
lalimasharda,
peterzenz,
sameerag,
shylasummers and
tnorling
as code owners
tnorling
reviewed
May 14, 2025
tnorling
previously approved these changes
May 14, 2025
tnorling
left a comment
tnorling
left a comment
Collaborator
There was a problem hiding this comment.
I'd also like to see some sort of CI validation that a message actually exists in the doc for all error codes. I'm happy to treat that as its own separate work item, however, just calling it out as a requirement to call this work complete.
konstantin-msft
force-pushed
the
move_error_message_to_markdown
branch
from
1e6185a to
1df8a91
Compare
Collaborator
Author
Will address this in a follow-up PR |
tnorling
reviewed
May 20, 2025
tnorling
previously approved these changes
May 20, 2025
tnorling
reviewed
May 20, 2025
tnorling
approved these changes
May 21, 2025
lalimasharda
approved these changes
May 21, 2025
jo-arroyo
reviewed
May 21, 2025
jo-arroyo
left a comment
jo-arroyo
left a comment
Contributor
There was a problem hiding this comment.
Hi, I know this is merged already, but I noticed some potentially broken links that may need to be addressed in a separate PR, and there are some other suggestions that you can choose to take or not.
| - Exceeded cache storage capacity. | ||
|
|
||
| **[Other](#other)** | ||
| This error occurs when MSAL.js surpasses the allotted storage limit when attempting to save token information in the [configured cache storage](./caching.md#cache-storage). See [here](https://developer.mozilla.org/en-US/docs/Web/API/Storage_API/Storage_quotas_and_eviction_criteria#web_storage) for web storage limits. |
Contributor
There was a problem hiding this comment.
The link to the caching doc may need to be changed now that this doc has been moved out of msal-browser
|
|
||
| **Mitigation**: | ||
|
|
||
| 1. Make sure the configured cache storage has enough capacity to allow MSAL.js to persist token payload. The amount of cache storage required depends on the number of [cached artifacts](./caching.md#cached-artifacts). |
Contributor
There was a problem hiding this comment.
Same here for caching doc
| **Mitigation**: | ||
|
|
||
| 1. Make sure the configured cache storage has enough capacity to allow MSAL.js to persist token payload. The amount of cache storage required depends on the number of [cached artifacts](./caching.md#cached-artifacts). | ||
| 2. Disable [claimsBasedCachingEnabled](./configuration.md#cache-config-options) cache config option. When enabled, it caches access tokens under a key containing the hash of the requested claims. Depending on the MSAL.js API usage, it may result in the vast number of access tokens persisted in the cache storage. |
Contributor
There was a problem hiding this comment.
Same here for configuration doc
| - Nonce mismatch error. | ||
|
|
||
| ### `auth_time_not_found` | ||
| - Max Age was requested and the ID token is missing the auth_time variable auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information. |
Contributor
There was a problem hiding this comment.
Suggested change
| - Max Age was requested and the ID token is missing the auth_time variable auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information. | |
| - Max Age was requested and the ID token is missing the auth_time variable. auth_time is an optional claim and is not enabled by default - it must be enabled. See https://aka.ms/msaljs/optional-claims for more information. |
| - The provided authority does not support logout. | ||
|
|
||
| ### `key_id_missing` | ||
| - A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key. |
Contributor
There was a problem hiding this comment.
Suggested change
| - A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key. | |
| - A keyId value is missing from the requested bound token's cache record and is required to match the token to its stored binding key. |
| import { TestTimeUtils } from "msal-test-utils"; | ||
| import { PopupRequest } from "../../src/request/PopupRequest.js"; | ||
| import { emptyNavigateUri } from "../../src/error/BrowserAuthErrorCodes.js"; | ||
| import { getDefaultErrorMessage } from "../../src/error/BrowserAuthError.js"; |
Contributor
There was a problem hiding this comment.
Can this be combined with the import on line 59 above?
| TestTimeUtils, | ||
| } from "msal-test-utils"; | ||
| import { BrowserPerformanceClient } from "../../src/telemetry/BrowserPerformanceClient.js"; | ||
| import { getDefaultErrorMessage } from "../../src/error/BrowserAuthError.js"; |
Contributor
There was a problem hiding this comment.
Can this be combined with the import on line 69 above?
| import { AuthenticationResult } from "../../src/response/AuthenticationResult.js"; | ||
| import { SilentRequest } from "../../src/request/SilentRequest.js"; | ||
| import { SsoSilentRequest } from "../../src/index.js"; | ||
| import { getDefaultErrorMessage } from "../../src/error/BrowserAuthError.js"; |
| createClientAuthError, | ||
| } from "../../src/error/ClientAuthError"; | ||
| import { AuthError } from "../../src/error/AuthError"; | ||
| import { getDefaultErrorMessage } from "../../src/error/AuthError.js"; |
Contributor
There was a problem hiding this comment.
Combine with line above?
| createJoseHeaderError, | ||
| } from "../../src/error/JoseHeaderError"; | ||
| import { AuthError } from "../../src/error/AuthError"; | ||
| import { getDefaultErrorMessage } from "../../src/error/AuthError.js"; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.