From 7e16d9660fbfa1541f4ec823bd74c3da4027ee50 Mon Sep 17 00:00:00 2001 From: Christopher Suh Date: Fri, 28 Jul 2023 09:43:52 -0700 Subject: [PATCH] initial commit, added more relevant error codes (#24005) --- .../src/account-provider/auths/azureAuth.ts | 6 +++++- extensions/azurecore/src/constants.ts | 19 +++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/extensions/azurecore/src/account-provider/auths/azureAuth.ts b/extensions/azurecore/src/account-provider/auths/azureAuth.ts index fb64620a5d..26d61190c9 100644 --- a/extensions/azurecore/src/account-provider/auths/azureAuth.ts +++ b/extensions/azurecore/src/account-provider/auths/azureAuth.ts @@ -305,7 +305,11 @@ export abstract class AzureAuth implements vscode.Disposable { private accountNeedsRefresh(error: AuthError): boolean { return error instanceof InteractionRequiredAuthError || error.errorMessage.includes(Constants.AADSTS70043) - || error.errorMessage.includes(Constants.AADSTS50173); + || error.errorMessage.includes(Constants.AADSTS50173) + || error.errorMessage.includes(Constants.AADSTS50078) + || error.errorMessage.includes(Constants.AADSTS50085) + || error.errorMessage.includes(Constants.AADSTS50089) + || error.errorMessage.includes(Constants.AADSTS700084); } /** diff --git a/extensions/azurecore/src/constants.ts b/extensions/azurecore/src/constants.ts index a3759bf4ab..c657137418 100644 --- a/extensions/azurecore/src/constants.ts +++ b/extensions/azurecore/src/constants.ts @@ -96,6 +96,25 @@ export const AADSTS70043 = 'AADSTS70043'; * require reauthentication. Have the user sign in again. */ export const AADSTS50173 = 'AADSTS50173'; +/** + * UserStrongAuthExpired- Presented multi-factor authentication has expired due to policies configured by your administrator, + * you must refresh your multi-factor authentication to access '{resource}'. + */ +export const AADSTS50078 = 'AADSTS50078'; +/** + * Refresh token needs social IDP login. Have user try signing-in again with username -password + */ +export const AADSTS50085 = 'AADSTS50085'; +/** + * Authentication failed due to flow token expired. Expected - auth codes, refresh tokens, and sessions expire over time + * or are revoked by the user or an admin. The app will request a new login from the user. + */ +export const AADSTS50089 = 'AADSTS50089'; +/** + * The refresh token was issued to a single page app (SPA), and therefore has a fixed, limited lifetime of {time}, which can't be extended. + * It is now expired and a new sign in request must be sent by the SPA to the sign in page. The token was issued on {issueDate}. + */ +export const AADSTS700084 = 'AADSTS700084'; /** * multiple_matching_tokens error can occur in scenarios when users try to run ADS as different users, reference issue: