Identity v2 logging impovements (#45296)

Author: lmolkova

sdk/identity-v2/azure-identity/checkstyle-suppressions.xml

@@ -15,11 +15,13 @@
   <suppress files="com.azure.v2.identity.implementation.client.DevToolsClient.java" checks="JavadocMethodCheck" />
   <suppress files="com.azure.v2.identity.implementation.client.DevToolsClient.java" checks="MissingJavadocTypeCheck" />
   <suppress files="com.azure.v2.identity.implementation.client.DevToolsClient.java" checks="com.azure.tools.checkstyle.checks.ThrowFromClientLoggerCheck" />
+  <suppress files="com.azure.v2.identity.implementation.client.PersistentTokenCacheImpl.java" checks="com.azure.tools.checkstyle.checks.ThrowFromClientLoggerCheck" />
   <suppress files="com.azure.v2.identity.implementation.client.AzureToolkitCacheAccessor.java" checks="MissingJavadocMethodCheck" />
   <suppress files="com.azure.v2.identity.implementation.client.AzureToolkitCacheAccessor.java" checks="com.azure.tools.checkstyle.checks.JavadocThrowsChecks" />
   <suppress files="com.azure.v2.identity.implementation.client.AzureToolkitCacheAccessor.java" checks="com.azure.tools.checkstyle.checks.ThrowFromClientLoggerCheck" />
   <suppress files="com.azure.v2.identity.implementation.client.PersistentTokenCacheImpl.java" checks="MissingJavadocMethodCheck" />
   <suppress files="com.azure.v2.identity.implementation.client.PersistentTokenCacheImpl.java" checks="MissingJavadocTypeCheck" />
   <suppress files="com.azure.v2.identity.implementation.models.PublicClientOptions.java" checks="GoodLoggingCheck" />
+  <suppress files="com.azure.v2.identity.[\w]+Credential.java" checks="com.azure.tools.checkstyle.checks.ThrowFromClientLoggerCheck" />
 
 </suppressions>

sdk/identity-v2/azure-identity/pom.xml

@@ -59,8 +59,9 @@
     <dependency>
       <groupId>io.clientcore</groupId>
       <artifactId>core</artifactId>
-      <version>1.0.0-beta.9</version> <!-- {x-version-update;io.clientcore:core;dependency} -->
+      <version>1.0.0-beta.10</version> <!-- {x-version-update;unreleased_io.clientcore:core;dependency} -->
     </dependency>
+
     <dependency>
       <groupId>com.azure.v2</groupId>
       <artifactId>azure-core</artifactId>

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/AuthorizationCodeCredential.java

@@ -17,6 +17,8 @@
 import io.clientcore.core.instrumentation.logging.ClientLogger;
 import io.clientcore.core.utils.CoreUtils;
 
+import static com.azure.v2.identity.implementation.util.LoggingUtil.logAndThrowTokenError;
+
 /**
  * <p>Authorization Code authentication in Azure is a type of authentication mechanism that allows users to
  * authenticate with <a href="https://learn.microsoft.com/entra/fundamentals/">Microsoft Entra ID</a>
@@ -96,9 +98,8 @@ public AccessToken getToken(TokenRequestContext request) {
             cache.updateCache(accessToken, publicClientOptions, request);
             LoggingUtil.logTokenSuccess(LOGGER, request);
             return accessToken;
-        } catch (Exception e) {
-            LoggingUtil.logTokenError(LOGGER, request, e);
-            throw LOGGER.logThrowableAsError(new CredentialAuthenticationException(e.getMessage(), e));
+        } catch (RuntimeException e) {
+            throw logAndThrowTokenError(LOGGER, request, e, CredentialAuthenticationException::new);
         }
     }
 }

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/AuthorizationCodeCredentialBuilder.java

@@ -81,7 +81,7 @@ public AuthorizationCodeCredentialBuilder redirectUrl(String redirectUrl) {
         try {
             this.publicClientOptions.setRedirectUri(new URI(redirectUrl));
         } catch (URISyntaxException e) {
-            throw LOGGER.logThrowableAsError(new IllegalArgumentException(e));
+            throw LOGGER.throwableAtError().log(e, IllegalArgumentException::new);
         }
         return this;
     }

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/AzureCliCredential.java

@@ -13,6 +13,8 @@
 import io.clientcore.core.credentials.oauth.AccessToken;
 import io.clientcore.core.instrumentation.logging.ClientLogger;
 
+import static com.azure.v2.identity.implementation.util.LoggingUtil.logAndThrowTokenError;
+
 /**
  * <p>The Azure CLI is a command-line tool that allows users to manage Azure resources from their local machine or
  * terminal. It allows users to
@@ -69,12 +71,11 @@ public AccessToken getToken(TokenRequestContext request) {
             AccessToken accessToken = devToolslClient.authenticateWithAzureCli(request);
             LoggingUtil.logTokenSuccess(LOGGER, request);
             return accessToken;
-        } catch (Exception ex) {
-            LoggingUtil.logTokenError(LOGGER, request, ex);
-            if (devToolslClient.getClientOptions().isChained()) {
-                throw LOGGER.logThrowableAsError(new CredentialUnavailableException(ex.getMessage(), ex));
-            }
-            throw LOGGER.logThrowableAsError(new CredentialAuthenticationException(ex.getMessage(), ex));
+        } catch (RuntimeException ex) {
+            throw logAndThrowTokenError(LOGGER, request, ex,
+                devToolslClient.getClientOptions().isChained()
+                    ? CredentialUnavailableException::new
+                    : CredentialAuthenticationException::new);
         }
     }
 }

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/AzureDeveloperCliCredential.java

@@ -13,6 +13,8 @@
 import io.clientcore.core.credentials.oauth.AccessToken;
 import io.clientcore.core.instrumentation.logging.ClientLogger;
 
+import static com.azure.v2.identity.implementation.util.LoggingUtil.logAndThrowTokenError;
+
 /**
  * <p>Azure Developer CLI is a command-line interface tool that allows developers to create, manage, and deploy
  * resources in Azure. It's built on top of the Azure CLI and provides additional functionality specific
@@ -72,12 +74,11 @@ public AccessToken getToken(TokenRequestContext request) {
             AccessToken accessToken = devToolslClient.authenticateWithAzureDeveloperCli(request);
             LoggingUtil.logTokenSuccess(LOGGER, request);
             return accessToken;
-        } catch (Exception ex) {
-            LoggingUtil.logTokenError(LOGGER, request, ex);
-            if (devToolslClient.getClientOptions().isChained()) {
-                throw LOGGER.logThrowableAsError(new CredentialUnavailableException(ex.getMessage(), ex));
-            }
-            throw LOGGER.logThrowableAsError(new CredentialAuthenticationException(ex.getMessage(), ex));
+        } catch (RuntimeException ex) {
+            throw logAndThrowTokenError(LOGGER, request, ex,
+                devToolslClient.getClientOptions().isChained()
+                    ? CredentialUnavailableException::new
+                    : CredentialAuthenticationException::new);
         }
     }
 }

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/AzurePipelinesCredential.java

@@ -18,11 +18,14 @@
 import io.clientcore.core.http.models.HttpRequest;
 import io.clientcore.core.http.models.Response;
 import io.clientcore.core.instrumentation.logging.ClientLogger;
+import io.clientcore.core.models.CoreException;
 import io.clientcore.core.models.binarydata.BinaryData;
 import io.clientcore.core.serialization.json.JsonReader;
 
 import java.io.IOException;
 
+import static com.azure.v2.identity.implementation.util.LoggingUtil.logAndThrowTokenError;
+
 /**
  * The {@link AzurePipelinesCredential} acquires a token using the Azure Pipelines service connection.
  * <p>
@@ -76,15 +79,15 @@ public class AzurePipelinesCredential implements TokenCredential {
                         }
                         message
                             += "For troubleshooting information see https://aka.ms/azsdk/java/identity/azurepipelinescredential/troubleshoot.";
-                        throw LOGGER.logThrowableAsError(new CredentialAuthenticationException(message));
+                        throw LOGGER.throwableAtError().log(message, CredentialAuthenticationException::new);
                     }
                     try (JsonReader reader = JsonReader.fromString(responseBody)) {
                         return OidcTokenResponse.fromJson(reader).getOidcToken();
                     }
                 }
             } catch (IOException e) {
-                throw LOGGER.logThrowableAsError(
-                    new CredentialAuthenticationException("Failed to get the client assertion token", e));
+                throw LOGGER.throwableAtError()
+                    .log("Failed to get the client assertion token", e, CredentialAuthenticationException::new);
             }
         });
         this.confidentialClient = new ConfidentialClient(confidentialClientOptions);
@@ -98,16 +101,15 @@ public AccessToken getToken(TokenRequestContext request) {
                 LoggingUtil.logTokenSuccess(LOGGER, request);
                 return token;
             }
-        } catch (Exception ignored) {
+        } catch (RuntimeException ignored) {
         }
 
         try {
             AccessToken token = confidentialClient.authenticate(request);
             LoggingUtil.logTokenSuccess(LOGGER, request);
             return token;
-        } catch (Exception e) {
-            LoggingUtil.logTokenError(LOGGER, request, e);
-            throw LOGGER.logThrowableAsError(new RuntimeException(e));
+        } catch (RuntimeException e) {
+            throw logAndThrowTokenError(LOGGER, request, e, CoreException::from);
         }
     }
 }

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/AzurePowerShellCredential.java

@@ -13,6 +13,8 @@
 import io.clientcore.core.credentials.oauth.AccessToken;
 import io.clientcore.core.instrumentation.logging.ClientLogger;
 
+import static com.azure.v2.identity.implementation.util.LoggingUtil.logAndThrowTokenError;
+
 /**
  * <p>The Azure Powershell is a command-line tool that allows users to manage Azure resources from their local machine
  * or terminal. It allows users to
@@ -68,12 +70,11 @@ public AccessToken getToken(TokenRequestContext request) {
             AccessToken accessToken = devToolslClient.authenticateWithAzurePowerShell(request);
             LoggingUtil.logTokenSuccess(LOGGER, request);
             return accessToken;
-        } catch (Exception ex) {
-            LoggingUtil.logTokenError(LOGGER, request, ex);
-            if (devToolslClient.getClientOptions().isChained()) {
-                throw LOGGER.logThrowableAsError(new CredentialUnavailableException(ex.getMessage(), ex));
-            }
-            throw LOGGER.logThrowableAsError(new CredentialAuthenticationException(ex.getMessage(), ex));
+        } catch (RuntimeException ex) {
+            throw logAndThrowTokenError(LOGGER, request, ex,
+                devToolslClient.getClientOptions().isChained()
+                    ? CredentialUnavailableException::new
+                    : CredentialAuthenticationException::new);
         }
     }
 }

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/AzureToolkitCredential.java

@@ -17,6 +17,8 @@
 
 import java.util.concurrent.atomic.AtomicReference;
 
+import static com.azure.v2.identity.implementation.util.LoggingUtil.logAndThrowTokenError;
+
 /**
  * <p>
  * The AzureToolkitCredential authenticates in a development environment and acquires a token on behalf of the
@@ -87,20 +89,19 @@ public AccessToken getToken(TokenRequestContext request) {
             if (cachedToken.get() != null) {
                 return publicClient.authenticateWithPublicClientCache(request, cachedToken.get().getAccount());
             }
-        } catch (Exception ex) {
+        } catch (RuntimeException ex) {
         }
 
         try {
             MsalToken msalToken = publicClient.authenticateWithAzureToolkit(request);
             cachedToken.set(msalToken);
             LoggingUtil.logTokenSuccess(LOGGER, request);
             return msalToken;
-        } catch (Exception ex) {
-            LoggingUtil.logTokenError(LOGGER, request, ex);
-            if (publicClient.getClientOptions().isChained()) {
-                throw LOGGER.logThrowableAsError(new CredentialUnavailableException(ex.getMessage(), ex));
-            }
-            throw LOGGER.logThrowableAsError(new CredentialAuthenticationException(ex.getMessage(), ex));
+        } catch (RuntimeException ex) {
+            throw logAndThrowTokenError(LOGGER, request, ex,
+                publicClient.getClientOptions().isChained()
+                    ? CredentialUnavailableException::new
+                    : CredentialAuthenticationException::new);
         }
     }
 }

sdk/identity-v2/azure-identity/src/main/java/com/azure/v2/identity/ChainedTokenCredential.java

@@ -9,7 +9,6 @@
 import com.azure.v2.identity.exceptions.CredentialUnavailableException;
 import io.clientcore.core.credentials.oauth.AccessToken;
 import io.clientcore.core.instrumentation.logging.ClientLogger;
-import io.clientcore.core.instrumentation.logging.LogLevel;
 
 import java.util.ArrayList;
 import java.util.Collections;
@@ -69,61 +68,54 @@ public AccessToken getToken(TokenRequestContext request) {
         if (selectedCredential.get() != null && useCachedWorkingCredential) {
             try {
                 AccessToken accessToken = selectedCredential.get().getToken(request);
-                logTokenMessage("Azure Identity => Returning token from cached credential {}",
-                    selectedCredential.get());
+                LOGGER.atInfo()
+                    .addKeyValue("credentialType", selectedCredential.get().getClass().getCanonicalName())
+                    .log("Azure Identity => Returning token from cached credential.");
                 return accessToken;
-            } catch (Exception e) {
+            } catch (RuntimeException e) {
                 handleException(e, selectedCredential.get(), exceptions,
-                    "Azure Identity => Cached credential {} is unavailable.", selectedCredential.get());
+                    "Azure Identity => Cached credential is unavailable.");
             }
         } else {
             for (TokenCredential credential : credentials) {
                 try {
                     AccessToken accessToken = credential.getToken(request);
-                    logTokenMessage("Azure Identity => Attempted credential {} returns a token", credential);
+                    LOGGER.atInfo()
+                        .addKeyValue("credentialType", selectedCredential.get().getClass().getCanonicalName())
+                        .log("Azure Identity => Attempted credential returns a token.");
                     selectedCredential.set(credential);
                     return accessToken;
 
-                } catch (Exception e) {
+                } catch (RuntimeException e) {
                     handleException(e, credential, exceptions,
-                        "Azure Identity => Attempted credential {} is unavailable.", credential);
+                        "Azure Identity => Attempted credential is unavailable.");
                 }
             }
         }
 
-        CredentialUnavailableException last = exceptions.get(exceptions.size() - 1);
+        String lastMessage = exceptions.get(exceptions.size() - 1).getMessage();
         for (int z = exceptions.size() - 2; z >= 0; z--) {
             CredentialUnavailableException current = exceptions.get(z);
-            last = new CredentialUnavailableException(current.getMessage() + "\r\n" + last.getMessage()
+            lastMessage = current.getMessage() + "\r\n" + lastMessage
                 + (z == 0
                     ? "To mitigate this issue, please refer to the troubleshooting guidelines here at "
                         + "https://aka.ms/azure-identity-java-default-azure-credential-troubleshoot"
-                    : ""));
+                    : "");
         }
-        throw LOGGER.logThrowableAsError(last);
-    }
-
-    private void logTokenMessage(String format, TokenCredential selectedCredential) {
-        LOGGER.atLevel(LogLevel.INFORMATIONAL)
-            .log(String.format(format, selectedCredential.getClass().getSimpleName()));
-    }
-
-    private String getCredUnavailableMessage(TokenCredential p, Exception t) {
-        return unavailableError + p.getClass().getSimpleName() + " authentication failed. Error Details: "
-            + t.getMessage();
+        throw LOGGER.throwableAtError().log(lastMessage, CredentialUnavailableException::new);
     }
 
     private void handleException(Exception e, TokenCredential selectedCredential,
-        List<CredentialUnavailableException> exceptions, String logMessage, TokenCredential selectedCredential1) {
+        List<CredentialUnavailableException> exceptions, String logMessage) {
         if (e.getClass() != CredentialUnavailableException.class) {
-            throw LOGGER.logThrowableAsError(
-                new CredentialAuthenticationException(getCredUnavailableMessage(selectedCredential, e), e));
-        } else {
-            if (e instanceof CredentialUnavailableException) {
-                exceptions.add((CredentialUnavailableException) e);
-            }
+
+            throw LOGGER.throwableAtError()
+                .addKeyValue("credentialType", selectedCredential.getClass().getCanonicalName())
+                .log(unavailableError, e, CredentialAuthenticationException::new);
         }
-        logTokenMessage(logMessage, selectedCredential1);
+
+        exceptions.add((CredentialUnavailableException) e);
+        LOGGER.atInfo().addKeyValue("credentialType", selectedCredential.getClass().getCanonicalName()).log(logMessage);
     }
 
     WorkloadIdentityCredential getWorkloadIdentityCredentialIfPresent() {