Microsoft.Identity.Web Library

Microsoft.Identity.Web

Microsoft.Identity.Web version

3.x

Web app

Not Applicable

Web API

Not Applicable

Token cache serialization

Not Applicable

Description

When using a custom credential that has not been wired up, Microsoft.Identity.Web logs an error but proceeds further. This leads to a situation where an obscure exception occurs "Delegate is null". This is because ID.web eventually calls MSAL with WithClientAssertion(null)

It would be better to throw a meaningful exception instead.

The code is here:

Reproduction steps

1. Configure a custom credential in appsetttings.config, e.g. FmiSignedAssertion or OidcFicAssertion
2. Forget to wire up the credential, e.g. AddOidcFic()
3. GetAuthorizationHeader

Actual: a "Delegate is null" exception is thrown
Expected: an exception with a message like "You configured a custom assertion but did not load it. Custom assertion name: OidcFic. You need to add a reference to the credential package and call services.AddXYZ, e.g. services.AddOidcFic"

Error message

No response

Id Web logs

No response

Relevant code snippets

n

Regression

No response

Expected behavior

throw better ex