[Issue] azd auth login does not use BROWSER env

[heaths]

• Make sure you've installed the latest version using instructions in the wiki

Output from azd version
Run azd version and copy and paste the output here: azd version 0.9.0-beta.3 (commit e564b12)

Describe the bug
Despite having the BROWSER env var defined as "explorer.exe" - a not uncommon practice in WSL2 - I get an error when I try to run azd auth login:

ERROR: logging in: failed to authenticate: exec: "xdg-open,x-www-browser,www-browser": executable file not found in $PATH

I'd prefer not to install any of these as it pulls in a lot of dependencies I don't need for WSL2, where I do most of my non-C# development.

To Reproduce

1. Provision a fresh distro in WSL2
2. Install azd
3. (Assuming bash): export BROWSER="explorer.exe"
4. azd auth login

Expected behavior
My default browser should open.

Environment
Information on your environment:
* Language name and version: go version go1.20.1 linux/amd64
* IDE and version: none (WSL2)

[weikanglim]

MSAL library uses pkg/browser.

Related issue here: pkg/browser#41

[ellismg]

One thing to note is that we use a slightly different package in the implementation of azd monitor to open a web-browser, which IIRC is a fork of pkg/browser that the GitHub folks wrote, which also respects BROWSER before falling back to xdg-open.

It would be nice perhaps if the MSAL library allowed us to provide some function with a signature like OpenBrowser(url string) error so they didn't have to have policy here, maybe we can open a PR.

@heaths, one thing to note, is that I think with --no-install-recommends the footprint of xdg-utils should be quite small, since I think it is just shell scripts. IIRC, xdg-open itself respects BROWSER when it is set.

You could also consider putting some simple xdg-open script on the path that just does $BROWSER $1 or something.

[heaths]

Thanks. I will give that a try. If xdg-open can be installed minimally and I can do without the BROWSER env var, even better. Lately (not sure exactly when it started), Windows 11 is opening explorer.exe itself when it didn't before. Wonder if that was a regression (intentional or otherwise) when explorer.exe was refreshed with tabs and more.

[heaths]

Update: it was a small install for xdg-utils, yes, but doesn't work. azd auth open reports, "xdg-open: no method available for opening ***". Oddly, it opens explorer.exe twice as opposed to other CLIs e.g., gh, that open it only once. So xdg-open does use the BROWSER env var but not successfully.

Fortunately, I can work around this using azd auth login --use-device-code but it'd be nice for users not to have to worry about this. I suspect - I hope, rather - we have a healthy community of devs on Windows using WSL2.

FWIW, without xdg-open, az login works (though it still pops my explorer window).

[heaths]

Update 2: sudo apt install --no-install-recommends wslu - which installs wslview - works with and without BROWSER being set.

That said, whether I'm running azd auth login or azd auth login --use-device-code, I'm getting a separate error, "login expired, run azd auth login to log in". Probably unrelated, but I even ran and verified sudo hwclock -s.

[enjoysparkling]

Had the same error this morning on a fresh install of azd. I ran azd auth login --use-device-code to get around it.

Note, I did also have to use sudo hwclock -s for an az login error (because the laptop came back from sleep mode?).

Edit: this was on WSL2 Ubuntu

[ellismg]

FWIW - I opened AzureAD/microsoft-authentication-library-for-go#422 in MSAL to give us the ability to configure what package is used to open the browser. With this change, we should be able to provide an implementation that honors BROWSER before falling back to xdg-open or the other tools that pkg/browser looks for.

[rajeshkamal5050]

@vhvb1989 can you take care of consuming the above MSAL changes once they are released?

[vhvb1989]

See #2446

for wsl with ubuntu 22 on win11, azd requires: sudo apt update && sudo apt install xdg-utils wslu

[weikanglim]

Full instructions for wslu on WSL installation here: https://wslutiliti.es/wslu/install.html

[heaths]

This auth flow works in other commands without wslu, though. While that works around the problem, not requiring additional dependencies that similar CLIs e.g., az don't need would probably be ideal for user adoption and ease of use.

[weikanglim]

I do agree with that. It looks like what az relies on as a fallback is using powershell.exe -C "Start-Process <url>". Supposedly, if WSL is set up to allow include the Windows host PATH (default installation option), this would allow Windows to handle opening the URL with the default configured browser.

AzureAD/microsoft-authentication-library-for-python#332
https://github.com/AzureAD/microsoft-authentication-library-for-python/pull/333/files

Something less nice about this is that it takes 4-8 seconds for me:

weilim@weilim-z4:~$ time powershell.exe -NoProfile -Command "Start-Process www.bing.com"

real    0m8.062s
user    0m0.000s
sys     0m0.009s

[weikanglim]

I think we're also supporting BROWSER with this change?

[heaths]

Odd they choose powershell. It has a slower startup cost. You could instead cmd.exe /s /c start "%s". Much faster.

[vhvb1989]

Odd they choose powershell. It has a slower startup cost. You could instead cmd.exe /s /c start "%s". Much faster.

@heaths @weikanglim , it looks like cmd requires a more elaborated set of scape characters. For example, I had to replace & for ^& (for the query parameters). Idk if that's the only thing to scape of if there will be more stuff in the future.

I am setting powershell as the fallback when cmd start fails: https://github.com/Azure/azure-dev/pull/2576/files#diff-ffdf55a2ce62d4d28c8ba5ef58397ce1fce6d062f4dc19cec32450cc72dbdb65R371

[weikanglim]

Using wikipedia, with original source, and ss64 as the base reference then conducting my own testing:

The special characters seems to be: <, >, ^, | and &. I did not observe (, ), and \ needing escape:

package main

import (
	"fmt"
	"os"
	"os/exec"
)

func main() {
	res, err := exec.Command("cmd.exe", "/C", "start", "http://localhost:8080/?^<^>^|^^^&a=1^&b=2\\()").CombinedOutput()
	fmt.Println(string(res))

	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}
}