From d1a2e87cdc1b086ad74fb0cded4024e3705d6e94 Mon Sep 17 00:00:00 2001
From: Konstantin Plis <konstantin.plis@acronis.com>
Date: Thu, 12 Dec 2024 17:29:37 +0800
Subject: [PATCH] Port auth error handling from microsoft_app_credentials to
 certificate_app_credentials

---
 .../connector/auth/certificate_app_credentials.py    | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/libraries/botframework-connector/botframework/connector/auth/certificate_app_credentials.py b/libraries/botframework-connector/botframework/connector/auth/certificate_app_credentials.py
index 89dbe882d..31e845eb6 100644
--- a/libraries/botframework-connector/botframework/connector/auth/certificate_app_credentials.py
+++ b/libraries/botframework-connector/botframework/connector/auth/certificate_app_credentials.py
@@ -67,7 +67,17 @@ def get_access_token(self, force_refresh: bool = False) -> str:
         if not auth_token:
             # No suitable token exists in cache. Let's get a new one from AAD.
             auth_token = self.__get_msal_app().acquire_token_for_client(scopes=scopes)
-        return auth_token["access_token"]
+        if "access_token" in auth_token:
+            return auth_token["access_token"]
+        error = auth_token["error"] if "error" in auth_token else "Unknown error"
+        error_description = (
+            auth_token["error_description"]
+            if "error_description" in auth_token
+            else "Unknown error description"
+        )
+        raise PermissionError(
+            f"Failed to get access token with error: {error}, error_description: {error_description}"
+        )
 
     def __get_msal_app(self):
         if not self.app: