Description
Describe the bug
MSAL shows gibberish (mojibake) if localhost is accessed using HTTPS.
To Reproduce
Run
az login --debug
The login URL is
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?...redirect_uri=http%3A%2F%2Flocalhost%3A61886...
Even though redirect_uri is an HTTP URL http://localhost:61886/, we switch the protocol to HTTPS https://localhost:61886/ and visit it in the browser. In the real world, the protocol may be changed by the browser's policy (Azure/azure-cli#10426 (comment)).
Then the browser will show ERR_SSL_PROTOCOL_ERROR:
In the terminal, MSAL shows gibberish characters because these are actually HTTPS-encrypted binary stream.
msal.oauth2cli.authcode: code 400, message Bad request version ('\x08\x9e\x87\x95]ÈeÏ9íÏ\x82\x8aUÇÑ~\x03\x91W\x00')
msal.oauth2cli.authcode: "▬♥☺☻☺☺ü♥♥_↨Ò1ع6ÙÍß
«#p◄Á03ó#åy¦ð+Í }ºR;2þì7fâÅD¶apIè▼þµ*áÓ!V]-"ªª‼☺‼☻‼☻‼♥À+À/À,À0̨̩À‼À¶/5☺☺ZZÿ☺☺-☻☺☺♥☻☻
i♣♥☻h2
↕►♦♦♦☺♣♣♣♠♠☺↨+♠**♥♦♥♥
☻☺►
☻hhttp/1.13+)☺↔ ZMÁ7ðó►ã_·]ÈeÏ9íÏUÇÑ~♥W" 400 -
msal.oauth2cli.authcode: code 400, message Bad request version ('\x02h2\x08http/1.1\x00')
msal.oauth2cli.authcode: "▬♥☺☻☺☺ü♥♥ݶ5ã{ï£V♠ò_Ã♥
This issue is reported by Azure/azure-cli#25935, and the solution is Azure/azure-cli#10426 (comment).
Expected behavior
MSAL can consider capturing such error and warn the user incorrect protocol is used. I haven't deep dived into the implementation of http.server yet, but it is totally possible that this can't be achieved by MSAL.