Get ConditionalAccessPolicies: Enum Deserialization Issue: 'Password,microsoftAuthenticatorPush' Not Recognized when Authentication Strengths are used

[gu1llaume-b]

Description

When attempting to deserialize the JSON response from the Microsoft Graph API, specifically for the AuthenticationMethodModes enum, the value 'Password,microsoftAuthenticatorPush' is not recognized, leading to a KeyError and subsequent Exception. This value appears to be a valid value returned by the API (in case Authentication Strengths are being used in Conditional Access policies) but is not accounted for in the enum class.

Error Message

Traceback (most recent call last):
File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 199, in get_enum_value
return enum_class[camel_case_key]  # type: ignore
File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\enum.py", line 355, in getitem
return cls.member_map[name]
KeyError: 'Password,microsoftAuthenticatorPush'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
Traceback (most recent call last):
  File "C:\tmp\test\main.py", line 77, in <module>
    asyncio.run(main())
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\asyncio\runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\asyncio\base_events.py", line 642, in run_until_complete
    return future.result()
  File "C:\tmp\test\main.py", line 43, in main
    await make_graph_call(graph)
  File "C:\tmp\test\main.py", line 73, in make_graph_call
    await graph.make_graph_call()
  File "C:\tmp\test\graph.py", line 52, in make_graph_call
    CAPs = await self.user_client.policies.conditional_access_policies.get()
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\msgraph\generated\policies\conditional_access_policies\conditional_access_policies_request_builder.py", line 65, in get
    return await self.request_adapter.send_async(request_info, ConditionalAccessPolicyCollectionResponse, error_mapping)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_http\httpx_request_adapter.py", line 181, in send_async
    value = root_node.get_object_value(parsable_factory)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 212, in get_object_value
    self._assign_field_values(result)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 281, in _assign_field_values
    field_deserializer(JsonParseNode(field_value))
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\msgraph\generated\models\conditional_access_policy_collection_response.py", line 40, in <lambda>
    "value": lambda n : setattr(self, 'value', n.get_collection_of_object_values(ConditionalAccessPolicy)),
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 163, in get_collection_of_object_values
    return list(
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 165, in <lambda>
    lambda x: self._create_new_node(x).get_object_value(factory),  # type: ignore
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 212, in get_object_value
    self._assign_field_values(result)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 281, in _assign_field_values
    field_deserializer(JsonParseNode(field_value))
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\msgraph\generated\models\conditional_access_policy.py", line 72, in <lambda>
    "grantControls": lambda n : setattr(self, 'grant_controls', n.get_object_value(ConditionalAccessGrantControls)),
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 212, in get_object_value
    self._assign_field_values(result)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 281, in _assign_field_values
    field_deserializer(JsonParseNode(field_value))
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\msgraph\generated\models\conditional_access_grant_controls.py", line 54, in <lambda>
    "authenticationStrength": lambda n : setattr(self, 'authentication_strength', n.get_object_value(AuthenticationStrengthPolicy)),
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 212, in get_object_value
    self._assign_field_values(result)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 281, in _assign_field_values
    field_deserializer(JsonParseNode(field_value))
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\msgraph\generated\models\authentication_strength_policy.py", line 66, in <lambda>
    "allowedCombinations": lambda n : setattr(self, 'allowed_combinations', n.get_collection_of_enum_values(AuthenticationMethodModes)),
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 177, in get_collection_of_enum_values
    return list(
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 178, in <lambda>
    map(lambda x: self._create_new_node(x).get_enum_value(enum_class), self._json_node)
  File "C:\Users\user\AppData\Local\Programs\Python\Python39\lib\site-packages\kiota_serialization_json\json_parse_node.py", line 201, in get_enum_value
    raise Exception(f'Invalid key: {camel_case_key} for enum {enum_class}.')
Exception: Invalid key: Password,microsoftAuthenticatorPush for enum <enum 'AuthenticationMethodModes'>.

Steps to Reproduce

1. Make a request to the Microsoft Graph API to retrieve Conditional Access policies: await self.user_client.policies.conditional_access_policies.get()
2. Observe the deserialization process for the AuthenticationMethodModes enum.
3. Encounter a KeyError and Exception due to an unrecognized enum value, when authn strengths are being used in CAPs (here, Password and Microsoft Authenticator push notification)

Expected Behavior

The enum class AuthenticationMethodModes should include all valid values returned by the Microsoft Graph API, and the deserialization process should handle these values without errors.

Actual Behavior

The deserialization process raises a KeyError and Exception because the AuthenticationMethodModes enum does not include the value 'Password,microsoftAuthenticatorPush'.

Possible Solution

Update the AuthenticationMethodModes enum class to include the missing value 'Password,microsoftAuthenticatorPush', or provide guidance on how to handle this value if it is not intended to be part of the enum.

[nopian]

I'm running into the same issue. Is no one using this SDK to read conditional access policies that have authentication strengths set? The beta SDK has the same problem: microsoftgraph/msgraph-beta-sdk-python#162

[andrueastman]

This is sort of related to the comment at microsoft/kiota-dotnet#277

Alignment is needed for the seriliazation library to not throw an error in the event the API changes and returns a new member when the client has not updated to the latest version of the library.

[fey101]

When fixing this, confirm also microsoft/kiota-serialization-json-dotnet#222 is fixed since they seem related.