Don't return an empty user message string in OIDC flow (#10663)

Author: joelverhagen

src/NuGetGallery.Services/Authentication/Federated/FederatedCredentialPolicyEvaluator.cs

@@ -144,7 +144,8 @@ public async Task<OidcTokenEvaluationResult> GetMatchingPolicyAsync(
                 }
             }
 
-            return OidcTokenEvaluationResult.NoMatchingPolicy(disclosableErrors.ToString());
+            string? userError = disclosableErrors.Length > 0 ? disclosableErrors.ToString() : null;
+            return OidcTokenEvaluationResult.NoMatchingPolicy(userError);
         }
 
         private async Task ExecuteAdditionalValidatorsAsync(NameValueCollection requestHeaders, TokenContext context)

src/NuGetGallery.Services/Telemetry/QuietLog.cs

@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
@@ -47,7 +47,7 @@ private static void LogHandledExceptionCore(Exception e, string aggregateExcepti
             try
             {
                 // send exception to AppInsights
-                Telemetry.TrackException(e, new Dictionary<string, string>
+                Telemetry?.TrackException(e, new Dictionary<string, string>
                 {
                     { "aggregateExceptionId", aggregateExceptionId }
                 });
@@ -97,4 +97,4 @@ internal static Dictionary<string, string> GetObfuscatedServerVariables(HttpCont
             return obfuscatedServerVariables;
         }
     }
-}
+}

tests/NuGetGallery.Facts/Authentication/Federated/FederatedCredentialPolicyEvaluatorFacts.cs

@@ -228,6 +228,7 @@ public async Task ReturnsNoMatchingPolicyWhenNoneAreProvided()
 
                 // Assert
                 Assert.Equal(OidcTokenEvaluationResultType.NoMatchingPolicy, evaluation.Type);
+                Assert.Null(evaluation.UserError);
 
                 AssertNoPoliciesCredentialAudit();
             }