Add manual tracing to Identity

[xirzec]

This PR:

• Adds tracing to the Identity client with manual Span propagation
• Creates a new TestTracer for use in unit tests
• Adds some unit tests to Identity that use TestTracer
• Removes an unnecessary interface from core-tracing
• Adds SpanOptions to RequestPrepareOptions in core-http

This PR cleans up a previous effort by Sarangan (pull #5019).

Love to get feedback on the feel of the tests, if there is anything folks would like to see done differently.

[chradek]

Overall looks good! "Hide whitespace changes" helped ;)

[chradek]

Nit: missing semi-colon.

[xirzec]

Good eyes! Definitely need to get lint working...

[chradek]

Would it be safer to check the err.name for AuthenticationError?

[xirzec]

So it's true that errors from another context (e.g. iframe) will fail instanceof checks, but the downside of using name is that if you want inheritance in your Error objects then you can't handle classes of errors together.

E.g. you can imagine doing something like

class ValidationError extends Error {}

class RangeError extends ValidationError {}

try { 
// something
} catch (e) {
  if (e instanceof ValidationError) {
    // this works for RangeError!
  }
}

I'm flexible on if we want to move to a name-based pattern (or some other approach), but since Identity was already relying on instanceof AuthenticationError in other code, I think keeping it consistent is fine for now.

/cc @bterlson if he has any design guidance for us.

[xirzec]

I talked to Brian. This usage of instanceof probably is safe, but he was generally in favor of moving to checking name since we don't have plans for hierarchical errors anytime soon. I'll look at switching this over.

[chradek]

Gotcha. I think we had had some issue when using custom errors in core-amqp that made us switch to doing the name check but I’ll have to double-check to confirm. Didn’t realize it was already being done in the rest of the SDK and generally agree to favor consistency.

[xirzec]

Moved this over to using name checks, please take another look

[chradek]

Should the status of the span be a failure in this case? Unauthenticated?

[xirzec]

I think UNAVAILABLE makes more sense here, since we're checking the availability of the endpoint. Good spotting that catch wasn't rethrowing here.

[daviwil]

Looks great for the most part! The testing approach looks solid. A few other comments below

[daviwil]

The purpose of this loop is to try each credential in the chain until one is able to authenticate successfully. If there are 3 credentials in the chain and the first two throw an exception but the last succeeds, shouldn't the span be considered successful? Maybe we should only trace in line 44/53 below where the AggregateAuthenticationError gets thrown and use the message from that exception instead.

[chradek]

The span is specific to the work it wraps. I think we do actually want to see that some spans failed, as it's the trace that will ultimately succeed (if there's a top-level span that wraps the chain, that could indicate success or failure as well).

For example, it can be useful for the customer to see that the 1st credential always fails, or only the 1st and 3rd pass. Then they could create their own chain if they wanted. Or maybe they think they are using one credential but it turns out that one is failing and they always fall back to another.

[chradek]

Oh I see, the span is started outside the loop, not inside. (Missed that context when just reading the comment).

[daviwil]

When should we use UNKNOWN versus UNAUTHENTICATED? Seems like a distinction might need to be made on the error type as done elsewhere in this PR.

[xirzec]

UNKNOWN is the generic failure; I agree with adding the error type checking here.

[daviwil]

Maybe UNAUTHENTICATED?

[daviwil]

Maybe UNAUTHENTICATED?

[daviwil]

Maybe UNAUTHENTICATED?

[daviwil]

Looks good, thanks a lot!