improve client exceptions around auth failures due to traffic routing failures
I just spent a couple days trying to figure out why we couldn't use a service principal to auth against KeyVault from our on prem servers.
It turned out we had failed to setup SNAT rules for a bank of machines, but none of the exceptions emitted by the client libraries were at all helpful in figuring this out.
I've attached sample exceptions we got from the 2 different versions of the nuget packages we tried, but it was basically these 2 messages:
Exception Message: Access token could not be acquired. Object reference not set to an instance of an object.
Exception Message: Access token could not be acquired. authority_validation_failed: Unknown error
Neither of which were clearly indicating that we were unable to establish a network connection up to the required endpoints.