Skip to content

Commit

Permalink
Fixes login validation for system-assigned managed identity. Closes #…
Browse files Browse the repository at this point in the history
  • Loading branch information
milanholemans committed Dec 21, 2024
1 parent 1819fcc commit c856e6e
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 6 deletions.
9 changes: 9 additions & 0 deletions src/m365/commands/login.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -326,6 +326,15 @@ describe(commands.LOGIN, () => {
assert.strictEqual(auth.connection.userName, undefined, 'Incorrect userName set');
});

it('logs in to Microsoft 365 using system-assigned managed identity when authType identity set', async () => {
await command.action(logger, {
options: commandOptionsSchema.parse({
authType: 'identity'
})
});
assert.strictEqual(auth.connection.authType, AuthType.Identity, 'Incorrect authType set');
});

it('logs in to Microsoft 365 using client secret authType "secret" set', async () => {
await command.action(logger, {
options: commandOptionsSchema.parse({
Expand Down
12 changes: 6 additions & 6 deletions src/m365/commands/login.ts
Original file line number Diff line number Diff line change
Expand Up @@ -50,16 +50,16 @@ class LoginCommand extends Command {

public getRefinedSchema(schema: typeof options): z.ZodEffects<any> | undefined {
return schema
.refine(options => typeof options.appId !== 'undefined' || cli.getClientId(), {
message: `appId is required. TIP: use the "m365 setup" command to configure the default appId`,
.refine(options => typeof options.appId !== 'undefined' || cli.getClientId() || options.authType === 'identity', {
message: `appId is required. TIP: use the "m365 setup" command to configure the default appId.`,
path: ['appId']
})
.refine(options => options.authType !== 'password' || options.userName, {
message: 'Username is required when using password authentication',
message: 'Username is required when using password authentication.',
path: ['userName']
})
.refine(options => options.authType !== 'password' || options.password, {
message: 'Password is required when using password authentication',
message: 'Password is required when using password authentication.',
path: ['password']
})
.refine(options => options.authType !== 'certificate' || !(options.certificateFile && options.certificateBase64Encoded), {
Expand All @@ -71,13 +71,13 @@ class LoginCommand extends Command {
options.certificateBase64Encoded ||
cli.getConfig().get(settingsNames.clientCertificateFile) ||
cli.getConfig().get(settingsNames.clientCertificateBase64Encoded), {
message: 'Specify either certificateFile or certificateBase64Encoded',
message: 'Specify either certificateFile or certificateBase64Encoded.',
path: ['certificateFile']
})
.refine(options => options.authType !== 'secret' ||
options.secret ||
cli.getConfig().get(settingsNames.clientSecret), {
message: 'Secret is required when using secret authentication',
message: 'Secret is required when using secret authentication.',
path: ['secret']
});
}
Expand Down

0 comments on commit c856e6e

Please sign in to comment.