From 9d058ecc05a1286f2a1eae31463eb721f32a389d Mon Sep 17 00:00:00 2001 From: Milan Holemans <11723921+milanholemans@users.noreply.github.com> Date: Sat, 21 Dec 2024 17:24:56 +0100 Subject: [PATCH] Fixes login validation for system-assigned managed identity. Closes #6527 --- src/m365/commands/login.spec.ts | 9 +++++++++ src/m365/commands/login.ts | 12 ++++++------ 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/src/m365/commands/login.spec.ts b/src/m365/commands/login.spec.ts index 55a07940e26..3fdfb363119 100644 --- a/src/m365/commands/login.spec.ts +++ b/src/m365/commands/login.spec.ts @@ -326,6 +326,15 @@ describe(commands.LOGIN, () => { assert.strictEqual(auth.connection.userName, undefined, 'Incorrect userName set'); }); + it('logs in to Microsoft 365 using system-assigned managed identity when authType identity set', async () => { + await command.action(logger, { + options: commandOptionsSchema.parse({ + authType: 'identity' + }) + }); + assert.strictEqual(auth.connection.authType, AuthType.Identity, 'Incorrect authType set'); + }); + it('logs in to Microsoft 365 using client secret authType "secret" set', async () => { await command.action(logger, { options: commandOptionsSchema.parse({ diff --git a/src/m365/commands/login.ts b/src/m365/commands/login.ts index ad60b239b8e..ec2e111da21 100644 --- a/src/m365/commands/login.ts +++ b/src/m365/commands/login.ts @@ -50,16 +50,16 @@ class LoginCommand extends Command { public getRefinedSchema(schema: typeof options): z.ZodEffects | undefined { return schema - .refine(options => typeof options.appId !== 'undefined' || cli.getClientId(), { - message: `appId is required. TIP: use the "m365 setup" command to configure the default appId`, + .refine(options => typeof options.appId !== 'undefined' || cli.getClientId() || options.authType === 'identity', { + message: `appId is required. TIP: use the "m365 setup" command to configure the default appId.`, path: ['appId'] }) .refine(options => options.authType !== 'password' || options.userName, { - message: 'Username is required when using password authentication', + message: 'Username is required when using password authentication.', path: ['userName'] }) .refine(options => options.authType !== 'password' || options.password, { - message: 'Password is required when using password authentication', + message: 'Password is required when using password authentication.', path: ['password'] }) .refine(options => options.authType !== 'certificate' || !(options.certificateFile && options.certificateBase64Encoded), { @@ -71,13 +71,13 @@ class LoginCommand extends Command { options.certificateBase64Encoded || cli.getConfig().get(settingsNames.clientCertificateFile) || cli.getConfig().get(settingsNames.clientCertificateBase64Encoded), { - message: 'Specify either certificateFile or certificateBase64Encoded', + message: 'Specify either certificateFile or certificateBase64Encoded.', path: ['certificateFile'] }) .refine(options => options.authType !== 'secret' || options.secret || cli.getConfig().get(settingsNames.clientSecret), { - message: 'Secret is required when using secret authentication', + message: 'Secret is required when using secret authentication.', path: ['secret'] }); }