I noticed that we currently have 2 util functions that let us determine whether an access token has app only permissions or not.
1st util function:
|
public static isAppOnlyAuth(accessToken: string): boolean | undefined { |
|
let isAppOnlyAuth: boolean | undefined; |
|
|
|
if (!accessToken || accessToken.length === 0) { |
|
return isAppOnlyAuth; |
|
} |
|
|
|
const chunks = accessToken.split('.'); |
|
if (chunks.length !== 3) { |
|
return isAppOnlyAuth; |
|
} |
|
|
|
const tokenString: string = Buffer.from(chunks[1], 'base64').toString(); |
|
try { |
|
const token: any = JSON.parse(tokenString); |
|
isAppOnlyAuth = !token.upn; |
|
} |
|
catch { |
|
} |
|
|
|
return isAppOnlyAuth; |
|
} |
|
} |
2nd util function:
|
isAppOnlyAccessToken(accessToken: string): boolean { |
|
let isAppOnlyAccessToken: boolean = false; |
|
|
|
if (!accessToken || accessToken.length === 0) { |
|
return isAppOnlyAccessToken; |
|
} |
|
|
|
const chunks = accessToken.split('.'); |
|
if (chunks.length !== 3) { |
|
return isAppOnlyAccessToken; |
|
} |
|
|
|
const tokenString: string = Buffer.from(chunks[1], 'base64').toString(); |
|
try { |
|
const token: any = JSON.parse(tokenString); |
|
isAppOnlyAccessToken = token.idtyp === 'app'; |
|
} |
|
catch { |
|
} |
|
|
|
return isAppOnlyAccessToken; |
|
}, |
I suggest that we remove option 1 and update option 2 to return boolean | undefined.
I noticed that we currently have 2 util functions that let us determine whether an access token has app only permissions or not.
1st util function:
cli-microsoft365/src/Auth.ts
Lines 682 to 704 in fa2dfa8
2nd util function:
cli-microsoft365/src/utils/accessToken.ts
Lines 2 to 23 in fa2dfa8
I suggest that we remove option 1 and update option 2 to return boolean | undefined.