@pnp/cli-microsoft365 4.3.0-beta.fd397f5 → 4.3.0

package/.devcontainer/devcontainer.json

@@ -2,7 +2,15 @@
   "name": "CLI for Microsoft 365",
   "dockerFile": "Dockerfile",
   "settings": {
-    "terminal.integrated.shell.linux": "/bin/zsh"
+    "terminal.integrated.profiles.linux": {
+        "zsh": {
+          "path": "/bin/zsh",
+          "args": [
+            "-l"
+          ]
+        }
+      },
+      "terminal.integrated.defaultProfile.linux": "zsh"
   },
   "postCreateCommand": "npm i && npm run clean && npm run build && npm link",
   "extensions": [

package/README.md

@@ -179,7 +179,7 @@ m365 spo site get --url https://contoso.sharepoint.com --output text
 
 ## Build
 
-To build and run this CLI locally, you will need [`node`](https://nodejs.org) `>= 14.0.0` installed.
+To build and run this CLI locally, you will need [`node`](https://nodejs.org) `>= 16.0.0` installed.
 
 ```sh
 # Clone this repository

package/dist/Utils.js

@@ -40,6 +40,9 @@ class Utils {
             }
         });
     }
+    static isValidGuidArray(guids) {
+        return guids.every(guid => this.isValidGuid(guid));
+    }
     static isValidGuid(guid) {
         const guidRegEx = new RegExp(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i);
         return guidRegEx.test(guid);

package/dist/appInsights.js

@@ -20,7 +20,8 @@ const env = process.env.CLIMICROSOFT365_ENV !== undefined ? process.env.CLIMICRO
 appInsights.defaultClient.commonProperties = {
     version: version,
     node: process.version,
-    env: env
+    env: env,
+    ci: Boolean(process.env.CI).toString()
 };
 appInsights.defaultClient.context.tags['ai.session.id'] = crypto.randomBytes(24).toString('base64');
 appInsights.defaultClient.context.tags['ai.cloud.roleInstance'] = crypto.createHash('sha256').update(appInsights.defaultClient.context.tags['ai.cloud.roleInstance']).digest('hex');

package/dist/cli/Cli.js

@@ -17,6 +17,7 @@ const path = require("path");
 const appInsights_1 = require("../appInsights");
 const Command_1 = require("../Command");
 const config_1 = require("../config");
+const request_1 = require("../request");
 const settingsNames_1 = require("../settingsNames");
 const Utils_1 = require("../Utils");
 const packageJSON = require('../../package.json');
@@ -204,16 +205,20 @@ class Cli {
                 }
             };
             if (args.options.debug) {
-                Cli.log(`Executing command ${command.name} with options ${JSON.stringify(args)}`);
+                logErr.push(`Executing command ${command.name} with options ${JSON.stringify(args)}`);
             }
             // store the current command name, if any and set the name to the name of
             // the command to execute
             const cli = Cli.getInstance();
             const parentCommandName = cli.currentCommandName;
             cli.currentCommandName = command.getCommandName();
+            // store the current logger if any
+            const currentLogger = request_1.default.logger;
             command.action(logger, args, (err) => {
                 // restore the original command name
                 cli.currentCommandName = parentCommandName;
+                // restore the original logger
+                request_1.default.logger = currentLogger;
                 if (err) {
                     return reject({
                         error: err,
@@ -416,11 +421,11 @@ class Cli {
         if (arrayType !== 'object') {
             return logStatement.join(os.EOL);
         }
-        // if output type has been set to 'text', process the retrieved
+        // if output type has been set to 'text' or 'csv', process the retrieved
         // data so that returned objects contain only default properties specified
         // on the current command. If there is no current command or the
         // command doesn't specify default properties, return original data
-        if (options.output === 'text') {
+        if (options.output === 'text' || options.output === 'csv') {
             const cli = Cli.getInstance();
             const currentCommand = cli.commandToExecute;
             if (arrayType === 'object' &&
@@ -440,6 +445,20 @@ class Cli {
                 }
             }
         }
+        if (options.output === 'csv') {
+            const { stringify } = require('csv-stringify/sync');
+            /*
+              https://csv.js.org/stringify/options/
+              header: Display the column names on the first line if the columns option is provided or discovered.
+              escape: Single character used for escaping; only apply to characters matching the quote and the escape options default to ".
+              quote: The quote characters surrounding a field, defaults to the " (double quotation marks), an empty quote value will preserve the original field, whether it contains quotation marks or not.
+              quoted: Boolean, default to false, quote all the non-empty fields even if not required.
+              quotedEmpty: Quote empty strings and overrides quoted_string on empty strings when defined; default is false.
+            */
+            return stringify(logStatement, {
+                header: true
+            });
+        }
         // display object as a list of key-value pairs
         if (logStatement.length === 1) {
             const obj = logStatement[0];

package/dist/m365/aad/commands/o365group/{Group.js → GroupExtended.js}

@@ -1,3 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=Group.js.map
+//# sourceMappingURL=GroupExtended.js.map

package/dist/m365/aad/commands/o365group/o365group-user-set.js

@@ -37,14 +37,14 @@ class AadO365GroupUserSetCommand extends GraphItemsListCommand_1.GraphItemsListC
                 logger.logToStderr(this.items);
                 logger.logToStderr('');
             }
-            if (this.items.filter(i => i.userPrincipalName.toLocaleLowerCase() === args.options.userName.toLocaleLowerCase()).length <= 0) {
+            if (this.items.filter(i => args.options.userName.toUpperCase() === i.userPrincipalName.toUpperCase()).length <= 0) {
                 const userNotInGroup = (typeof args.options.groupId !== 'undefined') ?
                     'The specified user does not belong to the given Microsoft 365 Group. Please use the \'o365group user add\' command to add new users.' :
                     'The specified user does not belong to the given Microsoft Teams team. Please use the \'graph teams user add\' command to add new users.';
                 throw new Error(userNotInGroup);
             }
             if (args.options.role === "Owner") {
-                const foundMember = this.items.find(e => e.userPrincipalName.toLocaleLowerCase() === args.options.userName.toLocaleLowerCase() && e.userType === 'Member');
+                const foundMember = this.items.find(e => args.options.userName.toUpperCase() === e.userPrincipalName.toUpperCase() && e.userType === 'Member');
                 if (foundMember !== undefined) {
                     const endpoint = `${this.resource}/v1.0/groups/${groupId}/owners/$ref`;
                     const requestOptions = {
@@ -65,7 +65,7 @@ class AadO365GroupUserSetCommand extends GraphItemsListCommand_1.GraphItemsListC
                 }
             }
             else {
-                const foundOwner = this.items.find(e => e.userPrincipalName.toLocaleLowerCase() === args.options.userName.toLocaleLowerCase() && e.userType === 'Owner');
+                const foundOwner = this.items.find(e => args.options.userName.toUpperCase() === e.userPrincipalName.toUpperCase() && e.userType === 'Owner');
                 if (foundOwner !== undefined) {
                     const endpoint = `${this.resource}/v1.0/groups/${groupId}/owners/${foundOwner.id}/$ref`;
                     const requestOptions = {

package/dist/m365/aad/commands/user/user-get.js

@@ -20,10 +20,20 @@ class AadUserGetCommand extends GraphCommand_1.default {
     }
     commandAction(logger, args, cb) {
         const properties = args.options.properties ?
-            `?$select=${args.options.properties.split(',').map(p => encodeURIComponent(p.trim())).join(',')}` :
+            `&$select=${args.options.properties.split(',').map(p => encodeURIComponent(p.trim())).join(',')}` :
             '';
+        let requestUrl = `${this.resource}/v1.0/users`;
+        if (args.options.id) {
+            requestUrl += `?$filter=id eq '${encodeURIComponent(args.options.id)}'${properties}`;
+        }
+        else if (args.options.userName) {
+            requestUrl += `?$filter=userPrincipalName eq '${encodeURIComponent(args.options.userName)}'${properties}`;
+        }
+        else if (args.options.email) {
+            requestUrl += `?$filter=mail eq '${encodeURIComponent(args.options.email)}'${properties}`;
+        }
         const requestOptions = {
-            url: `${this.resource}/v1.0/users/${encodeURIComponent(args.options.id ? args.options.id : args.options.userName)}${properties}`,
+            url: requestUrl,
             headers: {
                 accept: 'application/json;odata.metadata=none'
             },
@@ -31,6 +41,18 @@ class AadUserGetCommand extends GraphCommand_1.default {
         };
         request_1.default
             .get(requestOptions)
+            .then((res) => {
+            if (res.value.length === 1) {
+                return Promise.resolve(res.value[0]);
+            }
+            const identifier = args.options.id ? `id ${args.options.id}`
+                : args.options.userName ? `user name ${args.options.userName}`
+                    : `email ${args.options.email}`;
+            if (res.value.length === 0) {
+                return Promise.reject(`The specified user with ${identifier} does not exist`);
+            }
+            return Promise.reject(`Multiple users with ${identifier} found. Please disambiguate (user names): ${res.value.map(a => a.userPrincipalName).join(', ')} or (ids): ${res.value.map(a => a.id).join(', ')}`);
+        })
             .then((res) => {
             logger.log(res);
             cb();
@@ -44,6 +66,9 @@ class AadUserGetCommand extends GraphCommand_1.default {
             {
                 option: '-n, --userName [userName]'
             },
+            {
+                option: '--email [email]'
+            },
             {
                 option: '-p, --properties [properties]'
             }
@@ -52,11 +77,13 @@ class AadUserGetCommand extends GraphCommand_1.default {
         return options.concat(parentOptions);
     }
     validate(args) {
-        if (!args.options.id && !args.options.userName) {
-            return 'Specify either id or userName';
+        if (!args.options.id && !args.options.userName && !args.options.email) {
+            return 'Specify id, userName or email, one is required';
         }
-        if (args.options.id && args.options.userName) {
-            return 'Specify either id or userName but not both';
+        if ((args.options.id && args.options.email) ||
+            (args.options.id && args.options.userName) ||
+            (args.options.userName && args.options.email)) {
+            return 'Use either id, userName or email, but not all';
         }
         if (args.options.id &&
             !Utils_1.default.isValidGuid(args.options.id)) {

package/dist/m365/aad/commands/user/user-password-validate.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const request_1 = require("../../../../request");
+const GraphCommand_1 = require("../../../base/GraphCommand");
+const commands_1 = require("../../commands");
+class AadUserPasswordValidateCommand extends GraphCommand_1.default {
+    get name() {
+        return commands_1.default.USER_PASSWORD_VALIDATE;
+    }
+    get description() {
+        return "Check a user's password against the organization's password validation policy";
+    }
+    commandAction(logger, args, cb) {
+        const requestOptions = {
+            url: `${this.resource}/beta/users/validatePassword`,
+            headers: {
+                accept: 'application/json;odata.metadata=none'
+            },
+            data: {
+                password: args.options.password
+            },
+            responseType: 'json'
+        };
+        request_1.default
+            .post(requestOptions)
+            .then((res) => {
+            logger.log(res);
+            cb();
+        }, (err) => this.handleRejectedODataJsonPromise(err, logger, cb));
+    }
+    options() {
+        const options = [
+            {
+                option: '-p, --password <password>'
+            }
+        ];
+        const parentOptions = super.options();
+        return options.concat(parentOptions);
+    }
+}
+module.exports = new AadUserPasswordValidateCommand();
+//# sourceMappingURL=user-password-validate.js.map

package/dist/m365/aad/commands.js

@@ -51,6 +51,7 @@ exports.default = {
     SP_GET: `${prefix} sp get`,
     USER_GET: `${prefix} user get`,
     USER_LIST: `${prefix} user list`,
+    USER_PASSWORD_VALIDATE: `${prefix} user password validate`,
     USER_SET: `${prefix} user set`
 };
 //# sourceMappingURL=commands.js.map

package/dist/m365/app/commands/permission/permission-list.js

@@ -0,0 +1,266 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const cli_1 = require("../../../../cli");
+const request_1 = require("../../../../request");
+const appGetCommand = require("../../../aad/commands/app/app-get");
+const AppCommand_1 = require("../../../base/AppCommand");
+const commands_1 = require("../../commands");
+var GetServicePrincipal;
+(function (GetServicePrincipal) {
+    GetServicePrincipal[GetServicePrincipal["withPermissions"] = 0] = "withPermissions";
+    GetServicePrincipal[GetServicePrincipal["withPermissionDefinitions"] = 1] = "withPermissionDefinitions";
+})(GetServicePrincipal || (GetServicePrincipal = {}));
+class AppPermissionListCommand extends AppCommand_1.default {
+    get name() {
+        return commands_1.default.PERMISSION_LIST;
+    }
+    get description() {
+        return 'Lists API permissions for the current AAD app';
+    }
+    commandAction(logger, args, cb) {
+        this
+            .getServicePrincipal({ appId: this.appId }, logger, GetServicePrincipal.withPermissions)
+            .then(servicePrincipal => {
+            if (servicePrincipal) {
+                // service principal found, get permissions from the service principal
+                return this.getServicePrincipalPermissions(servicePrincipal, logger);
+            }
+            else {
+                // service principal not found, get permissions from app registration
+                return this.getAppRegPermissions(this.appId, logger);
+            }
+        })
+            .then(permissions => {
+            logger.log(permissions);
+            cb();
+        }, err => this.handleRejectedODataJsonPromise(err, logger, cb));
+    }
+    getServicePrincipal(servicePrincipalInfo, logger, mode) {
+        var _a;
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.verbose) {
+                logger.logToStderr(`Retrieving service principal ${(_a = servicePrincipalInfo.appId) !== null && _a !== void 0 ? _a : servicePrincipalInfo.id}`);
+            }
+            const lookupUrl = servicePrincipalInfo.appId ? `?$filter=appId eq '${servicePrincipalInfo.appId}'&` : `/${servicePrincipalInfo.id}?`;
+            const requestOptions = {
+                url: `${this.resource}/v1.0/servicePrincipals${lookupUrl}$select=appId,id,displayName`,
+                headers: {
+                    accept: 'application/json;odata.metadata=none'
+                },
+                responseType: 'json'
+            };
+            const response = yield request_1.default.get(requestOptions);
+            if ((servicePrincipalInfo.id && !response) ||
+                (servicePrincipalInfo.appId && response.value.length === 0)) {
+                return undefined;
+            }
+            const servicePrincipal = servicePrincipalInfo.appId ?
+                response.value[0] :
+                response;
+            if (this.verbose) {
+                logger.logToStderr(`Retrieving permissions for service principal ${servicePrincipal.id}...`);
+            }
+            const permissionsPromises = [];
+            switch (mode) {
+                case GetServicePrincipal.withPermissions:
+                    const appRoleAssignmentsRequestOptions = {
+                        url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/appRoleAssignments`,
+                        headers: {
+                            accept: 'application/json;odata.metadata=none'
+                        },
+                        responseType: 'json'
+                    };
+                    const oauth2PermissionGrantsRequestOptions = {
+                        url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/oauth2PermissionGrants`,
+                        headers: {
+                            accept: 'application/json;odata.metadata=none'
+                        },
+                        responseType: 'json'
+                    };
+                    permissionsPromises.push(...[
+                        request_1.default.get(appRoleAssignmentsRequestOptions),
+                        request_1.default.get(oauth2PermissionGrantsRequestOptions)
+                    ]);
+                    break;
+                case GetServicePrincipal.withPermissionDefinitions:
+                    const oauth2PermissionScopesRequestOptions = {
+                        url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/oauth2PermissionScopes`,
+                        headers: {
+                            accept: 'application/json;odata.metadata=none'
+                        },
+                        responseType: 'json'
+                    };
+                    const appRolesRequestOptions = {
+                        url: `${this.resource}/v1.0/servicePrincipals/${servicePrincipal.id}/appRoles`,
+                        headers: {
+                            accept: 'application/json;odata.metadata=none'
+                        },
+                        responseType: 'json'
+                    };
+                    permissionsPromises.push(...[
+                        request_1.default.get(oauth2PermissionScopesRequestOptions),
+                        request_1.default.get(appRolesRequestOptions)
+                    ]);
+                    break;
+            }
+            const permissions = yield Promise.all(permissionsPromises);
+            switch (mode) {
+                case GetServicePrincipal.withPermissions:
+                    servicePrincipal.appRoleAssignments = permissions[0].value;
+                    servicePrincipal.oauth2PermissionGrants = permissions[1].value;
+                    break;
+                case GetServicePrincipal.withPermissionDefinitions:
+                    servicePrincipal.oauth2PermissionScopes = permissions[0].value;
+                    servicePrincipal.appRoles = permissions[1].value;
+                    break;
+            }
+            return servicePrincipal;
+        });
+    }
+    getServicePrincipalPermissions(servicePrincipal, logger) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.verbose) {
+                logger.logToStderr(`Resolving permissions for the service principal...`);
+            }
+            const apiPermissions = [];
+            // hash table for resolving resource IDs to names
+            const resourceLookup = {};
+            // list of service principals for which to load permissions
+            const servicePrincipalsToResolve = [];
+            const appRoleAssignments = servicePrincipal.appRoleAssignments;
+            apiPermissions.push(...appRoleAssignments.map(appRoleAssignment => {
+                // store resource name for resolving OAuth2 grants
+                resourceLookup[appRoleAssignment.resourceId] = appRoleAssignment.resourceDisplayName;
+                // add to the list of service principals to load to get the app role
+                // display name
+                if (!servicePrincipalsToResolve.find(r => r.id === appRoleAssignment.resourceId)) {
+                    servicePrincipalsToResolve.push({ id: appRoleAssignment.resourceId });
+                }
+                return {
+                    resource: appRoleAssignment.resourceDisplayName,
+                    // we store the app role ID temporarily and will later resolve to display name
+                    permission: appRoleAssignment.appRoleId,
+                    type: 'Application'
+                };
+            }));
+            const oauth2Grants = servicePrincipal.oauth2PermissionGrants;
+            oauth2Grants.forEach(oauth2Grant => {
+                var _a;
+                // see if we can resolve the resource name from the resources
+                // retrieved from app role assignments
+                const resource = (_a = resourceLookup[oauth2Grant.resourceId]) !== null && _a !== void 0 ? _a : oauth2Grant.resourceId;
+                if (resource === oauth2Grant.resourceId &&
+                    !servicePrincipalsToResolve.find(r => r.id === oauth2Grant.resourceId)) {
+                    // resource name not found in the resources
+                    // add it to the list of resources to resolve
+                    servicePrincipalsToResolve.push({ id: oauth2Grant.resourceId });
+                }
+                const scopes = oauth2Grant.scope.split(' ');
+                scopes.forEach(scope => {
+                    apiPermissions.push({
+                        resource,
+                        permission: scope,
+                        type: 'Delegated'
+                    });
+                });
+            });
+            if (servicePrincipalsToResolve.length > 0) {
+                const servicePrincipals = yield Promise
+                    .all(servicePrincipalsToResolve
+                    .map(servicePrincipalInfo => this.getServicePrincipal(servicePrincipalInfo, logger, GetServicePrincipal.withPermissionDefinitions)));
+                servicePrincipals.forEach(servicePrincipal => {
+                    apiPermissions.forEach(apiPermission => {
+                        var _a, _b;
+                        if (apiPermission.resource === servicePrincipal.id) {
+                            apiPermission.resource = servicePrincipal.displayName;
+                        }
+                        if (apiPermission.resource === servicePrincipal.displayName &&
+                            apiPermission.type === 'Application') {
+                            apiPermission.permission = (_b = (_a = servicePrincipal.appRoles
+                                .find(appRole => appRole.id === apiPermission.permission)) === null || _a === void 0 ? void 0 : _a.value) !== null && _b !== void 0 ? _b : apiPermission.permission;
+                        }
+                    });
+                });
+            }
+            return apiPermissions;
+        });
+    }
+    getAppRegistration(appId, logger) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.verbose) {
+                logger.logToStderr(`Retrieving Azure AD application registration ${appId}`);
+            }
+            const options = {
+                appId: appId,
+                output: 'json',
+                debug: this.debug,
+                verbose: this.verbose
+            };
+            const output = yield cli_1.Cli.executeCommandWithOutput(appGetCommand, { options: Object.assign(Object.assign({}, options), { _: [] }) });
+            if (this.debug) {
+                logger.logToStderr(output.stderr);
+            }
+            return JSON.parse(output.stdout);
+        });
+    }
+    getAppRegPermissions(appId, logger) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const application = yield this.getAppRegistration(appId, logger);
+            if (application.requiredResourceAccess.length === 0) {
+                return [];
+            }
+            const servicePrincipalsToResolve = application.requiredResourceAccess
+                .map(resourceAccess => {
+                return {
+                    appId: resourceAccess.resourceAppId
+                };
+            });
+            const servicePrincipals = yield Promise
+                .all(servicePrincipalsToResolve.map(servicePrincipalInfo => this.getServicePrincipal(servicePrincipalInfo, logger, GetServicePrincipal.withPermissionDefinitions)));
+            const apiPermissions = [];
+            application.requiredResourceAccess.forEach(requiredResourceAccess => {
+                var _a;
+                const servicePrincipal = servicePrincipals
+                    .find(servicePrincipal => (servicePrincipal === null || servicePrincipal === void 0 ? void 0 : servicePrincipal.appId) === requiredResourceAccess.resourceAppId);
+                const resourceName = (_a = servicePrincipal === null || servicePrincipal === void 0 ? void 0 : servicePrincipal.displayName) !== null && _a !== void 0 ? _a : requiredResourceAccess.resourceAppId;
+                requiredResourceAccess.resourceAccess.forEach(permission => {
+                    apiPermissions.push({
+                        resource: resourceName,
+                        permission: this.getPermissionName(permission.id, permission.type, servicePrincipal),
+                        type: permission.type === 'Role' ? 'Application' : 'Delegated'
+                    });
+                });
+            });
+            return apiPermissions;
+        });
+    }
+    getPermissionName(permissionId, permissionType, servicePrincipal) {
+        var _a, _b, _c, _d;
+        if (!servicePrincipal) {
+            return permissionId;
+        }
+        switch (permissionType) {
+            case 'Role':
+                return (_b = (_a = servicePrincipal.appRoles
+                    .find(appRole => appRole.id === permissionId)) === null || _a === void 0 ? void 0 : _a.value) !== null && _b !== void 0 ? _b : permissionId;
+            case 'Scope':
+                return (_d = (_c = servicePrincipal.oauth2PermissionScopes
+                    .find(permissionScope => permissionScope.id === permissionId)) === null || _c === void 0 ? void 0 : _c.value) !== null && _d !== void 0 ? _d : permissionId;
+        }
+        /* c8 ignore next 4 */
+        // permissionType is either 'Scope' or 'Role' but we need a safe default
+        // to avoid building errors. This code will never be reached.
+        return permissionId;
+    }
+}
+module.exports = new AppPermissionListCommand();
+//# sourceMappingURL=permission-list.js.map

package/dist/m365/app/commands.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const prefix = 'app';
+exports.default = {
+    PERMISSION_LIST: `${prefix} permission list`
+};
+//# sourceMappingURL=commands.js.map

package/dist/m365/base/AppCommand.js

@@ -0,0 +1,76 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const fs = require("fs");
+const cli_1 = require("../../cli");
+const Command_1 = require("../../Command");
+const Utils_1 = require("../../Utils");
+class AppCommand extends Command_1.default {
+    get resource() {
+        return 'https://graph.microsoft.com';
+    }
+    action(logger, args, cb) {
+        const m365rcJsonPath = '.m365rc.json';
+        if (!fs.existsSync(m365rcJsonPath)) {
+            return cb(new Command_1.CommandError(`Could not find file: ${m365rcJsonPath}`));
+        }
+        try {
+            const m365rcJsonContents = fs.readFileSync(m365rcJsonPath, 'utf8');
+            if (!m365rcJsonContents) {
+                return cb(new Command_1.CommandError(`File ${m365rcJsonPath} is empty`));
+            }
+            this.m365rcJson = JSON.parse(m365rcJsonContents);
+        }
+        catch (e) {
+            return cb(new Command_1.CommandError(`Could not parse file: ${m365rcJsonPath}`));
+        }
+        if (!this.m365rcJson.apps ||
+            this.m365rcJson.apps.length === 0) {
+            return cb(new Command_1.CommandError(`No Azure AD apps found in ${m365rcJsonPath}`));
+        }
+        if (args.options.appId) {
+            if (!this.m365rcJson.apps.some(app => app.appId === args.options.appId)) {
+                return cb(new Command_1.CommandError(`App ${args.options.appId} not found in ${m365rcJsonPath}`));
+            }
+            this.appId = args.options.appId;
+            return super.action(logger, args, cb);
+        }
+        if (this.m365rcJson.apps.length === 1) {
+            this.appId = this.m365rcJson.apps[0].appId;
+            return super.action(logger, args, cb);
+        }
+        if (this.m365rcJson.apps.length > 1) {
+            cli_1.Cli.prompt({
+                message: `Multiple Azure AD apps found in ${m365rcJsonPath}. Which app would you like to use?`,
+                type: 'list',
+                choices: this.m365rcJson.apps.map((app, i) => {
+                    return {
+                        name: `${app.name} (${app.appId})`,
+                        value: i
+                    };
+                }),
+                default: 0,
+                name: 'appIdIndex'
+            }, (result) => {
+                this.appId = this.m365rcJson.apps[result.appIdIndex].appId;
+                super.action(logger, args, cb);
+            });
+        }
+    }
+    options() {
+        const options = [
+            {
+                option: '--appId [appId]'
+            }
+        ];
+        const parentOptions = super.options();
+        return options.concat(parentOptions);
+    }
+    validate(args) {
+        if (args.options.appId && !Utils_1.default.isValidGuid(args.options.appId)) {
+            return `${args.options.appId} is not a valid GUID`;
+        }
+        return true;
+    }
+}
+exports.default = AppCommand;
+//# sourceMappingURL=AppCommand.js.map