@pnp/cli-microsoft365 6.7.0-beta.54db310 → 6.7.0-beta.872b0f5

package/.devcontainer/Dockerfile

@@ -26,7 +26,7 @@ RUN apt-get update && apt-get install -y \
   vim \
   python3.8 \
   python3-pip \
-  && curl -sL https://deb.nodesource.com/setup_16.x | sudo -E bash - \
+  && curl -sL https://deb.nodesource.com/setup_18.x | sudo -E bash - \
   && apt-get install nodejs -y \
   && rm -rf /var/lib/apt/lists/*
 

package/README.md

@@ -184,7 +184,7 @@ m365 spo site get --url https://contoso.sharepoint.com --output text
 
 ## Build
 
-To build and run this CLI locally, you will need [`node`](https://nodejs.org) `>= 16.0.0` installed.
+To build and run this CLI locally, you will need [`node`](https://nodejs.org) `>= 18.0.0` installed.
 
 ```sh
 # Clone this repository

package/dist/Auth.js

@@ -9,7 +9,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Auth = exports.CertificateType = exports.AuthType = exports.Service = void 0;
+exports.Auth = exports.CertificateType = exports.AuthType = exports.Service = exports.CloudType = void 0;
+const msal_common_1 = require("@azure/msal-common");
 const FileTokenStorage_1 = require("./auth/FileTokenStorage");
 const msalCachePlugin_1 = require("./auth/msalCachePlugin");
 const Cli_1 = require("./cli/Cli");
@@ -17,14 +18,24 @@ const Command_1 = require("./Command");
 const config_1 = require("./config");
 const request_1 = require("./request");
 const settingsNames_1 = require("./settingsNames");
+var CloudType;
+(function (CloudType) {
+    CloudType[CloudType["Public"] = 0] = "Public";
+    CloudType[CloudType["USGov"] = 1] = "USGov";
+    CloudType[CloudType["USGovHigh"] = 2] = "USGovHigh";
+    CloudType[CloudType["USGovDoD"] = 3] = "USGovDoD";
+    CloudType[CloudType["China"] = 4] = "China";
+})(CloudType = exports.CloudType || (exports.CloudType = {}));
 class Service {
     constructor() {
         this.connected = false;
         this.authType = AuthType.DeviceCode;
         this.certificateType = CertificateType.Unknown;
+        this.cloudType = CloudType.Public;
         this.accessTokens = {};
         this.appId = config_1.default.cliAadAppId;
         this.tenant = config_1.default.tenant;
+        this.cloudType = CloudType.Public;
     }
     logout() {
         this.connected = false;
@@ -62,11 +73,41 @@ class Auth {
         return this._service;
     }
     get defaultResource() {
-        return 'https://graph.microsoft.com';
+        return Auth.getEndpointForResource('https://graph.microsoft.com', this._service.cloudType);
     }
     constructor() {
         this._service = new Service();
     }
+    // we need to init cloud endpoints here, because we're using CloudType enum
+    // as indexers, which we can't do in the static initializer
+    // it also needs to be a separate method that we call here, because in tests
+    // we're mocking auth and calling its constructor
+    static initialize() {
+        this.cloudEndpoints[CloudType.USGov] = {
+            'https://graph.microsoft.com': 'https://graph.microsoft.com',
+            'https://graph.windows.net': 'https://graph.windows.net',
+            'https://management.azure.com/': 'https://management.usgovcloudapi.net/',
+            'https://login.microsoftonline.com': 'https://login.microsoftonline.com'
+        };
+        this.cloudEndpoints[CloudType.USGovHigh] = {
+            'https://graph.microsoft.com': 'https://graph.microsoft.us',
+            'https://graph.windows.net': 'https://graph.windows.net',
+            'https://management.azure.com/': 'https://management.usgovcloudapi.net/',
+            'https://login.microsoftonline.com': 'https://login.microsoftonline.us'
+        };
+        this.cloudEndpoints[CloudType.USGovDoD] = {
+            'https://graph.microsoft.com': 'https://dod-graph.microsoft.us',
+            'https://graph.windows.net': 'https://graph.windows.net',
+            'https://management.azure.com/': 'https://management.usgovcloudapi.net/',
+            'https://login.microsoftonline.com': 'https://login.microsoftonline.us'
+        };
+        this.cloudEndpoints[CloudType.China] = {
+            'https://graph.microsoft.com': 'https://microsoftgraph.chinacloudapi.cn',
+            'https://graph.windows.net': 'https://graph.chinacloudapi.cn',
+            'https://management.azure.com/': 'https://management.chinacloudapi.cn',
+            'https://login.microsoftonline.com': 'https://login.chinacloudapi.cn'
+        };
+    }
     restoreAuth() {
         return __awaiter(this, void 0, void 0, function* () {
             // check if auth has been restored previously
@@ -196,9 +237,27 @@ class Auth {
             thumbprint: certificateThumbprint,
             privateKey: certificatePrivateKey
         };
+        let azureCloudInstance = 0;
+        switch (this.service.cloudType) {
+            case CloudType.Public:
+                azureCloudInstance = msal_common_1.AzureCloudInstance.AzurePublic;
+                break;
+            case CloudType.China:
+                azureCloudInstance = msal_common_1.AzureCloudInstance.AzureChina;
+                break;
+            case CloudType.USGov:
+            case CloudType.USGovHigh:
+            case CloudType.USGovDoD:
+                azureCloudInstance = msal_common_1.AzureCloudInstance.AzureUsGovernment;
+                break;
+        }
         const config = {
             clientId: this.service.appId,
-            authority: `https://login.microsoftonline.com/${this.service.tenant}`
+            authority: `${Auth.getEndpointForResource('https://login.microsoftonline.com', this.service.cloudType)}/${this.service.tenant}`,
+            azureCloudOptions: {
+                azureCloudInstance,
+                tenant: this.service.tenant
+            }
         };
         const authConfig = cert
             ? Object.assign(Object.assign({}, config), { clientCertificate: cert }) : Object.assign(Object.assign({}, config), { clientSecret });
@@ -534,7 +593,8 @@ class Auth {
         if (pos > -1) {
             resource = resource.substr(0, pos);
         }
-        if (resource === 'https://api.bap.microsoft.com' || resource === 'https://api.powerapps.com') {
+        if (resource === 'https://api.bap.microsoft.com' ||
+            resource === 'https://api.powerapps.com') {
             resource = 'https://service.powerapps.com/';
         }
         if (resource === 'https://api.powerbi.com') {
@@ -571,7 +631,18 @@ class Auth {
     getMsalCacheStorage() {
         return new FileTokenStorage_1.FileTokenStorage(FileTokenStorage_1.FileTokenStorage.msalCacheFilePath());
     }
+    static getEndpointForResource(resource, cloudType) {
+        if (Auth.cloudEndpoints[cloudType] &&
+            Auth.cloudEndpoints[cloudType][resource]) {
+            return Auth.cloudEndpoints[cloudType][resource];
+        }
+        else {
+            return resource;
+        }
+    }
 }
 exports.Auth = Auth;
+Auth.cloudEndpoints = [];
+Auth.initialize();
 exports.default = new Auth();
 //# sourceMappingURL=Auth.js.map

package/dist/AuthServer.js

@@ -4,6 +4,7 @@ exports.AuthServer = void 0;
 const http = require("http");
 const open = require("open");
 const url = require("url");
+const Auth_1 = require("./Auth");
 class AuthServer {
     constructor() {
         this.open = open;
@@ -23,7 +24,7 @@ class AuthServer {
             const requestState = Math.random().toString(16).substr(2, 20);
             const address = this.httpServer.address();
             this.generatedServerUrl = `http://localhost:${address.port}`;
-            const url = `https://login.microsoftonline.com/${this.service.tenant}/oauth2/authorize?response_type=code&client_id=${this.service.appId}&redirect_uri=${this.generatedServerUrl}&state=${requestState}&resource=${this.resource}&prompt=select_account`;
+            const url = `${Auth_1.Auth.getEndpointForResource('https://login.microsoftonline.com', this.service.cloudType)}/${this.service.tenant}/oauth2/authorize?response_type=code&client_id=${this.service.appId}&redirect_uri=${this.generatedServerUrl}&state=${requestState}&resource=${this.resource}&prompt=select_account`;
             if (this.debug) {
                 this.logger.logToStderr('Redirect URL:');
                 this.logger.logToStderr(url);

package/dist/Command.js

@@ -127,21 +127,70 @@ class Command {
             if (!optionsSets || optionsSets.length === 0) {
                 return true;
             }
+            let inquirer;
+            const shouldPrompt = Cli_1.Cli.getInstance().getSettingWithDefaultValue(settingsNames_1.settingsNames.prompt, false);
             const argsOptions = Object.keys(args.options);
-            for (const optionSet of optionsSets) {
-                if (optionSet.runsWhen === undefined || optionSet.runsWhen(args)) {
-                    const commonOptions = argsOptions.filter(opt => optionSet.options.includes(opt));
-                    if (commonOptions.length === 0) {
-                        return `Specify one of the following options: ${optionSet.options.map(opt => opt).join(', ')}.`;
+            for (const optionSet of optionsSets.sort(opt => opt.runsWhen ? 0 : 1)) {
+                if (optionSet.runsWhen && !optionSet.runsWhen(args)) {
+                    continue;
+                }
+                const commonOptions = argsOptions.filter(opt => optionSet.options.includes(opt));
+                if (commonOptions.length === 0) {
+                    if (!shouldPrompt) {
+                        return `Specify one of the following options: ${optionSet.options.join(', ')}.`;
                     }
-                    if (commonOptions.length > 1) {
-                        return `Specify one of the following options: ${optionSet.options.map(opt => opt).join(', ')}, but not multiple.`;
+                    yield this.promptForOptionSetNameAndValue(args, optionSet, inquirer);
+                }
+                if (commonOptions.length > 1) {
+                    if (!shouldPrompt) {
+                        return `Specify one of the following options: ${optionSet.options.join(', ')}, but not multiple.`;
                     }
+                    yield this.promptForSpecificOption(args, commonOptions, inquirer);
                 }
             }
             return true;
         });
     }
+    promptForOptionSetNameAndValue(args, optionSet, inquirer) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!inquirer) {
+                inquirer = require('inquirer');
+            }
+            Cli_1.Cli.log(`Please specify one of the following options:`);
+            const resultOptionName = yield inquirer
+                .prompt({
+                type: 'list',
+                name: 'missingRequiredOptionName',
+                message: `Option to use:`,
+                choices: optionSet.options
+            });
+            const missingRequiredOptionName = resultOptionName.missingRequiredOptionName;
+            const resultOptionValue = yield inquirer
+                .prompt({
+                name: 'missingRequiredOptionValue',
+                message: `Value for '${missingRequiredOptionName}':`
+            });
+            args.options[missingRequiredOptionName] = resultOptionValue.missingRequiredOptionValue;
+            Cli_1.Cli.log();
+        });
+    }
+    promptForSpecificOption(args, commonOptions, inquirer) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!inquirer) {
+                inquirer = require('inquirer');
+            }
+            Cli_1.Cli.log(`Multiple options for an option set specified. Please specify the correct option that you wish to use.`);
+            const requiredOptionNameResult = yield inquirer
+                .prompt({
+                type: 'list',
+                name: 'missingRequiredOptionName',
+                message: `Option to use:`,
+                choices: commonOptions
+            });
+            commonOptions.filter(y => y !== requiredOptionNameResult.missingRequiredOptionName).map(optionName => args.options[optionName] = undefined);
+            Cli_1.Cli.log();
+        });
+    }
     validateOutput(args) {
         return __awaiter(this, void 0, void 0, function* () {
             if (args.options.output &&

package/dist/m365/aad/commands/user/user-set.js

@@ -44,9 +44,6 @@ class AadUserSetCommand extends GraphCommand_1.default {
     commandAction(logger, args) {
         return __awaiter(this, void 0, void 0, function* () {
             try {
-                if (this.verbose) {
-                    logger.logToStderr(`Updating user ${args.options.userPrincipalName || args.options.objectId}`);
-                }
                 if (args.options.currentPassword) {
                     if (args.options.objectId && args.options.objectId !== accessToken_1.accessToken.getUserIdFromAccessToken(Auth_1.default.service.accessTokens[Auth_1.default.defaultResource].accessToken)) {
                         throw `You can only change your own password. Please use --objectId @meId to reference to your own userId`;
@@ -55,11 +52,14 @@ class AadUserSetCommand extends GraphCommand_1.default {
                         throw 'You can only change your own password. Please use --userPrincipalName @meUserName to reference to your own user principal name';
                     }
                 }
+                if (this.verbose) {
+                    logger.logToStderr(`Updating user ${args.options.userPrincipalName || args.options.objectId}`);
+                }
                 const requestUrl = `${this.resource}/v1.0/users/${formatting_1.formatting.encodeQueryParameter(args.options.objectId ? args.options.objectId : args.options.userPrincipalName)}`;
                 const manifest = this.mapRequestBody(args.options);
-                if (Object.keys(manifest).length > 0) {
+                if (Object.keys(manifest).some(k => manifest[k] !== undefined)) {
                     if (this.verbose) {
-                        logger.logToStderr(`Setting the updated properties for the user ${args.options.userPrincipalName || args.options.objectId}`);
+                        logger.logToStderr(`Setting the updated properties for user ${args.options.userPrincipalName || args.options.objectId}`);
                     }
                     const requestOptions = {
                         url: requestUrl,
@@ -74,6 +74,19 @@ class AadUserSetCommand extends GraphCommand_1.default {
                 if (args.options.currentPassword) {
                     yield this.changePassword(requestUrl, args.options, logger);
                 }
+                if (args.options.managerUserId || args.options.managerUserName) {
+                    if (this.verbose) {
+                        logger.logToStderr(`Updating the manager to ${args.options.managerUserId || args.options.managerUserName}`);
+                    }
+                    yield this.updateManager(args.options);
+                }
+                else if (args.options.removeManager) {
+                    if (this.verbose) {
+                        logger.logToStderr('Removing the manager');
+                    }
+                    const user = args.options.objectId || args.options.userPrincipalName;
+                    yield this.removeManager(user);
+                }
             }
             catch (err) {
                 this.handleRejectedODataJsonPromise(err);
@@ -81,35 +94,32 @@ class AadUserSetCommand extends GraphCommand_1.default {
         });
     }
     mapRequestBody(options) {
-        const requestBody = {};
-        const excludeOptions = [
-            'debug',
-            'verbose',
-            'output',
-            'objectId',
-            'i',
-            'userPrincipalName',
-            'n',
-            'resetPassword',
-            'accountEnabled',
-            'currentPassword',
-            'newPassword',
-            'forceChangePasswordNextSignIn'
-        ];
-        if (options.accountEnabled !== undefined) {
-            requestBody['AccountEnabled'] = options.accountEnabled;
-        }
-        Object.keys(options).forEach(key => {
-            if (excludeOptions.indexOf(key) === -1) {
-                requestBody[key] = `${options[key]}`;
-            }
-        });
+        const requestBody = {
+            displayName: options.displayName,
+            givenName: options.firstName,
+            surname: options.lastName,
+            usageLocation: options.usageLocation,
+            officeLocation: options.officeLocation,
+            jobTitle: options.jobTitle,
+            companyName: options.companyName,
+            department: options.department,
+            preferredLanguage: options.preferredLanguage,
+            accountEnabled: options.accountEnabled
+        };
+        this.addUnknownOptionsToPayload(requestBody, options);
         if (options.resetPassword) {
             requestBody.passwordProfile = {
                 forceChangePasswordNextSignIn: options.forceChangePasswordNextSignIn || false,
+                forceChangePasswordNextSignInWithMfa: options.forceChangePasswordNextSignInWithMfa || false,
                 password: options.newPassword
             };
         }
+        // Replace every empty string with null
+        for (const key in requestBody) {
+            if (typeof requestBody[key] === 'string' && requestBody[key].trim() === '') {
+                requestBody[key] = null;
+            }
+        }
         return requestBody;
     }
     changePassword(requestUrl, options, logger) {
@@ -132,6 +142,31 @@ class AadUserSetCommand extends GraphCommand_1.default {
             yield request_1.default.post(requestOptions);
         });
     }
+    updateManager(options) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const managerRequestOptions = {
+                url: `${this.resource}/v1.0/users/${options.objectId || options.userPrincipalName}/manager/$ref`,
+                headers: {
+                    accept: 'application/json;odata.metadata=none'
+                },
+                data: {
+                    '@odata.id': `${this.resource}/v1.0/users/${options.managerUserId || options.managerUserName}`
+                }
+            };
+            yield request_1.default.put(managerRequestOptions);
+        });
+    }
+    removeManager(userId) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const managerRequestOptions = {
+                url: `${this.resource}/v1.0/users/${userId}/manager/$ref`,
+                headers: {
+                    accept: 'application/json;odata.metadata=none'
+                }
+            };
+            yield request_1.default.delete(managerRequestOptions);
+        });
+    }
 }
 _AadUserSetCommand_instances = new WeakSet(), _AadUserSetCommand_initTelemetry = function _AadUserSetCommand_initTelemetry() {
     this.telemetry.push((args) => {
@@ -142,7 +177,20 @@ _AadUserSetCommand_instances = new WeakSet(), _AadUserSetCommand_initTelemetry =
             resetPassword: !!args.options.resetPassword,
             forceChangePasswordNextSignIn: !!args.options.forceChangePasswordNextSignIn,
             currentPassword: typeof args.options.currentPassword !== 'undefined',
-            newPassword: typeof args.options.newPassword !== 'undefined'
+            newPassword: typeof args.options.newPassword !== 'undefined',
+            displayName: typeof args.options.displayName !== 'undefined',
+            firstName: typeof args.options.firstName !== 'undefined',
+            lastName: typeof args.options.lastName !== 'undefined',
+            forceChangePasswordNextSignInWithMfa: !!args.options.forceChangePasswordNextSignInWithMfa,
+            usageLocation: typeof args.options.usageLocation !== 'undefined',
+            officeLocation: typeof args.options.officeLocation !== 'undefined',
+            jobTitle: typeof args.options.jobTitle !== 'undefined',
+            companyName: typeof args.options.companyName !== 'undefined',
+            department: typeof args.options.department !== 'undefined',
+            preferredLanguage: typeof args.options.preferredLanguage !== 'undefined',
+            managerUserId: typeof args.options.managerUserId !== 'undefined',
+            managerUserName: typeof args.options.managerUserName !== 'undefined',
+            removeManager: typeof args.options.removeManager !== 'undefined'
         });
     });
 }, _AadUserSetCommand_initOptions = function _AadUserSetCommand_initOptions() {
@@ -161,6 +209,32 @@ _AadUserSetCommand_instances = new WeakSet(), _AadUserSetCommand_initTelemetry =
         option: '--currentPassword [currentPassword]'
     }, {
         option: '--newPassword [newPassword]'
+    }, {
+        option: '--displayName [displayName]'
+    }, {
+        option: '--firstName [firstName]'
+    }, {
+        option: '--lastName [lastName]'
+    }, {
+        option: '--forceChangePasswordNextSignInWithMfa'
+    }, {
+        option: '--usageLocation [usageLocation]'
+    }, {
+        option: '--officeLocation [officeLocation]'
+    }, {
+        option: '--jobTitle [jobTitle]'
+    }, {
+        option: '--companyName [companyName]'
+    }, {
+        option: '--department [department]'
+    }, {
+        option: '--preferredLanguage [preferredLanguage]'
+    }, {
+        option: '--managerUserId [managerUserId]'
+    }, {
+        option: '--managerUserName [managerUserName]'
+    }, {
+        option: '--removeManager'
     });
 }, _AadUserSetCommand_initTypes = function _AadUserSetCommand_initTypes() {
     this.types.boolean.push('accountEnabled');
@@ -182,10 +256,51 @@ _AadUserSetCommand_instances = new WeakSet(), _AadUserSetCommand_initTelemetry =
         if (args.options.resetPassword && !args.options.newPassword) {
             return `When resetting a user's password, specify the new password to set for the user, using the newPassword option`;
         }
+        if (args.options.firstName && args.options.firstName.length > 64) {
+            return `The max lenght for the firstName option is 64 characters`;
+        }
+        if (args.options.lastName && args.options.lastName.length > 64) {
+            return `The max lenght for the lastName option is 64 characters`;
+        }
+        if (args.options.forceChangePasswordNextSignIn && !args.options.resetPassword) {
+            return `The option forceChangePasswordNextSignIn can only be used in combination with the resetPassword option`;
+        }
+        if (args.options.forceChangePasswordNextSignInWithMfa && !args.options.resetPassword) {
+            return `The option forceChangePasswordNextSignInWithMfa can only be used in combination with the resetPassword option`;
+        }
+        if (args.options.usageLocation) {
+            const regex = new RegExp('^[a-zA-Z]{2}$');
+            if (!regex.test(args.options.usageLocation)) {
+                return `'${args.options.usageLocation}' is not a valid usageLocation.`;
+            }
+        }
+        if (args.options.jobTitle && args.options.jobTitle.length > 128) {
+            return `The max lenght for the jobTitle option is 128 characters`;
+        }
+        if (args.options.companyName && args.options.companyName.length > 64) {
+            return `The max lenght for the companyName option is 64 characters`;
+        }
+        if (args.options.department && args.options.department.length > 64) {
+            return `The max lenght for the department option is 64 characters`;
+        }
+        if (args.options.preferredLanguage && args.options.preferredLanguage.length < 2) {
+            return `'${args.options.preferredLanguage}' is not a valid preferredLanguage`;
+        }
+        if (args.options.managerUserName && !validation_1.validation.isValidUserPrincipalName(args.options.managerUserName)) {
+            return `'${args.options.managerUserName}' is not a valid user principal name`;
+        }
+        if (args.options.managerUserId && !validation_1.validation.isValidGuid(args.options.managerUserId)) {
+            return `'${args.options.managerUserId}' is not a valid GUID`;
+        }
         return true;
     }));
 }, _AadUserSetCommand_initOptionSets = function _AadUserSetCommand_initOptionSets() {
-    this.optionSets.push({ options: ['objectId', 'userPrincipalName'] });
+    this.optionSets.push({
+        options: ['objectId', 'userPrincipalName']
+    }, {
+        options: ['managerUserId', 'managerUserName', 'removeManager'],
+        runsWhen: (args) => args.options.managerUserId || args.options.managerUserName || args.options.removeManager
+    });
 };
 module.exports = new AadUserSetCommand();
 //# sourceMappingURL=user-set.js.map

package/dist/m365/base/AzmgmtCommand.js

@@ -1,10 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+const Auth_1 = require("../../Auth");
 const Command_1 = require("../../Command");
 class AzmgmtCommand extends Command_1.default {
     get resource() {
         return 'https://management.azure.com/';
     }
+    initAction(args, logger) {
+        super.initAction(args, logger);
+        if (!Auth_1.default.service.connected) {
+            // we fail no login in the base command command class
+            return;
+        }
+        if (Auth_1.default.service.cloudType !== Auth_1.CloudType.Public) {
+            throw new Command_1.CommandError(`Power Automate commands only support the public cloud at the moment. We'll add support for other clouds in the future. Sorry for the inconvenience.`);
+        }
+    }
 }
 exports.default = AzmgmtCommand;
 //# sourceMappingURL=AzmgmtCommand.js.map

package/dist/m365/base/PowerAppsCommand.js

@@ -1,10 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+const Auth_1 = require("../../Auth");
 const Command_1 = require("../../Command");
 class PowerAppsCommand extends Command_1.default {
     get resource() {
         return 'https://api.powerapps.com';
     }
+    initAction(args, logger) {
+        super.initAction(args, logger);
+        if (!Auth_1.default.service.connected) {
+            // we fail no login in the base command command class
+            return;
+        }
+        if (Auth_1.default.service.cloudType !== Auth_1.CloudType.Public) {
+            throw new Command_1.CommandError(`Power Apps commands only support the public cloud at the moment. We'll add support for other clouds in the future. Sorry for the inconvenience.`);
+        }
+    }
 }
 exports.default = PowerAppsCommand;
 //# sourceMappingURL=PowerAppsCommand.js.map

package/dist/m365/base/PowerPlatformCommand.js

@@ -1,10 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+const Auth_1 = require("../../Auth");
 const Command_1 = require("../../Command");
 class PowerPlatformCommand extends Command_1.default {
     get resource() {
         return 'https://api.bap.microsoft.com';
     }
+    initAction(args, logger) {
+        super.initAction(args, logger);
+        if (!Auth_1.default.service.connected) {
+            // we fail no login in the base command command class
+            return;
+        }
+        if (Auth_1.default.service.cloudType !== Auth_1.CloudType.Public) {
+            throw new Command_1.CommandError(`Power Platform commands only support the public cloud at the moment. We'll add support for other clouds in the future. Sorry for the inconvenience.`);
+        }
+    }
 }
 exports.default = PowerPlatformCommand;
 //# sourceMappingURL=PowerPlatformCommand.js.map

package/dist/m365/commands/login.js

@@ -19,6 +19,7 @@ const fs = require("fs");
 const Auth_1 = require("../../Auth");
 const Command_1 = require("../../Command");
 const config_1 = require("../../config");
+const misc_1 = require("../../utils/misc");
 const commands_1 = require("./commands");
 class LoginCommand extends Command_1.default {
     get name() {
@@ -71,6 +72,12 @@ class LoginCommand extends Command_1.default {
                         Auth_1.default.service.secret = args.options.secret;
                         break;
                 }
+                if (args.options.cloud) {
+                    Auth_1.default.service.cloudType = Auth_1.CloudType[args.options.cloud];
+                }
+                else {
+                    Auth_1.default.service.cloudType = Auth_1.CloudType.Public;
+                }
                 try {
                     yield Auth_1.default.ensureAccessToken(Auth_1.default.defaultResource, logger, this.debug);
                     Auth_1.default.service.connected = true;
@@ -113,8 +120,10 @@ class LoginCommand extends Command_1.default {
 }
 _LoginCommand_instances = new WeakSet(), _LoginCommand_initTelemetry = function _LoginCommand_initTelemetry() {
     this.telemetry.push((args) => {
+        var _a;
         Object.assign(this.telemetryProperties, {
-            authType: args.options.authType || 'deviceCode'
+            authType: args.options.authType || 'deviceCode',
+            cloud: (_a = args.options.cloud) !== null && _a !== void 0 ? _a : Auth_1.CloudType.Public
         });
     });
 }, _LoginCommand_initOptions = function _LoginCommand_initOptions() {
@@ -137,6 +146,9 @@ _LoginCommand_instances = new WeakSet(), _LoginCommand_initTelemetry = function
         option: '--tenant [tenant]'
     }, {
         option: '--secret [secret]'
+    }, {
+        option: '--cloud [cloud]',
+        autocomplete: misc_1.misc.getEnums(Auth_1.CloudType)
     });
 }, _LoginCommand_initValidators = function _LoginCommand_initValidators() {
     this.validators.push((args) => __awaiter(this, void 0, void 0, function* () {
@@ -170,6 +182,10 @@ _LoginCommand_instances = new WeakSet(), _LoginCommand_initTelemetry = function
                 return 'Required option secret missing';
             }
         }
+        if (args.options.cloud &&
+            typeof Auth_1.CloudType[args.options.cloud] === 'undefined') {
+            return `${args.options.cloud} is not a valid value for cloud. Valid options are ${misc_1.misc.getEnums(Auth_1.CloudType).join(', ')}`;
+        }
         return true;
     }));
 };

package/dist/m365/commands/status.js

@@ -39,7 +39,8 @@ class StatusCommand extends Command_1.default {
                         authType: Auth_1.AuthType[Auth_1.default.service.authType],
                         appId: Auth_1.default.service.appId,
                         appTenant: Auth_1.default.service.tenant,
-                        accessTokens: JSON.stringify(Auth_1.default.service.accessTokens, null, 2)
+                        accessTokens: JSON.stringify(Auth_1.default.service.accessTokens, null, 2),
+                        cloudType: Auth_1.CloudType[Auth_1.default.service.cloudType]
                     });
                 }
                 else {
@@ -47,7 +48,8 @@ class StatusCommand extends Command_1.default {
                         connectedAs: accessToken_1.accessToken.getUserNameFromAccessToken(Auth_1.default.service.accessTokens[Auth_1.default.defaultResource].accessToken),
                         authType: Auth_1.AuthType[Auth_1.default.service.authType],
                         appId: Auth_1.default.service.appId,
-                        appTenant: Auth_1.default.service.tenant
+                        appTenant: Auth_1.default.service.tenant,
+                        cloudType: Auth_1.CloudType[Auth_1.default.service.cloudType]
                     });
                 }
             }