Bump version to 0.3.0 and add get-token command for Azure token retrieval

2026-03-05 22:39:42 +01:00
parent 21b8179d40
commit 71ec95b52b
3 changed files with 61 additions and 2 deletions
--- a/src/cli/commands.ts
+++ b/src/cli/commands.ts
@@ -4,7 +4,8 @@ import { minimatch } from "minimatch";

 import { loadPublicConfig } from "../index.ts";
 import { getGraphClient } from "../graph/auth.ts";
-import { login, logout } from "../azure/index.ts";
+import { acquireResourceTokenFromLogin, login, logout } from "../azure/index.ts";
+import { getDevOpsApiToken } from "../devops/index.ts";
 import {
  listApps,
  listAppPermissions,
@@ -16,6 +17,7 @@ import { readJsonFromStdin } from "./utils.ts";

 type CommandValues = {
  [key: string]: string | boolean | undefined;
+  type?: string;
  resources?: string;
  "use-device-code"?: boolean;
  "no-browser"?: boolean;
@@ -142,6 +144,49 @@ async function runListResourcePermissionsCommand(values: CommandValues): Promise
  return result;
 }

+async function runGetTokenCommand(values: CommandValues): Promise<unknown> {
+  const tokenType = (values.type ?? "").toString().trim().toLowerCase();
+  if (!tokenType) {
+    throw new Error("--type is required for get-token (allowed: azurerm, devops)");
+  }
+
+  const config = await loadPublicConfig();
+  if (!config.tenantId) {
+    throw new Error("tenantId is required");
+  }
+  if (!config.clientId) {
+    throw new Error("clientId is required");
+  }
+
+  if (tokenType === "azurerm") {
+    const result = await acquireResourceTokenFromLogin({
+      tenantId: config.tenantId,
+      clientId: config.clientId,
+      resource: "arm",
+    });
+
+    const accessToken = result?.accessToken;
+    if (!accessToken) {
+      throw new Error("Failed to obtain AzureRM token");
+    }
+
+    return {
+      tokenType,
+      accessToken,
+    };
+  }
+
+  if (tokenType === "devops") {
+    const accessToken = await getDevOpsApiToken(config.tenantId, config.clientId);
+    return {
+      tokenType,
+      accessToken,
+    };
+  }
+
+  throw new Error(`Invalid --type '${values.type}'. Allowed: azurerm, devops`);
+}
+
 export async function runCommand(command: string, values: CommandValues): Promise<unknown> {
  switch (command) {
    case "login":
@@ -158,6 +203,8 @@ export async function runCommand(command: string, values: CommandValues): Promis
      return runListAppGrantsCommand(values);
    case "list-resource-permissions":
      return runListResourcePermissionsCommand(values);
+    case "get-token":
+      return runGetTokenCommand(values);
    default:
      throw new Error(`Unknown command: ${command}`);
  }