Skip to content

fix: throw on missing accessToken instead of returning "******"#9418

Draft
bjbennet with Copilot wants to merge 3 commits into
mainfrom
copilot/fix-code-for-review-comment
Draft

fix: throw on missing accessToken instead of returning "******"#9418
bjbennet with Copilot wants to merge 3 commits into
mainfrom
copilot/fix-code-for-review-comment

Conversation

Copilot AI commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

getAuthorizationToken used a bare template literal ****** with no null-guard, silently returning "******"` when no session token was available. This invalid header value was being baked into tests as expected behavior and could propagate to downstream ARM requests via the new periodic token-refresh path.

Changes

getAuthorizationToken.ts

  • Added guard: if authData?.accessToken is falsy, throw a localized error instead of producing "******"
  • Return type remains Promise<string> — no callers require updates
export async function getAuthorizationToken(tenantId?: string): Promise<string> {
  const authData = await getAuthData(tenantId);
  if (!authData?.accessToken) {
    throw new Error(localize('noAccessToken', 'No access token available. Please sign in to Azure.'));
  }
  return `******;
}

__test__/getAuthorizationToken.test.ts (new)

  • Added unit tests for getAuthorizationToken, getAuthorizationTokenFromNode, and getCloudHost
  • The previously-broken test that asserted '******' as the expected return value now correctly asserts a throw with the specific error message

Commit Type

  • feature - New functionality
  • fix - Bug fix
  • refactor - Code restructuring without behavior change
  • perf - Performance improvement
  • docs - Documentation update
  • test - Test-related changes
  • chore - Maintenance/tooling

Risk Level

  • Low - Minor changes, limited scope
  • Medium - Moderate changes, some user impact
  • High - Major changes, significant user/system impact

What & Why

Guards against getAuthorizationToken returning "******" when no access token is available. The bug was introduced silently via an unguarded template literal; the companion test was asserting the broken behavior rather than catching it.

Impact of Change

  • Users: Auth failures become explicit errors rather than silent invalid-header sends
  • Developers: getAuthorizationToken now throws if the session has no accessToken; callers already in try/catch (e.g. the periodic refresh in openDesignerForLocalProject) are unaffected
  • System: No performance or dependency changes

Test Plan

  • Unit tests added/updated
  • E2E tests added/updated
  • Manual testing completed
  • Tested in: unit test suite (apps/vs-code-designer — 1348 tests pass)

Contributors

Screenshots/Videos

Copilot AI added 2 commits July 17, 2026 21:27
…ilable

Fixes review comment r3597382245: getAuthorizationToken now throws a
descriptive error when authData.accessToken is falsy, preventing the
literal string '******' from being returned and sent as an
Authorization header.

Adds getAuthorizationToken.test.ts with the corrected test for the
no-accessToken case (expects throw, not '******').
Copilot AI changed the title [WIP] Fix the code based on review comment fix: throw on missing accessToken instead of returning "******" Jul 17, 2026
Copilot AI requested a review from bjbennet July 17, 2026 21:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants