search

microsoft / azure-devops-intellij

IntelliJ IDEA plug-in for Visual Studio Team Services and Team Foundation Server (TFS)
MIT License
151 stars 95 forks source link

Creates overprivledged PAT #441

Open johnterickson opened 3 years ago

johnterickson commented 3 years ago

This plugin should not create an unscoped PAT.

https://github.com/microsoft/azure-devops-intellij/blob/248f663c1cf601d0ae16b93e601350d2d8157b26/plugin/src/com/microsoft/alm/plugin/authentication/facades/VsoAuthInfoProvider.java#L137-L143

ForNeVeR commented 3 years ago

@johnterickson, hi! How would you prefer it to be scoped?

johnterickson commented 3 years ago

Great question! I'll be honest, I'm not 100% sure what the plugin's capable of. Looking at usage I would hazard to guess vso.build,vso.code_write

The full list is here: https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops

johnterickson commented 3 years ago

I'm also curious why it is creating a PAT at all - as opposed to taking the other path:

https://github.com/microsoft/azure-devops-intellij/blob/248f663c1cf601d0ae16b93e601350d2d8157b26/plugin/src/com/microsoft/alm/plugin/authentication/facades/VsoAuthInfoProvider.java#L127