Cli-microsoft365: Enhancement: Add support for connecting to GCC High Tenant

Thanks for reporting @DakotaWray2. I suspect this is caused by us defaulting to login.microsoftonline.com instead of login.microsoftonline.us which we should use for GCC High. I don't know if this is the only difference between the two clouds, but it's definitely something that we could begin with. This would require a change on our end.

Looking at it further, this could require deeper changes related to how we obtain tokens for the different resources: https://github.com/Azure/azure-cli/blob/4e1ff0ec626ea46d74793ad92a1b5eddc2b6e45b/src/azure-cli-core/azure/cli/core/cloud.py#L364

Adding https://docs.microsoft.com/en-us/azure/azure-government/documentation-government-get-started-connect-with-cli as a related resource

Thanks for the quick follow up @waldekmastykarz. Happy to test it for you.

Awesome! Let's see if we can get this moving 💪

All right, I have a first draft ready for you to test.

Setup instructions:

1. Uninstall CLI for Microsoft: npm un @pnp/cli-microsoft365 -g
2. Download code as zip from: https://github.com/waldekmastykarz/cli-microsoft365/tree/gcc-high
3. Unpack zip
4. Start terminal and change working directory to where you unpacked the zip
5. Restore dependencies: npm i
6. Build: npm run build
7. Install: npm link
8. Try logging in: m365 login --cloud AzureUSGovernment (here you will likely need to use your own AAD app, because the default one is not supported in GCC High)
9. Try running some commands across the different workloads, like m365 todo list list, m365 spo site list, m365 flow environment list
10. When you're done testing, uninstall the version by starting terminal, changing working directory to where you unpacked the zip and running npm unlink
11. You can now delete unzipped folder and use the regular CLI by installing it from npm (npm i -g @pnp/cli-microsoft365)

Looking forward to hear if this version works and if there is anything that we'd need to adjust.

I'm getting an error during build. FWIW im on node 10.16.3 and npm 6.9.0 via nvm-windows
../../../node_modules/@types/request-promise/index.d.ts:26:49 - error TS2694: Namespace 'request' has no exported member 'Response'.

Edit -- installed @types/request-promise and all is well with the build.

Hi @waldekmastykarz thanks again for knocking this out. Reporting back that I can successfully hit my GCC High Tenant. Without registering an app in AAD I noted the following (not a conclusive list).

• AAD :white_check_mark:
• SPO :white_check_mark:
• Teams :white_check_mark:
• PowerApps :x: 404
• Outlook :x: 400
• OneDrive :x: 400
• Tenant Status List :x: 500
• Tenant id get :white_check_mark:

I'll set up an AAD registration for this soon and see if any of the above changes.

Thank you for checking out the build! It seems like we've got some things working so we're on a good track!

Re the issue to build the solution on Windows. Let's have a look at it. Other contributors haven't reported it, but perhaps I've introduced a regression in this branch. Let's double check it.

Re connection issues: I'd love to hear more what's wrong and what does it after you created a registration. Any information about the failed commands and requests you could provide us with would be invaluable. You can get more info by running commands with the --debug switch, but since the requests contain access token and full URLs, you'll need to be careful what you share. What would help is to know if we correctly rewrite domains for GCC High and if the retrieved access tokens are for the right audience (which you can best validate yourself using jwt.ms or jwt.io).

Once again, thanks for your help and looking forward to getting more information. Please, don't hesitate to reach out if we can help with anything.

Hey @DakotaWray2, did you have a chance to look some more into it?

Hi again @waldekmastykarz, I haven't yet had a chance but I will try to soon!

Hey @DakotaWray2, did you have a chance to test if we correctly support GCC High?