From be2243893b99cac7bfaf6bfe795cedbc7c77967b Mon Sep 17 00:00:00 2001
From: Russel Vela <russel.vela@venafi.com>
Date: Fri, 12 Apr 2024 11:04:05 -0600
Subject: [PATCH] fix(playbook): Minor optimization of code

---
 pkg/playbook/app/domain/connection.go | 39 +++++++++++----------------
 1 file changed, 15 insertions(+), 24 deletions(-)

diff --git a/pkg/playbook/app/domain/connection.go b/pkg/playbook/app/domain/connection.go
index 855b757e..188ccac0 100644
--- a/pkg/playbook/app/domain/connection.go
+++ b/pkg/playbook/app/domain/connection.go
@@ -122,45 +122,36 @@ func isValidVaaS(c Connection) (bool, error) {
 	}
 
 	// Check if externalJWT has been provided
-	externalJWT := false
+	externaljwt := false
 	if c.Credentials.ExternalJWT != "" {
-		externalJWT = true
+		externaljwt = true
 	}
 
 	// There's a valid service account IF both externalJWT and tokenURL provided
 	svcaccount := false
-	if externalJWT && tokenurl {
+	if externaljwt && tokenurl {
 		svcaccount = true
-	} else if externalJWT && !tokenurl {
-		// JWT Provided without token url
+	} else if externaljwt && !tokenurl {
+		// JWT Provided without token URL
 		return false, ErrNoVCPTokenURL
-	} else if tokenurl && !externalJWT {
-		// Tokenurl without an external JWT
+	} else if tokenurl && !externaljwt {
+		// Token URL without an external JWT
 		return false, ErrNoExternalJWT
 	}
 
-	// If there's just an API key provided, that's good
-	if apikey && !accesstoken && !svcaccount {
-		return true, nil
-	}
-
-	// If there's just an accessToken provided, that's good
-	if !apikey && accesstoken && !svcaccount {
-		return true, nil
-	}
-
-	// If there's just a svcaccount defined, that's fine too
-	if !apikey && !accesstoken && svcaccount {
-		return true, nil
-	}
-
 	// At this point, there are no valid credentials. Figure out why.
 	if !apikey && !svcaccount && !accesstoken {
 		return false, ErrNoCredentials
 	}
 
-	// If we get here, it's because too many credentials were provided
-	return false, ErrAmbiguousVCPCreds
+	// if we got here then at least one of the credential options was provided
+	if (svcaccount && apikey) || (svcaccount && accesstoken) || (apikey && accesstoken) {
+		// more than one credential option is not acceptable
+		return false, ErrAmbiguousVCPCreds
+	}
+
+	// if we got here then only one credential option was provided (which is what we want)
+	return true, nil
 }
 
 func isValidFirefly(c Connection) (bool, error) {