fix: Make 'cloudflared access token' return with a non-zero exit code when token has expired

[ento]

I've been working on a helper script for a project that automatically fetches an access token and updates a local .env file with the token. Sometimes the script would fail to detect that cloudflared failed to fetch a token by looking at its exit code.

token=$(cloudflared access token -app=$cf_access_domain)
code=$?
echo "exit code $code"
if [ $code -ne 0 ] || [ -z "$token" ]; then
    echo "'cloudflared access token' failed. Attempting to log in..."
    cloudflared access login $cf_access_domain
    token=$(cloudflared access token -app=$cf_access_domain)
fi

I needed to add the [ -z "$token" ] test to catch these cases.

Looking at cloudflared's source, my guess is the command prints an empty token and exits with zero when GetAppTokenIfExists detects that the token has been expired and there was no error removing the file that the token was saved to.

cloudflared/token/token.go

Lines 435 to 438 in 3f6b1f2

	if payload.isExpired() {
	err := os.Remove(path)
	return "", err
	}