Open jeblackburn opened 4 years ago
We have created an issue in Pivotal Tracker to manage this:
https://www.pivotaltracker.com/story/show/174010327
The labels on this github issue will be updated when the story is started.
@jeblackburn - are you able to reproduce this issue still with the latest v6 CLI (6.53.0) and/or v7 CLI (7.1.0)?
I'm having same issue --v cf version 7.2.0+be4a5ce2b.2020-12-10, Cloud Foundry command line tool
Please fill out the issue checklist below and provide ALL the requested information.
CF_TRACE=1
to help debug the issue.Describe the bug and the command you saw an issue with I'm having trouble logging in to an on-prem PCF environment using SSO. I've tested using an identical version of the CLI as a colleague who is not having the trouble, but using the slightly older version (6.48) didn't change any behavior.
The core issue is that I'm receiving an error,
json: cannot unmarshal string into Go struct field InfoLinks.links.uaa of type ccv3.APILink
in response to my login --sso request.> cf login -a <https-url> --sso
What happened First, I got a (spurious?) SSL response to my login attempt:
> cf login -a <https-url> --sso
> Invalid SSL Cert for <https-url> TIP: Use 'cf login --skip-ssl-validation' to continue with an insecure API endpoint
I say spurious because a colleague on a similar Mac is able to execute this command without the SSL error.Next, I tried to login with the SSL-skip flag:
> cf login -a <https://login...> --sso --skip-ssl-validation
> json: cannot unmarshal string into Go struct field InfoLinks.links.uaa of type ccv3.APILink
Running the same command with CF_TRACE=true yields this output: `RESPONSE: [2020-07-22T08:45:49-05:00] HTTP/1.1 200 OK Cache-Control: no-store Content-Language: en-US Content-Length: 764 Content-Type: application/json;charset=UTF-8 Date: Wed, 22 Jul 2020 13:45:48 GMT Set-Cookie: X-Uaa-Csrf=68OdX8qO4cg6BY9zoabl1K; Max-Age=86400; Expires=Thu, 23-Jul-2020 13:45:49 GMT; Path=/; Secure; HttpOnly Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Vcap-Request-Id: 6a443ed4-7666-4472-5c4a-2a9aac3d5321 X-Xss-Protection: 1; mode=block {
"app": { "version": "73.4.24" }, "commit_id": "a91c1a7", "entityID": "",
"idpDefinitions": {
"https://saml...": "https://login...?returnIDParam=idp&entityID=http://login...&idp=https://saml...&isPassive=true"
},
"links": {
"login": "https://login...",
"uaa": "https://uaa..."
},
"prompts": {
"passcode": [
"password",
"Temporary Authentication Code ( Get one at https://login.../passcode )"
],
"password": "[PRIVATE DATA HIDDEN]",
"username": [
"text",
"Email"
]
},
"showLoginLinks": true,
"timestamp": "2020-05-19T19:05:36+0000",
"zone_name": "uaa"
}`
Expected behavior The first login command (without the SSL override) should work.
To Reproduce See above
Provide more context