Client gets 401 response from server when attempting to rotate own API key via `RotateAPIKey*`

sgnn7 commented 3 years ago

Summary

Due to the server-side change to not allow changing of the current user's API key via token, our use of RotateAPIKeyRequest will fail when the target roleID is the current user so we should raise an error eraly to notify the user about this.

Steps to Reproduce

Steps to reproduce the behavior:

Initialize a client against a Conjur instance
Run client.RotateAPIKey(roleID) or client.RotateAPIKeyReader(roleID)

Expected Results

User-friendly error

Actual Results (including error logs, if applicable)

401 error from the server

Reproducible

[x] Always
[ ] Sometimes
[ ] Non-Reproducible

Version/Tag number

0.6.0

Environment setup

N/A

Additional Information

N/A

izgeri commented 3 years ago

Note: there is a workaround until we fix this in #79 by sending a direct API request to this route

sgnn7 commented 3 years ago

PR #83 contains partial work on this. The remaining logic for it needs to be written to take the newly-added username, compare it to the target of rotation, and error out if they are the same. Changelog will also need to be updated.

cyberark / conjur-api-go