search

rockcarver / frodo-cli

A CLI to manage ForgeRock platform deployments supporting Identity Cloud tenants, ForgeOps deployments, and classic deployments.
MIT License
17 stars 16 forks source link

Cannot use unique substring for commands, must use AM URL #213

Closed jgdtech closed 10 months ago

jgdtech commented 1 year ago

Frodo CLI version

Provide output of frodo -v You seem to be running the binary package Installed versions: cli: v0.23.0 lib: v0.18.8 node: v18.5.0

Describe the issue

Cannot use unique substring for "host" as it worked in previous versions and as listed in "frodo conn list" command. $ frodo conn list https://openam-xxxsandboxxxxx1.forgeblocks.com/am Any unique substring of a saved host can be used as the value for host parameter in all commands

$ export AMURL=https://openam-xxxsandboxxxxx1.forgeblocks.com/am $ frodo conn describe sand ... this works

$ frodo info sand Error getting cookie name: Error: connect ECONNREFUSED ::1:80 Service account login error: Error: connect ECONNREFUSED ::1:80

$ frodo journey list sand Error getting cookie name: Error: connect ECONNREFUSED ::1:80 Service account login error: Error: connect ECONNREFUSED ::1:80

$ frodo info $AMURL ... this works

$ frodo journey list $AMURL ... this works, returns list of journeys

OS: tried on Ubuntu 22.04 and Debian 11.6 - both on WSL on Windows 10.

The substring for commands was working on my previous version of frodo v0.16.1 which I ran on Git bash but that's broken now (I see an issue already created for that).

I created a service account and set the ID and key as mentioned in this article: https://community.forgerock.com/t/frodo-service-accounts-secure-ci-cd-in-forgerock-identity-cloud/2065

% export FRODO_SA_ID=1ffa3108-a5de-476a-977f-4432633100ce % export FRODO_SA_JWK=$(cat ~/Downloads/cicd_privateKey.jwk)

I then created the connection to my ForgeRock Identity Cloud instance using an admin account + pw (MFA is enabled), then entered OTP at prompt.

vscheuber commented 1 year ago

Hello @jgdtech this is peculiar indeed! Could you please run the info command with the debug flag like so:

frodo info --debug sand

And post the sanitized output? In case you prefer a private email chain vs public forum to exchange log data, you can drop me a personal message at vscheuber@gmail.com and reference this issue.

The debug flag might reveal a little more about what's happening. It appears rather unusual that it would error out this way but work with the full URL. Would love to figure out what's happening here.

vscheuber commented 1 year ago

oh, and another option to add to create more clarity: --curlirize

frodo info --debug --curlirize sand

jgdtech commented 1 year ago

Output of "frodo info --debug --curlirize sand":

Error getting cookie name: Error: connect ECONNREFUSED ::1:80 Error: connect ECONNREFUSED ::1:80 at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1237:16) AuthenticateOps.getTokens: Authenticating with service account 3214e21d-cccd-4d39-b83a-e9f0cb344599 AuthenticateOps.getAccessTokenForServiceAccount: start AuthenticateOps.getAccessTokenForServiceAccount: payload: { iss: '3214e21d-cccd-4d39-b83a-e9f0cb344599', sub: '3214e21d-cccd-4d39-b83a-e9f0cb344599', aud: ':80sand/oauth2/access_token', exp: 1678462436, jti: '8fce3028-51bd-4314-96cf-8415e42226c3' } AuthenticateOps.getAccessTokenForServiceAccount: jwt: -cut-[39m curl -X POST -H "Content-Type:application/x-www-form-urlencoded" -H "User-Agent:@rockcarver/frodo-lib/0.18.8" -H "X-ForgeRock-TransactionId:frodo-9b1b8443-319d-411e-bec3-855f6d884070" -H "Accept-API-Version:protocol=2.1,resource=1.0" --data 'assertion=-cut-&client_id=service-account&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&scope=fr:am: fr:idm: fr:idc:esv:' "sand/oauth2/access_token" AxiosError: connect ECONNREFUSED ::1:80 at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1237:16) { port: 80, address: '::1', syscall: 'connect', code: 'ECONNREFUSED', errno: -111, config: <ref 3> { transitional: { silentJSONParsing: true, forcedJSONParsing: true, clarifyTimeoutError: false }, adapter: [Function: httpAdapter], transformRequest: [ [Function: transformRequest] ], transformResponse: [ [Function: transformResponse] ], timeout: 30000, xsrfCookieName: 'XSRF-TOKEN', xsrfHeaderName: 'X-XSRF-TOKEN', maxContentLength: -1, maxBodyLength: -1, env: { FormData: [Function: FormData] { LINE_BREAK: '\r\n', DEFAULT_CONTENT_TYPE: 'application/octet-stream' } }, validateStatus: [Function: validateStatus], headers: { Accept: 'application/json, text/plain, /', 'Content-Type': 'application/x-www-form-urlencoded', 'User-Agent': '@rockcarver/frodo-lib/0.18.8', 'X-ForgeRock-TransactionId': 'frodo-9b1b8443-319d-411e-bec3-855f6d884070', 'Accept-API-Version': 'protocol=2.1,resource=1.0', 'Content-Length': 1084 }, httpAgent: <ref 2> Agent { _events: [Object: null prototype] { free: [ [Function (anonymous)], [Function (anonymous)] ], newListener: [Function: maybeEnableKeylog] }, _eventsCount: 2, _maxListeners: undefined, defaultPort: 80, protocol: 'http:', options: [Object: null prototype] { maxSockets: 100, maxFreeSockets: 10, timeout: 30000, freeSocketTimeout: 30000, keepAlive: true, socketActiveTTL: 0, noDelay: true, path: null }, requests: [Object: null prototype] {}, sockets: [Object: null prototype] { '::1:80:': [ <ref 1> Socket { connecting: false, _hadError: true, _parent: null, _host: null, _readableState: ReadableState { objectMode: false, highWaterMark: 16384, buffer: [BufferList], length: 0, pipes: [], flowing: true, ended: false, endEmitted: false, reading: true, constructed: true, sync: false, needReadable: true, emittedReadable: false, readableListening: false, resumeScheduled: false, errorEmitted: true, emitClose: false, autoDestroy: true, destroyed: true, errored: [Error], closed: true, closeEmitted: true, defaultEncoding: 'utf8', awaitDrainWriters: null, multiAwaitDrain: false, readingMore: false, dataEmitted: false, decoder: null, encoding: null,

        },
        _events: [Object: null prototype] {
          end: [Function: onReadableStreamEnd],
          connect: [Array],
          free: [Array],
          close: [Array],
          timeout: [Array],
          error: [Array],
          agentRemove: [Array],
          drain: [Function: ondrain]
        },
        _eventsCount: 8,
        _maxListeners: undefined,
        _writableState: WritableState {
          objectMode: false,
          highWaterMark: 16384,
          finalCalled: false,
          needDrain: false,
          ending: false,
          ended: false,
          finished: false,
          destroyed: true,
          decodeStrings: false,
          defaultEncoding: 'utf8',
          length: 1437,
          writing: true,
          corked: 0,
          sync: false,
          bufferProcessing: false,
          onwrite: [Function: bound onwrite],
          writecb: [Function (anonymous)],
          writelen: 1437,
          afterWriteTickInfo: null,
          buffered: [],
          bufferedIndex: 0,
          allBuffers: true,
          allNoop: true,
          pendingcb: 1,
          constructed: true,
          prefinished: false,
          errorEmitted: true,
          emitClose: false,
          autoDestroy: true,
          errored: [Error],
          closed: true,
          closeEmitted: true,
          [Symbol(kOnFinished)]: []
        },
        allowHalfOpen: false,
        _sockname: null,
        _pendingData: [ [Object], [Object], allBuffers: false ],
        _pendingEncoding: '',
        server: null,
        timeout: 30000,
        parser: null,
        _httpMessage: ClientRequest {
          _events: [Object: null prototype],
          _eventsCount: 7,
          _maxListeners: undefined,
          outputData: [],
          outputSize: 0,
          writable: true,
          destroyed: false,
          _last: false,
          chunkedEncoding: false,
          shouldKeepAlive: true,
          maxRequestsOnConnectionReached: false,
          _defaultKeepAlive: true,
          useChunkedEncodingByDefault: true,
          sendDate: false,
          _removedConnection: false,
          _removedContLen: false,
          _removedTE: false,
          _contentLength: null,
          _hasBody: true,
          _trailer: '',
          finished: false,
          _headerSent: true,
          _closed: false,
          socket: [Circular *1],
          _header: 'POST sand/oauth2/access_token HTTP/1.1\r\n' +
            'Accept: application/json, text/plain, */*\r\n' +
            'Content-Type: application/x-www-form-urlencoded\r\n' +
            'User-Agent: @rockcarver/frodo-lib/0.18.8\r\n' +
            'X-ForgeRock-TransactionId: frodo-9b1b8443-319d-411e-bec3-855f6d884070\r\n' +
            'Accept-API-Version: protocol=2.1,resource=1.0\r\n' +
            'Content-Length: 1084\r\n' +
            'Host: [::1]\r\n' +
            'Connection: keep-alive\r\n' +
            '\r\n',
          _keepAliveTimeout: 0,
          _onPendingData: [Function: nop],
          agent: [Circular *2],
          socketPath: undefined,
          method: 'POST',
          maxHeaderSize: undefined,
          insecureHTTPParser: undefined,
          path: 'sand/oauth2/access_token',
          _ended: false,
          res: null,
          aborted: false,
          timeoutCb: [Function: emitRequestTimeout],
          upgradeOrConnect: false,
          parser: null,
          maxHeadersCount: null,
          reusedSocket: false,
          host: '::1',
          protocol: 'http:',
          _redirectable: [Writable],
          [Symbol(kCapture)]: false,
          [Symbol(kNeedDrain)]: false,
          [Symbol(corked)]: 0,
          [Symbol(kOutHeaders)]: [Object: null prototype],
          [Symbol(kUniqueHeaders)]: null
        },
        [Symbol(async_id_symbol)]: 2444,
        [Symbol(kHandle)]: null,
        [Symbol(lastWriteQueueSize)]: 0,
        [Symbol(timeout)]: Timeout {
          _idleTimeout: -1,
          _idlePrev: null,
          _idleNext: null,
          _idleStart: 318,
          _onTimeout: null,
          _timerArgs: undefined,
          _repeat: null,
          _destroyed: true,
          [Symbol(refed)]: false,
          [Symbol(kHasPrimitive)]: false,
          [Symbol(asyncId)]: 2452,
          [Symbol(triggerId)]: 2446
        },
        [Symbol(kBuffer)]: null,
        [Symbol(kBufferCb)]: null,
        [Symbol(kBufferGen)]: null,
        [Symbol(kCapture)]: false,
        [Symbol(kSetNoDelay)]: true,
        [Symbol(kSetKeepAlive)]: true,
        [Symbol(kSetKeepAliveInitialDelay)]: 0,
        [Symbol(kBytesRead)]: 0,
        [Symbol(kBytesWritten)]: 0,
        [Symbol(agentkeepalive#socketName)]: 'sock[1#::1:80:]',
        [Symbol(agentkeepalive#socketRequestCount)]: 1,
        [Symbol(agentkeepalive#socketRequestFinishedCount)]: 0
      }
    ]
  },
  freeSockets: [Object: null prototype] {},
  keepAliveMsecs: 1000,
  keepAlive: true,
  maxSockets: 100,
  maxFreeSockets: 10,
  scheduling: 'lifo',
  maxTotalSockets: Infinity,
  totalSocketCount: 1,
  createSocketCount: 2,
  createSocketCountLastCheck: 0,
  createSocketErrorCount: 0,
  createSocketErrorCountLastCheck: 0,
  closeSocketCount: 1,
  closeSocketCountLastCheck: 0,
  errorSocketCount: 2,
  errorSocketCountLastCheck: 0,
  requestCount: 0,
  requestCountLastCheck: 0,
  timeoutSocketCount: 0,
  timeoutSocketCountLastCheck: 0,
  [Symbol(kCapture)]: false,
  [Symbol(agentkeepalive#currentId)]: 2
},
httpsAgent: HttpsAgent {
  _events: [Object: null prototype] {
    free: [ [Function (anonymous)], [Function (anonymous)] ],
    newListener: [Function: maybeEnableKeylog]
  },
  _eventsCount: 2,
  _maxListeners: undefined,
  defaultPort: 443,
  protocol: 'https:',
  options: [Object: null prototype] {
    rejectUnauthorized: true,
    maxSockets: 100,
    maxFreeSockets: 10,
    timeout: 30000,
    freeSocketTimeout: 30000,
    keepAlive: true,
    socketActiveTTL: 0,
    noDelay: true,
    path: null
  },
  requests: [Object: null prototype] {},
  sockets: [Object: null prototype] {},
  freeSockets: [Object: null prototype] {},
  keepAliveMsecs: 1000,
  keepAlive: true,
  maxSockets: 100,
  maxFreeSockets: 10,
  scheduling: 'lifo',
  maxTotalSockets: Infinity,
  totalSocketCount: 0,
  createSocketCount: 0,
  createSocketCountLastCheck: 0,
  createSocketErrorCount: 0,
  createSocketErrorCountLastCheck: 0,
  closeSocketCount: 0,
  closeSocketCountLastCheck: 0,
  errorSocketCount: 0,
  errorSocketCountLastCheck: 0,
  requestCount: 0,
  requestCountLastCheck: 0,
  timeoutSocketCount: 0,
  timeoutSocketCountLastCheck: 0,
  maxCachedSessions: 100,
  _sessionCache: { map: {}, list: [] },
  [Symbol(kCapture)]: false,
  [Symbol(agentkeepalive#currentId)]: 0
},
proxy: null,
method: 'post',
url: 'sand/oauth2/access_token',

ib/0.18.8" -H "X-ForgeRock-TransactionId:frodo-9b1b8443-319d-411e-bec3-855f6d884070" -H "Accept-API-Version:protocol=2.1,resource=1.0" --data 'assertion=-cut-&client_id=service-account&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&scope=fr:am: fr:idm: fr:idc:esv:' "sand/oauth2/access_token"`, clearCurl: [Function (anonymous)] }, request: <ref 5> Writable { _writableState: WritableState { objectMode: false, highWaterMark: 16384, finalCalled: false, needDrain: false, ending: false, ended: false, finished: false, destroyed: false, decodeStrings: true, defaultEncoding: 'utf8', length: 0, writing: false, corked: 0, sync: true, bufferProcessing: false, onwrite: [Function: bound onwrite], writecb: null, writelen: 0, afterWriteTickInfo: null, buffered: [], bufferedIndex: 0, allBuffers: true, allNoop: true, pendingcb: 0, constructed: true, prefinished: false, errorEmitted: false, emitClose: true, autoDestroy: true, errored: null, closed: false, closeEmitted: false,

},
_events: [Object: null prototype] {
  response: [Function: handleResponse],
  error: [Function: handleRequestError],
  socket: [ [Function: handleRequestSocket], [Function: destroyOnTimeout] ]
},
_eventsCount: 3,
_maxListeners: undefined,
_options: {
  maxRedirects: 21,
  maxBodyLength: 10485760,
  protocol: 'http:',
  path: 'sand/oauth2/access_token',
  method: 'POST',
  headers: {
    Accept: 'application/json, text/plain, */*',
    'Content-Type': 'application/x-www-form-urlencoded',
    'User-Agent': '@rockcarver/frodo-lib/0.18.8',
    'X-ForgeRock-TransactionId': 'frodo-9b1b8443-319d-411e-bec3-855f6d884070',
    'Accept-API-Version': 'protocol=2.1,resource=1.0',
    'Content-Length': 1084
  },
  agent: <ref *2> Agent {
    _events: [Object: null prototype] {
      free: [ [Function (anonymous)], [Function (anonymous)] ],
      newListener: [Function: maybeEnableKeylog]
    },
    _eventsCount: 2,
    _maxListeners: undefined,
    defaultPort: 80,
    protocol: 'http:',
    options: [Object: null prototype] {
      maxSockets: 100,
      maxFreeSockets: 10,
      timeout: 30000,
      freeSocketTimeout: 30000,
      keepAlive: true,
      socketActiveTTL: 0,
      noDelay: true,
      path: null
    },
    requests: [Object: null prototype] {},
    sockets: [Object: null prototype] {
      '::1:80:': [
        <ref *1> Socket {
          connecting: false,
          _hadError: true,
          _parent: null,
          _host: null,
          _readableState: [ReadableState],
          _events: [Object: null prototype],
          _eventsCount: 8,
          _maxListeners: undefined,
          _writableState: [WritableState],
          allowHalfOpen: false,
          _sockname: null,
          _pendingData: [Array],
          _pendingEncoding: '',
          server: null,
          _server: null,
          timeout: 30000,
          parser: null,
          _httpMessage: [ClientRequest],
          [Symbol(async_id_symbol)]: 2444,
          [Symbol(kHandle)]: null,
          [Symbol(lastWriteQueueSize)]: 0,
          [Symbol(timeout)]: [Timeout],
          [Symbol(kBuffer)]: null,
          [Symbol(kBufferCb)]: null,
          [Symbol(kBufferGen)]: null,
          [Symbol(kCapture)]: false,
          [Symbol(kSetNoDelay)]: true,
          [Symbol(kSetKeepAlive)]: true,
          [Symbol(kSetKeepAliveInitialDelay)]: 0,
          [Symbol(kBytesRead)]: 0,
          [Symbol(kBytesWritten)]: 0,
          [Symbol(agentkeepalive#socketName)]: 'sock[1#::1:80:]',
          [Symbol(agentkeepalive#socketRequestCount)]: 1,
          [Symbol(agentkeepalive#socketRequestFinishedCount)]: 0
        }
      ]
    },
    freeSockets: [Object: null prototype] {},
    keepAliveMsecs: 1000,
    keepAlive: true,
    maxSockets: 100,
    maxFreeSockets: 10,
    scheduling: 'lifo',
    maxTotalSockets: Infinity,
    totalSocketCount: 1,
    createSocketCount: 2,
    createSocketCountLastCheck: 0,
    createSocketErrorCount: 0,
    createSocketErrorCountLastCheck: 0,
    closeSocketCount: 1,
    closeSocketCountLastCheck: 0,
    errorSocketCount: 2,
    errorSocketCountLastCheck: 0,
    requestCount: 0,
    requestCountLastCheck: 0,
    timeoutSocketCount: 0,
    timeoutSocketCountLastCheck: 0,
    [Symbol(kCapture)]: false,
    [Symbol(agentkeepalive#currentId)]: 2
  },
  agents: {
    http: <ref *2> Agent {
      _events: [Object: null prototype] {
        free: [ [Function (anonymous)], [Function (anonymous)] ],
        newListener: [Function: maybeEnableKeylog]
      },
      _eventsCount: 2,
      _maxListeners: undefined,
      defaultPort: 80,
      protocol: 'http:',
      options: [Object: null prototype] {
        maxSockets: 100,
        maxFreeSockets: 10,
        timeout: 30000,
        freeSocketTimeout: 30000,
        keepAlive: true,
        socketActiveTTL: 0,
        noDelay: true,
        path: null
      },
      requests: [Object: null prototype] {},
      sockets: [Object: null prototype] { '::1:80:': [ [Socket] ] },
      freeSockets: [Object: null prototype] {},
      keepAliveMsecs: 1000,
      keepAlive: true,
      maxSockets: 100,
      maxFreeSockets: 10,
      scheduling: 'lifo',
      maxTotalSockets: Infinity,
      totalSocketCount: 1,
      createSocketCount: 2,
      createSocketCountLastCheck: 0,
      createSocketErrorCount: 0,
      createSocketErrorCountLastCheck: 0,
      closeSocketCount: 1,
      closeSocketCountLastCheck: 0,
      errorSocketCount: 2,
      errorSocketCountLastCheck: 0,
      requestCount: 0,
      requestCountLastCheck: 0,
      timeoutSocketCount: 0,
      timeoutSocketCountLastCheck: 0,
      [Symbol(kCapture)]: false,
      [Symbol(agentkeepalive#currentId)]: 2
    },
    https: HttpsAgent {
      _events: [Object: null prototype] {
        free: [ [Function (anonymous)], [Function (anonymous)] ],
        newListener: [Function: maybeEnableKeylog]
      },
      _eventsCount: 2,
      _maxListeners: undefined,
      defaultPort: 443,
      protocol: 'https:',
      options: [Object: null prototype] {
        rejectUnauthorized: true,
        maxSockets: 100,
        maxFreeSockets: 10,
        timeout: 30000,
        freeSocketTimeout: 30000,
        keepAlive: true,
        socketActiveTTL: 0,
        noDelay: true,
        path: null
      },
      requests: [Object: null prototype] {},
      sockets: [Object: null prototype] {},
      freeSockets: [Object: null prototype] {},
      keepAliveMsecs: 1000,
      keepAlive: true,
      maxSockets: 100,
      maxFreeSockets: 10,
      scheduling: 'lifo',
      maxTotalSockets: Infinity,
      totalSocketCount: 0,
      createSocketCount: 0,
      createSocketCountLastCheck: 0,
      createSocketErrorCount: 0,
      createSocketErrorCountLastCheck: 0,
      closeSocketCount: 0,
      closeSocketCountLastCheck: 0,
      errorSocketCount: 0,
      errorSocketCountLastCheck: 0,
      requestCount: 0,
      requestCountLastCheck: 0,
      timeoutSocketCount: 0,
      timeoutSocketCountLastCheck: 0,
      maxCachedSessions: 100,
      _sessionCache: { map: {}, list: [] },
      [Symbol(kCapture)]: false,
      [Symbol(agentkeepalive#currentId)]: 0
    }
  },
  auth: undefined,
  hostname: '::1',
  port: null,
  nativeProtocols: {
    'http:': {
      _connectionListener: [Function: connectionListener],
      METHODS: [
        'ACL',         'BIND',       'CHECKOUT',
        'CONNECT',     'COPY',       'DELETE',
        'GET',         'HEAD',       'LINK',
        'LOCK',        'M-SEARCH',   'MERGE',
        'MKACTIVITY',  'MKCALENDAR', 'MKCOL',
        'MOVE',        'NOTIFY',     'OPTIONS',
        'PATCH',       'POST',       'PROPFIND',
        'PROPPATCH',   'PURGE',      'PUT',
        'REBIND',      'REPORT',     'SEARCH',
        'SOURCE',      'SUBSCRIBE',  'TRACE',
        'UNBIND',      'UNLINK',     'UNLOCK',
        'UNSUBSCRIBE'
      ],
      STATUS_CODES: {
        '100': 'Continue',
        '101': 'Switching Protocols',
        '102': 'Processing',
        '103': 'Early Hints',
        '200': 'OK',
        '201': 'Created',
        '202': 'Accepted',
        '203': 'Non-Authoritative Information',
        '204': 'No Content',
        '205': 'Reset Content',
        '206': 'Partial Content',
        '207': 'Multi-Status',
        '208': 'Already Reported',
        '226': 'IM Used',
        '300': 'Multiple Choices',
        '301': 'Moved Permanently',
        '302': 'Found',
        '303': 'See Other',
        '304': 'Not Modified',
        '305': 'Use Proxy',
        '307': 'Temporary Redirect',
        '308': 'Permanent Redirect',
        '400': 'Bad Request',
        '401': 'Unauthorized',
        '402': 'Payment Required',
        '403': 'Forbidden',
        '404': 'Not Found',
        '405': 'Method Not Allowed',
        '406': 'Not Acceptable',
        '407': 'Proxy Authentication Required',
        '408': 'Request Timeout',
        '409': 'Conflict',
        '410': 'Gone',
        '411': 'Length Required',
        '412': 'Precondition Failed',
        '413': 'Payload Too Large',
        '414': 'URI Too Long',
        '415': 'Unsupported Media Type',
        '416': 'Range Not Satisfiable',
        '417': 'Expectation Failed',
        '418': "I'm a Teapot",
        '421': 'Misdirected Request',
        '422': 'Unprocessable Entity',
        '423': 'Locked',
        '424': 'Failed Dependency',
        '425': 'Too Early',
        '426': 'Upgrade Required',
        '428': 'Precondition Required',
        '429': 'Too Many Requests',
        '431': 'Request Header Fields Too Large',
        '451': 'Unavailable For Legal Reasons',
        '500': 'Internal Server Error',
        '501': 'Not Implemented',
        '502': 'Bad Gateway',
        '503': 'Service Unavailable',
        '504': 'Gateway Timeout',
        '505': 'HTTP Version Not Supported',
        '506': 'Variant Also Negotiates',
        '507': 'Insufficient Storage',
        '508': 'Loop Detected',
        '509': 'Bandwidth Limit Exceeded',
        '510': 'Not Extended',
        '511': 'Network Authentication Required'
      },
      Agent: [Function: Agent] { defaultMaxSockets: Infinity },
      ClientRequest: [Function: ClientRequest],
      IncomingMessage: [Function: IncomingMessage],
      OutgoingMessage: [Function: OutgoingMessage],
      Server: [Function: Server],
      ServerResponse: [Function: ServerResponse],
      createServer: [Function: createServer],
      validateHeaderName: [Function: __node_internal_],
      validateHeaderValue: [Function: __node_internal_],
      get: [Function: get],
      request: [Function: request],
      maxHeaderSize: [Getter],
      globalAgent: [Getter/Setter]
    },
    'https:': {
      Agent: [Function: Agent],
      globalAgent: Agent {
        _events: [Object: null prototype] {
          free: [Function (anonymous)],
          newListener: [Function: maybeEnableKeylog]
        },
        _eventsCount: 2,
        _maxListeners: undefined,
        defaultPort: 443,
        protocol: 'https:',
        options: [Object: null prototype] { noDelay: true, path: null },
        requests: [Object: null prototype] {},
        sockets: [Object: null prototype] {},
        freeSockets: [Object: null prototype] {},
        keepAliveMsecs: 1000,
        keepAlive: false,
        maxSockets: Infinity,
        maxFreeSockets: 256,
        scheduling: 'lifo',
        maxTotalSockets: Infinity,
        totalSocketCount: 0,
        maxCachedSessions: 100,
        _sessionCache: { map: {}, list: [] },
        [Symbol(kCapture)]: false
      },
      Server: [Function: Server],
      createServer: [Function: createServer],
      get: [Function: get],
      request: [Function: request]
    }
  },
  pathname: 'sand/oauth2/access_token'
},
_ended: false,
_ending: true,
_redirectCount: 0,
_redirects: [],
_requestBodyLength: 1084,
_requestBodyBuffers: [
  {
    data: Buffer(1084) [Uint8Array] [

-cut- ], encoding: undefined } ], _onNativeResponse: [Function (anonymous)], _currentRequest: <ref 4> ClientRequest { _events: [Object: null prototype] { response: [Function: bound onceWrapper] { listener: [Function (anonymous)] }, abort: [Function (anonymous)], aborted: [Function (anonymous)], connect: [Function (anonymous)], error: [Function (anonymous)], socket: [Function (anonymous)], timeout: [Function (anonymous)] }, _eventsCount: 7, _maxListeners: undefined, outputData: [], outputSize: 0, writable: true, destroyed: false, _last: false, chunkedEncoding: false, shouldKeepAlive: true, maxRequestsOnConnectionReached: false, _defaultKeepAlive: true, useChunkedEncodingByDefault: true, sendDate: false, _removedConnection: false, _removedContLen: false, _removedTE: false, _contentLength: null, _hasBody: true, _trailer: '', finished: false, _headerSent: true, _closed: false, socket: <ref 1> Socket { connecting: false, _hadError: true, _parent: null, _host: null, _readableState: ReadableState { objectMode: false, highWaterMark: 16384, buffer: BufferList { head: null, tail: null, length: 0 }, length: 0, pipes: [], flowing: true, ended: false, endEmitted: false, reading: true, constructed: true, sync: false, needReadable: true, emittedReadable: false, readableListening: false, resumeScheduled: false, errorEmitted: true, emitClose: false, autoDestroy: true, destroyed: true, errored: Error: connect ECONNREFUSED ::1:80 at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1237:16) { errno: -111, code: 'ECONNREFUSED', syscall: 'connect', address: '::1', port: 80 }, closed: true, closeEmitted: true, defaultEncoding: 'utf8', awaitDrainWriters: null, multiAwaitDrain: false, readingMore: false, dataEmitted: false, decoder: null, encoding: null,

    },
    _events: [Object: null prototype] {
      end: [Function: onReadableStreamEnd],
      connect: [
        [Function: bound onceWrapper] {
          listener: [Function: onNewCreate]
        },
        [Function: bound onceWrapper] {
          listener: [Function: connect]
        },
        [Function: bound onceWrapper] {
          listener: [Function (anonymous)]
        }
      ],
      free: [ [Function: onFree], [Function: onFree] ],
      close: [
        [Function: onClose],
        [Function: onClose],
        [Function: socketCloseListener]
      ],
      timeout: [
        [Function: onTimeout],
        [Function: onTimeout],
        [Function: bound onceWrapper] {
          listener: [Function: emitRequestTimeout]
        },
        [Function: destroy]
      ],
      error: [ [Function: onError], [Function: socketErrorListener] ],
      agentRemove: [ [Function: onRemove], [Function: onRemove] ],
      drain: [Function: ondrain]
    },
    _eventsCount: 8,
    _maxListeners: undefined,
    _writableState: WritableState {
      objectMode: false,
      highWaterMark: 16384,
      finalCalled: false,
      needDrain: false,
      ending: false,
      ended: false,
      finished: false,
      destroyed: true,
      decodeStrings: false,
      defaultEncoding: 'utf8',
      length: 1437,
      writing: true,
      corked: 0,
      sync: false,
      bufferProcessing: false,
      onwrite: [Function: bound onwrite],
      writecb: [Function (anonymous)],
      writelen: 1437,
      afterWriteTickInfo: null,
      buffered: [],
      bufferedIndex: 0,
      allBuffers: true,
      allNoop: true,
      pendingcb: 1,
      constructed: true,
      prefinished: false,
      errorEmitted: true,
      emitClose: false,
      autoDestroy: true,
      errored: Error: connect ECONNREFUSED ::1:80
          at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1237:16) {
        errno: -111,
        code: 'ECONNREFUSED',
        syscall: 'connect',
        address: '::1',
        port: 80
      },
      closed: true,
      closeEmitted: true,
      [Symbol(kOnFinished)]: []
    },
    allowHalfOpen: false,
    _sockname: null,
    _pendingData: [
      {
        chunk: 'POST sand/oauth2/access_token HTTP/1.1\r\n' +
          'Accept: application/json, text/plain, */*\r\n' +
          'Content-Type: application/x-www-form-urlencoded\r\n' +
          'User-Agent: @rockcarver/frodo-lib/0.18.8\r\n' +
          'X-ForgeRock-TransactionId: frodo-9b1b8443-319d-411e-bec3-855f6d884070\r\n' +
          'Accept-API-Version: protocol=2.1,resource=1.0\r\n' +
          'Content-Length: 1084\r\n' +
          'Host: [::1]\r\n' +
          'Connection: keep-alive\r\n' +
          '\r\n',
        encoding: 'latin1',
        callback: [Function: nop]
      },
      {
        chunk: Buffer(1084) [Uint8Array] [

-cut- ], encoding: 'buffer', callback: [Function (anonymous)] }, allBuffers: false ], _pendingEncoding: '', server: null, _server: null, timeout: 30000, parser: null, _httpMessage: [Circular *4],

    [Symbol(kHandle)]: null,
    [Symbol(lastWriteQueueSize)]: 0,
    [Symbol(timeout)]: Timeout {
      _idleTimeout: -1,
      _idlePrev: null,
      _idleNext: null,
      _idleStart: 318,
      _onTimeout: null,
      _timerArgs: undefined,
      _repeat: null,
      _destroyed: true,
      [Symbol(refed)]: false,
      [Symbol(kHasPrimitive)]: false,
      [Symbol(asyncId)]: 2452,
      [Symbol(triggerId)]: 2446
    },
    [Symbol(kBuffer)]: null,
    [Symbol(kBufferCb)]: null,
    [Symbol(kBufferGen)]: null,
    [Symbol(kCapture)]: false,
    [Symbol(kSetNoDelay)]: true,
    [Symbol(kSetKeepAlive)]: true,
    [Symbol(kSetKeepAliveInitialDelay)]: 0,
    [Symbol(kBytesRead)]: 0,
    [Symbol(kBytesWritten)]: 0,
    [Symbol(agentkeepalive#socketName)]: 'sock[1#::1:80:]',
    [Symbol(agentkeepalive#socketRequestCount)]: 1,
    [Symbol(agentkeepalive#socketRequestFinishedCount)]: 0
  },
  _header: 'POST sand/oauth2/access_token HTTP/1.1\r\n' +
    'Accept: application/json, text/plain, */*\r\n' +
    'Content-Type: application/x-www-form-urlencoded\r\n' +
    'User-Agent: @rockcarver/frodo-lib/0.18.8\r\n' +
    'X-ForgeRock-TransactionId: frodo-9b1b8443-319d-411e-bec3-855f6d884070\r\n' +
    'Accept-API-Version: protocol=2.1,resource=1.0\r\n' +
    'Content-Length: 1084\r\n' +
    'Host: [::1]\r\n' +
    'Connection: keep-alive\r\n' +
    '\r\n',
  _keepAliveTimeout: 0,
  _onPendingData: [Function: nop],
  agent: <ref *2> Agent {
    _events: [Object: null prototype] {
      free: [ [Function (anonymous)], [Function (anonymous)] ],
      newListener: [Function: maybeEnableKeylog]
    },
    _eventsCount: 2,
    _maxListeners: undefined,
    defaultPort: 80,
    protocol: 'http:',
    options: [Object: null prototype] {
      maxSockets: 100,
      maxFreeSockets: 10,
      timeout: 30000,
      freeSocketTimeout: 30000,
      keepAlive: true,
      socketActiveTTL: 0,
      noDelay: true,
      path: null
    },
    requests: [Object: null prototype] {},
    sockets: [Object: null prototype] {
      '::1:80:': [
        <ref *1> Socket {
          connecting: false,
          _hadError: true,
          _parent: null,
          _host: null,
          _readableState: [ReadableState],
          _events: [Object: null prototype],
          _eventsCount: 8,
          _maxListeners: undefined,
          _writableState: [WritableState],
          allowHalfOpen: false,
          _sockname: null,
          _pendingData: [Array],
          _pendingEncoding: '',
          server: null,
          _server: null,
          timeout: 30000,
          parser: null,
          _httpMessage: [Circular *4],
          [Symbol(async_id_symbol)]: 2444,
          [Symbol(kHandle)]: null,
          [Symbol(lastWriteQueueSize)]: 0,
          [Symbol(timeout)]: [Timeout],
          [Symbol(kBuffer)]: null,
          [Symbol(kBufferCb)]: null,
          [Symbol(kBufferGen)]: null,
          [Symbol(kCapture)]: false,
          [Symbol(kSetNoDelay)]: true,
          [Symbol(kSetKeepAlive)]: true,
          [Symbol(kSetKeepAliveInitialDelay)]: 0,
          [Symbol(kBytesRead)]: 0,
          [Symbol(kBytesWritten)]: 0,
          [Symbol(agentkeepalive#socketName)]: 'sock[1#::1:80:]',
          [Symbol(agentkeepalive#socketRequestCount)]: 1,
          [Symbol(agentkeepalive#socketRequestFinishedCount)]: 0
        }
      ]
    },
    freeSockets: [Object: null prototype] {},
    keepAliveMsecs: 1000,
    keepAlive: true,
    maxSockets: 100,
    maxFreeSockets: 10,
    scheduling: 'lifo',
    maxTotalSockets: Infinity,
    totalSocketCount: 1,
    createSocketCount: 2,
    createSocketCountLastCheck: 0,
    createSocketErrorCount: 0,
    createSocketErrorCountLastCheck: 0,
    closeSocketCount: 1,
    closeSocketCountLastCheck: 0,
    errorSocketCount: 2,
    errorSocketCountLastCheck: 0,
    requestCount: 0,
    requestCountLastCheck: 0,
    timeoutSocketCount: 0,
    timeoutSocketCountLastCheck: 0,
    [Symbol(kCapture)]: false,
    [Symbol(agentkeepalive#currentId)]: 2
  },
  socketPath: undefined,
  method: 'POST',
  maxHeaderSize: undefined,
  insecureHTTPParser: undefined,
  path: 'sand/oauth2/access_token',
  _ended: false,
  res: null,
  aborted: false,
  timeoutCb: [Function: emitRequestTimeout],
  upgradeOrConnect: false,
  parser: null,
  maxHeadersCount: null,
  reusedSocket: false,
  host: '::1',
  protocol: 'http:',
  _redirectable: [Circular *5],
  [Symbol(kCapture)]: false,
  [Symbol(kNeedDrain)]: false,
  [Symbol(corked)]: 0,
  [Symbol(kOutHeaders)]: [Object: null prototype] {
    accept: [ 'Accept', 'application/json, text/plain, */*' ],
    'content-type': [ 'Content-Type', 'application/x-www-form-urlencoded' ],
    'user-agent': [ 'User-Agent', '@rockcarver/frodo-lib/0.18.8' ],
    'x-forgerock-transactionid': [
      'X-ForgeRock-TransactionId',
      'frodo-9b1b8443-319d-411e-bec3-855f6d884070'
    ],
    'accept-api-version': [ 'Accept-API-Version', 'protocol=2.1,resource=1.0' ],
    'content-length': [ 'Content-Length', 1084 ],
    host: [ 'Host', '[::1]' ]
  },
  [Symbol(kUniqueHeaders)]: null
},
_currentUrl: 'sand/oauth2/access_token',
_timeout: null,
[Symbol(kCapture)]: false

} } Service account login error: Error: connect ECONNREFUSED ::1:80 Error: Service account login error: Error: connect ECONNREFUSED ::1:80 at /snapshot/dist/node_modules/@rockcarver/frodo-lib/cjs/ops/AuthenticateOps.js:457:17 at Generator.throw () at asyncGeneratorStep (/snapshot/dist/node_modules/@rockcarver/frodo-lib/cjs/ops/AuthenticateOps.js:26:103) at _throw (/snapshot/dist/node_modules/@rockcarver/frodo-lib/cjs/ops/AuthenticateOps.js:27:291) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) AuthenticateOps.getTokens: end without tokens

jgdtech commented 1 year ago

Output of "frodo conn describe sand":

ConnectionProfileOps.describeConnectionProfile: start { tenant: 'https://openam-cut-sandbox-cut-.forgeblocks.com/am', username: 'first.last@example.com', password: '-cut-', logApiKey: '13014b55e8d15350427c12ffdb258bbc', logApiSecret: '-cut-', authenticationService: null, authenticationHeaderOverrides: {}, svcacctName: 'frodo-firstlast', svcacctId: '3214e21d-cccd-4d39-b83a-e9f0cb344599', svcacctJwk: { d: '-cut-', dp: '-cut-', dq: '-cut-', e: 'AQAB', kty: 'RSA', n: '-cut-', p: '-cut-', q: '-cut-', qi: '-cut-' } } Host │https://openam-cut-sandbox-cut-.forgeblocks.com/am Username │first.last@example.com Password │[present] Log API Key │13014b55e8d15350427c12ffdb258bbc Log API Secret │[present] Service Account Name│frodo-firstlast Service Account Id │3214e21d-cccd-4d39-b83a-e9f0cb344599 Service Account JWK │[present] ConnectionProfileOps.describeConnectionProfile: end

vscheuber commented 1 year ago

Ok, this one is still a mystery to me but I will look into it some more. I might ask you to re-run your tests with a more verbose version if I can't duplicate the issue on my side. Thank you for providing the info. The --curlirize output makes it clear that frodo failes to properly resolve the hostname/url, so I know where to look.

vscheuber commented 1 year ago

@jgdtech if you find the time, would you mind running frodo-cli v0.23.1-1 with the --debug option when reproducing your issue? I could not get it to do what you are seeing so I decided to add some more debug output to help us understand what's happening.

jgdtech commented 1 year ago

Welp... I did the following in my git bash on Windows: $ cd frodo-cli $ npm uninstall -g $ git checkout v0.23.1-1 $ rm -rm node_modules $ npm install $ npm run build:local # which we always seem to have to run since I don't know what version $ npm i -g $ frodo -v node:internal/errors:490 ErrorCaptureStackTrace(err); ^

Error [ERR_UNSUPPORTED_ESM_URL_SCHEME]: Only URLs with a scheme in: file and data are supported by the default ESM loader. On Windows, absolute paths must be valid file:// URLs. Received protocol 'c:' at __node_internal_captureLargerStackTrace (node:internal/errors:490:5) at new NodeError (node:internal/errors:399:5) at throwIfUnsupportedURLScheme (node:internal/modules/esm/resolve:1059:11) at defaultResolve (node:internal/modules/esm/resolve:1135:3) at nextResolve (node:internal/modules/esm/loader:163:28) at ESMLoader.resolve (node:internal/modules/esm/loader:838:30) at ESMLoader.getModuleJob (node:internal/modules/esm/loader:424:18) at ESMLoader.import (node:internal/modules/esm/loader:525:22) at initializeLoader (node:internal/process/esm_loader:75:58) at loadESM (node:internal/process/esm_loader:90:11) at runMainESM (node:internal/modules/run_main:55:21) at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:78:5) at node:internal/main/run_main_module:23:47 { code: 'ERR_UNSUPPORTED_ESM_URL_SCHEME' }

Node.js v18.15.0

This is the issue reported in #212

:(

jgdtech commented 1 year ago

Let me get a correct version here. Going back to v0.23.0 and testing for that issue with #212 ...

jgdtech commented 1 year ago

Yep, I see it with v0.23.0, head back a version

jgdtech commented 1 year ago

frodo v0.22.0 doesn't have the issue from #212. Can you put the same debugging there for me to use?

jgdtech commented 1 year ago

ok, with frodo v.0.22.0 (NPM), I can do the following: frodo conn desc xadv (I have more than one sandbox connection now, so picked another unique substring) - this works export FRODO_HOST=https://url/am frodo info - this works frodo info xadv - this fails with error: Error getting cookie name: Error: connect ECONNREFUSED ::1:80 Service account login error: Error: connect ECONNREFUSED ::1:80

This is all within git bash on Windows. $ frodo -v You seem to be running the NPM package Installed versions: cli: v0.22.0 lib: v0.18.4 node: v18.15.0

jgdtech commented 1 year ago

not quite sure why I ran the binary package before for v0.23.0 ... but ok

jgdtech commented 1 year ago

FYI with version v.0.22.3 this is working frodo info xadvu ... correct result displayed, with bearer token

frodo info dvuse1-dev ... correct result

$ frodo -v You seem to be running the NPM package Installed versions: cli: v0.22.3 lib: v0.18.7 node: v18.15.0

vscheuber commented 10 months ago

Closing. @jgdtech please reopen if you are still struggling with this.