VCD Provider - Error: something went wrong during authentication

[trevorwilliams2020]

Hello,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

• 1.3.6
• go 1.19.5
• vmware/vcd v3.8.2 for linux_amd64

Affected Resource(s)

Please list the resources as a list, for example:

• vcd provider

Terraform Configuration Files

terraform {
  required_providers {
    vcd = {
      source  = "vmware/vcd"
      version = "~> 3.8.2"
    }
  }
}

provider "vcd" {
  user                 = "none"
  password             = "none"
  auth_type            = "api_token"
  api_token            = var.api_token
  sysorg               = var.org
  org                  = var.org
  vdc                  = var.vdc
  url                  = "https://api-vca-abXXX.something.foo.com.ie/api"
  max_retry_timeout    = var.vcd_max_retry_timeout
  allow_unverified_ssl = var.vcd_allow_unverified_ssl
}

For bigger configs you may use [Gist(s)](https://gist.github.com) or a service like Dropbox and
share a link to the ZIP file.

Debug Output

Please provide a link to GitHub Gist(s) containing complete debug output. You can enable debug by using the commands below:

2023-02-02T07:52:36.834Z [TRACE] provider.terraform-provider-vcd_v3.8.2: Calling downstream: @module=sdk.helper_schema tf_provider_addr=provider tf_req_id=bf268f00-3a60-5ac1-3296-7d9abf5ac918 tf_rpc=Configure @caller=github.com/hashicorp/terraform-plugin-sdk/v2@v2.24.1/helper/schema/grpc_provider.go:556 timestamp=2023-02-02T07:52:36.833Z
[6570](https://github.com/noname/terraform-vca-infrastructure-deploy/actions/runs/4072343920/jobs/7014999429#step:12:6571)
2023-02-02T07:52:37.509Z [TRACE] provider.terraform-provider-vcd_v3.8.2: Called downstream: tf_req_id=bf268f00-3a60-5ac1-3296-7d9abf5ac918 tf_rpc=Configure @caller=github.com/hashicorp/terraform-plugin-sdk/v2@v2.24.1/helper/schema/grpc_provider.go:558 @module=sdk.helper_schema tf_provider_addr=provider timestamp=2023-02-02T07:52:37.508Z
[6571](https://github.com/noname/terraform-vca-infrastructure-deploy/actions/runs/4072343920/jobs/7014999429#step:12:6572)
2023-02-02T07:52:37.509Z [TRACE] provider.terraform-provider-vcd_v3.8.2: Received downstream response: tf_provider_addr=provider tf_req_duration_ms=675 tf_rpc=Configure @caller=github.com/hashicorp/terraform-plugin-go@v0.14.1/tfprotov5/internal/tf5serverlogging/downstream_request.go:37 @module=sdk.proto diagnostic_error_count=1 diagnostic_warning_count=0 tf_proto_version=5.3 tf_req_id=bf268f00-3a60-5ac1-3296-7d9abf5ac918 timestamp=2023-02-02T07:52:37.509Z
[6572](https://github.com/noname/terraform-vca-infrastructure-deploy/actions/runs/4072343920/jobs/7014999429#step:12:6573)
Error: -02T07:52:37.509Z [ERROR] provider.terraform-provider-vcd_v3.8.2: Response contains error diagnostic: diagnostic_detail= diagnostic_severity=ERROR diagnostic_summary="something went wrong during authentication: Post "https:/-vca-abXXX.something.foo.com.ie/api/oauth/tenant/abXXX-XX-XX/token": http: no Host in request URL" tf_proto_version=5.3 tf_req_id=bf268f00-3a60-5ac1-3296-7d9abf5ac918 tf_rpc=Configure tf_provider_addr=provider @caller=github.com/hashicorp/terraform-plugin-go@v0.14.1/tfprotov5/internal/diag/diagnostics.go:55 @module=sdk.proto timestamp=2023-02-02T07:52:37.509Z
[6573](https://github.com/noname/terraform-vca-infrastructure-deploy/actions/runs/4072343920/jobs/7014999429#step:12:6574)
2023-02-02T07:52:37.509Z [TRACE] provider.terraform-provider-vcd_v3.8.2: Served request: @module=sdk.proto tf_provider_addr=provider tf_req_id=bf268f00-3a60-5ac1-3296-7d9abf5ac918 @caller=github.com/hashicorp/terraform-plugin-go@v0.14.1/tfprotov5/tf5server/server.go:567 tf_proto_version=5.3 tf_rpc=Configure timestamp=2023-02-02T07:52:37.509Z
[6574](https://github.com/noname/terraform-vca-infrastructure-deploy/actions/runs/4072343920/jobs/7014999429#step:12:6575)
Error: -02T07:52:37.509Z [ERROR] vertex "provider[\"registry.terraform.io/vmware/vcd\"]" error: something went wrong during authentication: Post "https:/-vca-abXXX.something.foo.com.ie/api/oauth/tenant/abXXX-XX-XX/token": http: no Host in request URL
[6575](https://github.com/noname/terraform-vca-infrastructure-deploy/actions/runs/4072343920/jobs/7014999429#step:12:6576)
2023-02-02T07:52:37.509Z [TRACE] vertex "provider[\"registry.terraform.io/vmware/vcd\"]": visit complete, with errors   

On Windows the command instead of export is set.

Replicate the issue after setting the environment variables listed above and it should create two new files in the working directory: tf.log and go-vcloud-director.log. The tf.log is a general Terraform debug log (more information about it is in https://www.terraform.io/docs/internals/debugging.html) while the go-vcloud-director.log is a specific log file for terraform-provider-vcd containing debug information about performed API calls. Please attach both of them to your Gist.

Panic Output

If Terraform produced a panic, please provide a link to a GitHub Gist containing the output of the crash.log.

Expected Behavior

Should be able to use an api_token and authenticate successfully

Actual Behavior

url seems to get modified and returns an incorrect url. Having multiple instances of the word api could be causing issues? incorrect url returned which errors out and breaks the process.

Returned value when using api_token as the auth_type shown below.

• https:/-vca-abXXX.something.foo.com.ie/api/oauth/tenant/abXXX-XX-XX/token

• refer to the supplied url which begins with https://api-vca

• I was able to change the provider to use auth_type = "token" and then use token = "a bearer token generated from the script supplied" which successfully authenticated using the same url. It's something about the process which the api_token handles and crafts the final URL.

• bear_token process is ok

• When using an api_token with the correct options causes the error as shown in the logs.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. terraform check

User Access rights

Information about user used. Role and/or more exact rights if it is customized. can create a bearer token and successfully authenticate using that token

Important Factoids

Is there anything atypical about your accounts that we should know?

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

• Issue #0000

[dataclouder]

Thanks for this report. The error seems to be in go-vcloud-director/govcd/api_token.go where a string substitution assumes that /api occurs only once, which apparently is not the case here. I can't offer a workaround at the moment, but we will fix this issue as soon as possible.