Should Zowe Desktop skip the login page if redirected from Gateway with apimlAuthenticationToken cookie already set?

[pablocarle]

Describe the bug

If SSO is enabled with API ML, it shouldn't prompt for user credentials considering apimlAuthenticationToken is already set when accessing through the gateway.

Steps to Reproduce

1. Login to gateway through API Catalog:
2. Open Zowe Application Server tile:
3. Open service homepage:

Or go to https://:/zlux/api/v1

4. It will show Zowe Desktop login page and set cookie connect.sid.1

Expected behavior

If SSO is enabled with API ML, it shouldn't prompt for user credentials considering apimlAuthenticationToken is already set.

Screenshots (if needed)

Describe your environment

• Zowe version number (Check the Desktop login screen, or manifest.json in the Zowe install folder): nightly v2
• Install method (pax, smpe, kubernetes, github clone): pax
• Operating system (z/OS, kubernetes, etc) and OS version: z/OS
• Node.js version number (Shown in logs, or via node --version):
• Java version number (Shown in logs, or via java -version):
• z/OSMF version:
• Browser: Chrome
• Are you accessing the Desktop from the APIML Gateway? (Recommended): Yes
• What is the output of log message ZWES1014I:
• Environment variables in use: default installation

[1000TurquoisePogs]

Thank you. I agree and this must be a regression but not sure when. I see the if (request.body) of the auth-handler returns true because its {} and I think it was undefined before. I can reproduce this so I will submit some PRs soon.

[1000TurquoisePogs]

I believe this may satisfy the request zowe.jfrog.io/zowe/libs-snapshot-local/org/zowe/2.9.0-PR-3418/zowe-2.9.0-pr-3418-3084-20230511150533.pax

[pablocarle]

Hi @1000TurquoisePogs, I was trying this on the released 2.9.0 PAX and I find that's still requiring going through the desktop's login page, did it make it into this release?