search

zowe / zowe-cli

Zowe CLI
Eclipse Public License 2.0
108 stars 85 forks source link

zowe auth login apiml creates 2nd base profile #2181

Open dkelosky opened 1 week ago

dkelosky commented 1 week ago

Steps:

  1. run zowe config init and respond to prompts
  2. run zowe config auto-init and respond to prompts
  3. verify zowe jobs list jobs functions correctly after
  4. run zowe auth login apiml

This gives a response:

~/dev/systems/apiml> zowe auth login apiml
Do you want to store the host, port, and token on disk for use with future commands? If you answer Yes, the credentials will be saved to a base profile named 'base_apiml'. If you answer No, the token will be printed to the terminal and will not be stored on disk. [y/N]: y

Login successful. The authentication token is stored in the 'base_apiml' base profile for future use. To revoke this token and remove it from your profile, review the 'zowe auth logout' command.

My original base profile was:

        "base": {
            "type": "base",
            "properties": {
                "host": "mainframe.net",
                "rejectUnauthorized": true,
                "port": 60154,
                "tokenType": "apimlAuthenticationToken"
            },
            "secure": [
                "user",
                "password",
                "tokenValue"
            ]
        },

This auth command added:

        "base_apiml": {
            "type": "base",
            "properties": {
                "host": "mainframe.net",
                "port": 60154,
                "tokenType": "apimlAuthenticationToken"
            },
            "secure": [
                "tokenValue"
            ]
        }

Shouldn't login have instead performed a login to my existing base profile?

github-actions[bot] commented 1 week ago

Thank you for creating a bug report. We will investigate the bug and evaluate its impact on the product. If you haven't already, please ensure you have provided steps to reproduce the bug and as much context as possible.

zFernand0 commented 4 days ago

I had a chance to execute these commands.

I didn't expect to end up with a tokenValue and basic-auth in the same base profile after the auto-init operation.

But I believe the behavior of creating a new base_apiml profile is OK, since it prevents me from storing creds with token on the same base profile.

It is likely possible that I might be mixing things here, but I kind of remember us not wanting to store token and creds in the same base profile.

On a similar note, I would've expected the new base profile (base_apiml) to have remembered my rejectUnauthorized value since it did not ask for a host (meaning that it knows I'm connecting to the same one that had ru=false)