Adding the ability to switch between basic authentication and token-based authentication

[SanthoshiBoyina1]

Proposed changes

To add the ability to switch between basic authentication and token-based authentication.

Release Notes

Milestone:

Changelog:

Types of changes

What types of changes does your code introduce to Zowe Explorer? Put an x in the boxes that apply

• [ ] Bugfix (non-breaking change which fixes an issue)
• [x] New feature (non-breaking change which adds functionality)
• [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
• [ ] Updates to Documentation or Tests (if none of the other choices apply)

Checklist

Put an x in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This checklist will be used as reference for both the contributor and the reviewer

• [x] I have read the CONTRIBUTOR GUIDANCE wiki
• [x] PR title follows Conventional Commits Guidelines
• [x] PR Description is included
• [ ] gif or screenshot is included if visual changes are made
• [x] yarn workspace vscode-extension-for-zowe vscode:prepublish has been executed
• [ ] All checks have passed (DCO, Jenkins and Code Coverage)
• [x] I have added unit test and it is passing
• [ ] I have added integration test and it is passing
• [ ] There is coverage for the code that I have added
• [ ] I have tested it manually and there are no regressions found
• [ ] I have added necessary documentation (if appropriate)
• [ ] Any PR dependencies have been merged and published (if appropriate)

Further comments

[codecov[bot]]

Codecov Report

Attention: Patch coverage is 93.84615% with 4 lines in your changes missing coverage. Please review.

Project coverage is 93.43%. Comparing base (ad639a6) to head (b1901b7). Report is 2 commits behind head on main.

Files	Patch %	Lines
packages/zowe-explorer/src/Profiles.ts	94.91%	3 Missing :warning:
...kages/zowe-explorer/src/utils/ProfileManagement.ts	83.33%	1 Missing :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #2944 +/- ## ========================================== - Coverage 93.51% 93.43% -0.09% ========================================== Files 104 104 Lines 10895 10959 +64 Branches 2388 2403 +15 ========================================== + Hits 10189 10240 +51 - Misses 705 718 +13 Partials 1 1 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[sonarcloud[bot]]

Quality Gate failed

Failed conditions
7 Security Hotspots
49.5% Duplication on New Code (required ≤ 3%)

See analysis details on SonarCloud

[adam-wolfe]

While this seems to be working, I'm wondering if there is an issue with adding tokenValue to the secure array for the z/OSMF profile when the base profile also has tokenValue in its secure array, i.e., which tokenValue would get updated if we reauthenticate in Zowe Explorer and what would be the implications for other Zowe extensions/CLI plugins that also go through the mediation layer to different services?

My config after switching from token auth to basic auth, then back to token auth for my dev.zosmf profile:

    "profiles": {
        "base": {
            "type": "base",
            "properties": {
                "host": "example.net",
                "port": 123,
                "rejectUnauthorized": false,
                "tokenType": "apimlAuthenticationToken"
            },
            "secure": [
                "tokenValue"
            ]
        },
        "dev": {
            "profiles": {
                "zosmf": {
                    "type": "zosmf",
                    "properties": {
                        "basePath": "/ibmzosmf/api/v1"
                    },
                    "secure": [
                        "tokenValue"
                    ]
                }
            }
        },

[SanthoshiBoyina1]

While this seems to be working, I'm wondering if there is an issue with adding tokenValue to the secure array for the z/OSMF profile when the base profile also has tokenValue in its secure array, i.e., which tokenValue would get updated if we reauthenticate in Zowe Explorer and what would be the implications for other Zowe extensions/CLI plugins that also go through the mediation layer to different services?

My config after switching from token auth to basic auth, then back to token auth for my dev.zosmf profile:

    "profiles": {
        "base": {
            "type": "base",
            "properties": {
                "host": "example.net",
                "port": 123,
                "rejectUnauthorized": false,
                "tokenType": "apimlAuthenticationToken"
            },
            "secure": [
                "tokenValue"
            ]
        },
        "dev": {
            "profiles": {
                "zosmf": {
                    "type": "zosmf",
                    "properties": {
                        "basePath": "/ibmzosmf/api/v1"
                    },
                    "secure": [
                        "tokenValue"
                    ]
                }
            }
        },

Especially, for the zosmf and apiml-zosmf profile I was not able to login using token-based authentication. The servers specific to IBM are not responding after the maintenance. I need to retest it and modify once the server is back.

[zFernand0]

After discussion during standup, we should display a final confirmation dialog/quickpick to ensure that people do want to switch auth methods. After the confirmation, then we are good to modify the base profile. And as a final sanity check, we should check the status of the base profile to make sure that it does not contains both auth methods (basic & token)