Open SanthoshiBoyina1 opened 2 weeks ago
Attention: Patch coverage is 93.84615%
with 4 lines
in your changes missing coverage. Please review.
Project coverage is 93.43%. Comparing base (
ad639a6
) to head (b1901b7
). Report is 2 commits behind head on main.
Files | Patch % | Lines |
---|---|---|
packages/zowe-explorer/src/Profiles.ts | 94.91% | 3 Missing :warning: |
...kages/zowe-explorer/src/utils/ProfileManagement.ts | 83.33% | 1 Missing :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Failed conditions
7 Security Hotspots
49.5% Duplication on New Code (required ≤ 3%)
While this seems to be working, I'm wondering if there is an issue with adding tokenValue to the secure array for the z/OSMF profile when the base profile also has tokenValue in its secure array, i.e., which tokenValue would get updated if we reauthenticate in Zowe Explorer and what would be the implications for other Zowe extensions/CLI plugins that also go through the mediation layer to different services?
My config after switching from token auth to basic auth, then back to token auth for my dev.zosmf profile:
"profiles": {
"base": {
"type": "base",
"properties": {
"host": "example.net",
"port": 123,
"rejectUnauthorized": false,
"tokenType": "apimlAuthenticationToken"
},
"secure": [
"tokenValue"
]
},
"dev": {
"profiles": {
"zosmf": {
"type": "zosmf",
"properties": {
"basePath": "/ibmzosmf/api/v1"
},
"secure": [
"tokenValue"
]
}
}
},
While this seems to be working, I'm wondering if there is an issue with adding tokenValue to the secure array for the z/OSMF profile when the base profile also has tokenValue in its secure array, i.e., which tokenValue would get updated if we reauthenticate in Zowe Explorer and what would be the implications for other Zowe extensions/CLI plugins that also go through the mediation layer to different services?
My config after switching from token auth to basic auth, then back to token auth for my dev.zosmf profile:
"profiles": { "base": { "type": "base", "properties": { "host": "example.net", "port": 123, "rejectUnauthorized": false, "tokenType": "apimlAuthenticationToken" }, "secure": [ "tokenValue" ] }, "dev": { "profiles": { "zosmf": { "type": "zosmf", "properties": { "basePath": "/ibmzosmf/api/v1" }, "secure": [ "tokenValue" ] } } },
Especially, for the zosmf and apiml-zosmf profile I was not able to login using token-based authentication. The servers specific to IBM are not responding after the maintenance. I need to retest it and modify once the server is back.
After discussion during standup, we should display a final confirmation dialog/quickpick to ensure that people do want to switch auth methods. After the confirmation, then we are good to modify the base profile. And as a final sanity check, we should check the status of the base profile to make sure that it does not contains both auth methods (basic & token)
Proposed changes
To add the ability to switch between basic authentication and token-based authentication.
Release Notes
Milestone:
Changelog:
Types of changes
What types of changes does your code introduce to Zowe Explorer? Put an
x
in the boxes that applyChecklist
Put an
x
in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This checklist will be used as reference for both the contributor and the revieweryarn workspace vscode-extension-for-zowe vscode:prepublish
has been executedFurther comments