Handle new APIML unique cookie identifier

[zFernand0]

What It Does

• resolves Handle new APIML unique cookie identifier functionality imperative#979
• ⚠️ depends on Handle new APIML unique cookie identifier imperative#996 ⚠️
• allowed dynamic APIML token types on various commands
• prevented basepath requirement error on invalid credentials or invalid/expired token
• allowed logout operation with invalid and/or expired tokens

How to Test

Note: you may need to build the APIML (https://github.com/zowe/api-layer) locally in order to configure it to use unique cookie identifiers

Commands to try:

• zowe auth login apiml
• zowe auth logout apiml
• zowe config secure
• zowe config auto-init

---

Scenarios from Imperative:

• prevented multiple logout operations from failing due to not having a token available
  • Scenarios:
    • have an expired token in your vault, or
    • save a dummy value for the tokenValue property, or
    • have an empty string as your token
  • Before:

     λ zowe auth logout apiml
     Enter the host name of your service: sys1.com
     Enter the port number for your service: 10010
     Command Error:
     This operation requires authentication.
    
     z/OSMF REST API Error:
     Rest API failure with HTTP(S) status 401
     messages:
       -
         messageType:    ERROR
         messageNumber:  ZWEAT100E
         messageContent: Token is expired for URL '/api/v1/gateway/auth/logout'
         messageKey:     org.zowe.apiml.security.expiredToken
    
     Host:      sys1.com
     Port:      10010
     Base Path:
     Resource:  /api/v1/gateway/auth/logout
     Request:   POST
     Headers:   undefined
     Payload:   POST
    
     Error Details:
     Token is not valid or expired.
    
     For CLI usage, see `zowe auth login apiml --help`
    

  • After:

    # zdev auth logout apiml
    Logout successful. The authentication token has been revoked and removed from your 'base_real' base profile
    

• added support for multiple token authentication processes in a single config secure command
  • Scenarios:
    • with a config file that hase more than one base profile with tokenValue in the secure array
  • Before:

    # zdev config secure --gc
    Enter profiles.base_real.properties.tokenValue - blank to skip: 
    Enter profiles.base_mock.properties.tokenValue - blank to skip:
    

  • After:

    # zdev config secure --gc
    Processing secure properties for profile: base_mock
    Logging in to your API Mediation Layer
    Enter the user name for your API Mediation Layer (will be hidden): 
    Enter the password for your API Mediation Layer (will be hidden): 
    Processing secure properties for profile: base_real
    Logging in to your API Mediation Layer
    Enter the user name for your API Mediation Layer (will be hidden): 
    Enter the password for your API Mediation Layer (will be hidden): 
    

  • added an entry to the console.log to inform which profile credentials are being prompted for
    • Notice the Processing secure properties for profile: <profile_name> above
• prevented auto-init from performing two login operations on a single command
  • Scenarios:
    • perform a zowe auth login apiml operation and then remove the token from the vaullt
  • Before:
    • 1st login when prompted for the tokenValue (which will ask for user:password to login)
    • 2nd login in the doAutoInit functionality since the user:password are still provided in the ISession
  • After:
    • Only one login operation

---

Reverted scenario:

• allowed logout operation to remove token type and/or token value when either is not specified in the config file
  • NOTE: this scenario conflicts with the ability to logout a token different from the one stored in the vault
  • Scenarios:
    • with a config that's missing either tokenType or tokenValue
  • Before:

    λ zowe auth logout apiml
    Enter the host name of your service: sys1.com
    Enter the port number for your service: 10010
    Command Error:
    This operation requires authentication.
    
    z/OSMF REST API Error:
    Rest API failure with HTTP(S) status 401
    messages:
      -
        messageType:    ERROR
        messageNumber:  ZWEAT100E
        messageContent: Token is expired for URL '/api/v1/gateway/auth/logout'
        messageKey:     org.zowe.apiml.security.query.tokenNotProvided
    
    Host:      sys1.com
    Port:      10010
    Base Path:
    Resource:  /api/v1/gateway/auth/logout
    Request:   POST
    Headers:   undefined
    Payload:   POST
    
    Error Details:
    Token is not valid or expired.
    
    For CLI usage, see `zowe auth login apiml --help`
    

  • After:

    # zdev auth logout apiml
    Logout successful. The authentication token has been revoked.
    

---

Review Checklist
I certify that I have:

• tested my changes
• added/updated automated tests
• updated the changelog
• followed the contribution guidelines

Additional Comments

• related issues:
  • Problem with expired API ML tokens #1341
  • zowe auth login apiml creates additional base profiles #1650
  • 401 when logout with expired token #1041

[gejohnston]

Looks good.

[awharn]

One small observation

[t1m0thyj]

LGTM, thanks @zFernand0!

[gejohnston]

LGTM.

[traeok]

LGTM, thanks @zFernand0 😃

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
1 Code Smell

98.6% Coverage
0.0% Duplication

[github-actions]

Release succeeded for the master branch. 🎉

The following packages have been published:

• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]
• npm: @zowe/[email protected]

_{Powered by Octorelease 🚀}