Force re-auth if cached credentials are invalid #34
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
Attempting to run
hcp connect
will fail if a prior successful connection has been made but the associated credentials have expired or been invalidated. The underlying issue is rooted in howhcp-sdk-go
caches credentials. An attempt to list HCP organizations using invalid credentials will fail with a 401 response. The following error is provided to the user:This issue can currently be resolved by running
hcp disconnect
which will perform a logout withinhcp-sdk-go
. This PR introduces a change to validate the obtained credentials using the IAM serviceGetCallerIdentity
API endpoint. A logout (similar tohcp disconnect
) is performed which will clear the credentials cache on disk in~/.config/hcp/creds-cache.json
. A re-authentication is initiated once the logout succeeds.IAM Service mocks were added for testing which accounts for a large portion of the diff.
This PR also introduces a couple unrelated changes:
HCPConnectCommand
are no longer passed as method arguments and are instead accessed from the receiver-cluster-id
does not existRelated Issues/Pull Requests
This will be incorporated with a Vault PR once approved and merged