zowe-cli: zowe login fails ungracefully without APIML host and port
Situation:
- A user fails to realize that (s)he must create a base profile before using tokens.
- The user has heard about tokens and the login command.
- The user jumps in and tries to the run the login command
Result
- A harsh stacktrace error occurs after an UnhandledPromise about hostname being undefined.
- Technically, this is correct, but it looks like the command is broken.
- The current output is shown below.
Desired behavior
- A message telling the user what (s)he has done wrong, or should do differently.
- Avoid looking like a crash.
-> zdev auth login apiml
Authentication required. Enter user name: joheu02
Authentication required. Enter password : ********
(node:1496) UnhandledPromiseRejectionWarning: Error: Expect Error: Required parameter 'hostname' must be defined
at C:\ourstuff\repos\imperative\lib\expect\src\ImperativeExpect.js:174:23
at Array.forEach (<anonymous>)
at Function.keysToBeDefined (C:\ourstuff\repos\imperative\lib\expect\src\ImperativeExpect.js:172:14)
at Function.keysToBeDefinedAndNonBlank (C:\ourstuff\repos\imperative\lib\expect\src\ImperativeExpect.js:200:26)
at Session.buildSession (C:\ourstuff\repos\imperative\lib\rest\src\session\AbstractSession.js:132:35)
at new AbstractSession (C:\ourstuff\repos\imperative\lib\rest\src\session\AbstractSession.js:33:26)
at new Session (C:\ourstuff\repos\imperative\lib\rest\src\session\Session.js:27:9)
at ApimlAuthHandler.<anonymous> (C:\ourstuff\repos\imperative\lib\imperative\src\auth\handlers\BaseAuthHandler.js:70:29)
at Generator.next (<anonymous>)
at fulfilled (C:\ourstuff\repos\imperative\lib\imperative\src\auth\handlers\BaseAuthHandler.js:15:58)
(node:1496) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:1496) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 17 (14 by maintainers)
I think that would be the best course of action. We can give them options for how to resolve the problem, and they can make that decision based on their environment.
My initial thought was that we would display an error saying that you must create a base profile before you can login. However, if I were to channel my inner John Laplante, I think that prompting the user for the profile name would be the preferred path. If we create the profile, would we also store the host and port that were supplied on the command line?
I mention how one should use the login command in the document that I am writing. So, I would like to determine what we will do, even if we do not implement it for a little while. Maybe we can reach a team decision in our standup?
I think that we should prompt for host and port in CredsForSessCfg, because that code sets up a REST session. You can’t really do much in a REST session if you don’t have an endpoint to connect to…
As for prompting for a name and creating a base profile on the login command, I am more concerned. I would assume that doing
--stto show the token would not create a new profile in that case. But what happens if someone is at a secure site and forgets to specify that flag? You have captured their user, password, host, and port. You have a token. And now you are creating a profile, and, unless the SCS is installed (which it might not be if the user is not supposed to store these things), it is now in plain text on disk, complete with everything you need to connect to that endpoint.