Add supportedAuthTypes to prompt options for ssh to allow user/pass f…

…allback Co-authored-by: Amber Torrise <[email protected]> Signed-off-by: Timothy Johnson <[email protected]>
zowe · Mar 8, 2024 · c3b6c50 · c3b6c50
1 parent 61e0f58
commit c3b6c50
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 5 deletions.
diff --git a/packages/imperative/src/rest/__tests__/session/ConnectionPropsForSessCfg.unit.test.ts b/packages/imperative/src/rest/__tests__/session/ConnectionPropsForSessCfg.unit.test.ts
@@ -186,6 +186,34 @@ describe("ConnectionPropsForSessCfg tests", () => {
         expect(sessCfgWithConnProps.tokenValue).toBeUndefined();
     });
 
+    it("ignore token and cert if unsupported auth types and authenticate with user and pass", async() => {
+        const initialSessCfg = {
+            hostname: "SomeHost",
+            port: 11,
+            rejectUnauthorized: true
+        };
+        const args = {
+            $0: "zowe",
+            _: [""],
+            cert: "fakeCert",
+            certKey: "fakeCertKey",
+            tokenType: SessConstants.TOKEN_TYPE_JWT,
+            tokenValue: "fakeToken"
+        };
+        const fakePromptFn = jest.fn().mockReturnValue({
+            "user": "FakeUser",
+            "password": "FakePassword"
+        });
+        const sessCfgWithConnProps = await ConnectionPropsForSessCfg.addPropsOrPrompt<ISession>(
+            initialSessCfg, args, {getValuesBack: fakePromptFn, supportedAuthTypes: ["basic"]}
+        );
+        expect(fakePromptFn).toHaveBeenCalledWith(["user", "password"]);
+        expect(sessCfgWithConnProps.hostname).toBe("SomeHost");
+        expect(sessCfgWithConnProps.user).toBe("FakeUser");
+        expect(sessCfgWithConnProps.password).toBe("FakePassword");
+        expect(sessCfgWithConnProps.type).toBe(SessConstants.AUTH_TYPE_BASIC);
+    });
+
     it("not set tokenValue if user and pass are defined", async() => {
         const initialSessCfg = {
             hostname: "SomeHost",

diff --git a/packages/imperative/src/rest/src/session/ConnectionPropsForSessCfg.ts b/packages/imperative/src/rest/src/session/ConnectionPropsForSessCfg.ts
@@ -144,8 +144,11 @@ export class ConnectionPropsForSessCfg {
             promptForValues.push("port");
         }
 
-        if (ConnectionPropsForSessCfg.propHasValue(sessCfgToUse.tokenValue) === false &&
-            ConnectionPropsForSessCfg.propHasValue(sessCfgToUse.cert) === false) {
+        const isTokenIrrelevant = ConnectionPropsForSessCfg.propHasValue(sessCfgToUse.tokenValue) === false ||
+            (connOpts.supportedAuthTypes && !connOpts.supportedAuthTypes.includes("token"));
+        const isCertIrrelevant = ConnectionPropsForSessCfg.propHasValue(sessCfgToUse.cert) === false ||
+            (connOpts.supportedAuthTypes && !connOpts.supportedAuthTypes.includes("cert-pem"));
+        if (isTokenIrrelevant && isCertIrrelevant) {
             if (ConnectionPropsForSessCfg.propHasValue(sessCfgToUse.user) === false && !doNotPromptForValues.includes("user")) {
                 promptForValues.push("user");
             }
@@ -269,7 +272,11 @@ export class ConnectionPropsForSessCfg {
             // }
         }
 
-        if (ConnectionPropsForSessCfg.propHasValue(sessCfg.tokenValue)) {
+        const isTokenUsed = ConnectionPropsForSessCfg.propHasValue(sessCfg.tokenValue) &&
+            (connOpts.supportedAuthTypes == null || connOpts.supportedAuthTypes.includes("token"));
+        const isCertUsed = ConnectionPropsForSessCfg.propHasValue(sessCfg.cert) &&
+            (connOpts.supportedAuthTypes == null || connOpts.supportedAuthTypes.includes("cert-pem"));
+        if (isTokenUsed) {
             // when tokenValue is set at this point, we are definitely using the token.
             impLogger.debug("Using token authentication");
 
@@ -285,7 +292,7 @@ export class ConnectionPropsForSessCfg {
                 // When no tokenType supplied, user wants bearer
                 sessCfg.type = SessConstants.AUTH_TYPE_BEARER;
             }
-        } else if (ConnectionPropsForSessCfg.propHasValue(sessCfg.cert)) {
+        } else if (isCertUsed) {
             // when cert property is set at this point, we will use the certificate
             if (ConnectionPropsForSessCfg.propHasValue(sessCfg.certKey)) {
                 impLogger.debug("Using PEM Certificate authentication");

diff --git a/packages/imperative/src/rest/src/session/doc/IOptionsForAddConnProps.ts b/packages/imperative/src/rest/src/session/doc/IOptionsForAddConnProps.ts
@@ -11,6 +11,7 @@
 
 import { SessConstants } from "../../..";
 import { IHandlerParameters } from "../../../../cmd";
+import { AUTH_TYPE_CHOICES } from "../SessConstants";
 import { IOverridePromptConnProps } from "./IOverridePromptConnProps";
 
 /**
@@ -82,4 +83,10 @@ export interface IOptionsForAddConnProps {
      * exists.
      */
     autoStore?: boolean;
+
+    /**
+     * Specifies list of authentication types that are supported for your
+     * service. Defaults to allow all authentication types.
+     */
+    supportedAuthTypes?: AUTH_TYPE_CHOICES[];
 }
diff --git a/packages/zosuss/src/SshBaseHandler.ts b/packages/zosuss/src/SshBaseHandler.ts
@@ -64,7 +64,11 @@ export abstract class SshBaseHandler implements ICommandHandler {
         }];
         const sshSessCfg: ISshSession = SshSession.createSshSessCfgFromArgs(commandParameters.arguments);
         const sshSessCfgWithCreds = await ConnectionPropsForSessCfg.addPropsOrPrompt<ISshSession>(
-            sshSessCfg, commandParameters.arguments, {parms: commandParameters, propertyOverrides: sshSessCfgOverride}
+            sshSessCfg, commandParameters.arguments, {
+                parms: commandParameters,
+                propertyOverrides: sshSessCfgOverride,
+                supportedAuthTypes: ["basic"]
+            }
         );
         this.mSession = new SshSession(sshSessCfgWithCreds);