Vscode-extension-for-zowe: Stand-alone SCS Issue

Created on 27 Mar 2020  路  2Comments  路  Source: zowe/vscode-extension-for-zowe

I don't know how to name this issue but this is what I am experiencing. Please note that this is applicable for changes in the master branch only.

  1. I created a profile using Zowe CLI. I entered incorrect values in username: _user_ and password: _pass_. It says "managed by @zowe/secure-credential-store-for-zowe-cli."
  2. I tried to search for a dataset and the error 401 appeared with Check Credentials button.
  3. I clicked Check Credentials. I saw that the value for username is _user_ and password is _pass_. I updated the username and password to the correct values.
  4. Everything is working fine and correctly after this one.
  5. I closed my VSCode workspace
  6. I used the newly created profile and I experienced a 401.
  7. I clicked Check Credentials button and the value for the username and password is "managed by Zowe Explorer"

I added "Zowe-Plugin" in the security section of Zowe Settings.

Profiles Security bug
Source
picture jellypuno

Most helpful comment

Researched why this is happening, seems there is a bug in Imperative that when the profile property is set on the interface IUpdateProfile, then secure fields are stored twice. The first time they are stored with the correct values, but the second time they get overwritten with the string managed by <CredentialManager>.

The zowe profiles update command uses the interface IUpdateProfileFromCliArgs which sets the args property instead of the profile property. This stores the secure fields only once as expected.

Going to create an issue in Imperative to track this. Until it gets fixed, a workaround for Zowe Explorer is to change the following lines:
https://github.com/zowe/vscode-extension-for-zowe/blob/e3e9c10a6c33432014050b9048fd6f9652f65515/src/Profiles.ts#L321-L325

        const updateParms = {
            name: this.loadedProfile.name,
            merge: true,
            args: { user: NewProfileInfo.user, password: NewProfileInfo.password }
        };
picture ghost on 27 Mar 2020
🚀11 👍1

All 2 comments

Researched why this is happening, seems there is a bug in Imperative that when the profile property is set on the interface IUpdateProfile, then secure fields are stored twice. The first time they are stored with the correct values, but the second time they get overwritten with the string managed by <CredentialManager>.

The zowe profiles update command uses the interface IUpdateProfileFromCliArgs which sets the args property instead of the profile property. This stores the secure fields only once as expected.

Going to create an issue in Imperative to track this. Until it gets fixed, a workaround for Zowe Explorer is to change the following lines:
https://github.com/zowe/vscode-extension-for-zowe/blob/e3e9c10a6c33432014050b9048fd6f9652f65515/src/Profiles.ts#L321-L325

        const updateParms = {
            name: this.loadedProfile.name,
            merge: true,
            args: { user: NewProfileInfo.user, password: NewProfileInfo.password }
        };
ghost picture ghost on 27 Mar 2020
🚀11 👍1

This issue was fixed in v1.6.0

jellypuno picture jellypuno on 5 Jun 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

AHumanFromCA picture AHumanFromCA  路  3Comments
gplambert picture gplambert  路  3Comments
jelaplan picture jelaplan  路  3Comments
katelynienaber picture katelynienaber  路  3Comments
crawr picture crawr  路  5Comments