uaa-cli icon indicating copy to clipboard operation
uaa-cli copied to clipboard
verified publisher icon cloudfoundry

Parsing error during login to corporate PCF environment

Open jeblackburn opened this issue 5 years ago • 1 comments

Hello,

I'm having trouble logging in to an on-prem PCF environment using SSO. I've tested using an identical version of the CLI as a colleague who is not having the trouble, but using the slightly older version (6.48) didn't change any behavior.

The core issue is that I'm receiving an error, json: cannot unmarshal string into Go struct field InfoLinks.links.uaa of type ccv3.APILink in response to my login --sso request.

cf-cli: version 6.51.0+2acd15650.2020-04-07

Potentially Useful Details:

  • I can log in to my public PWS account/org/space using a password.

  • There is a corporate proxy in place - not sure if anything besides setting HTTP_PROXY and HTTPS_PROXY are required to make the magic happen?

  • Login with --sso reports an SSL Certificate problem, which is spurious. This error is NOT reported on any of my colleagues' machines. > cf login -a <https-url> --sso > Invalid SSL Cert for <https-url> TIP: Use 'cf login --skip-ssl-validation' to continue with an insecure API endpoint

  • Login with the skip-ssl-validation returns the following: > cf login -a https://login.system.pcfpre-ewd.cloud.boeing.com --sso --skip-ssl-validation > json: cannot unmarshal string into Go struct field InfoLinks.links.uaa of type ccv3.APILink

  • setting CF_TRACE=true, I get the following output prior to the above error message (with the full URLs redacted): `RESPONSE: [2020-07-22T08:45:49-05:00] HTTP/1.1 200 OK Cache-Control: no-store Content-Language: en-US Content-Length: 764 Content-Type: application/json;charset=UTF-8 Date: Wed, 22 Jul 2020 13:45:48 GMT Set-Cookie: X-Uaa-Csrf=68OdX8qO4cg6BY9zoabl1K; Max-Age=86400; Expires=Thu, 23-Jul-2020 13:45:49 GMT; Path=/; Secure; HttpOnly Strict-Transport-Security: max-age=31536000 ; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Vcap-Request-Id: 6a443ed4-7666-4472-5c4a-2a9aac3d5321 X-Xss-Protection: 1; mode=block {

    "app": { "version": "73.4.24" }, "commit_id": "a91c1a7", "entityID": "", "idpDefinitions": { "https://saml...": "https://login...?returnIDParam=idp&entityID=http://login...&idp=https://saml...&isPassive=true" }, "links": { "login": "https://login...", "uaa": "https://uaa..." }, "prompts": { "passcode": [ "password", "Temporary Authentication Code ( Get one at https://login.../passcode )" ], "password": "[PRIVATE DATA HIDDEN]", "username": [ "text", "Email" ] }, "showLoginLinks": true, "timestamp": "2020-05-19T19:05:36+0000", "zone_name": "uaa" }`

jeblackburn avatar Jul 22 '20 14:07 jeblackburn

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/173942318

The labels on this github issue will be updated when the story is started.

cf-gitbot avatar Jul 22 '20 14:07 cf-gitbot