From 3f4faf4d9cea50edf74602bad4d2623b2d1f3322 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Thu, 1 Jan 2026 22:57:54 +0530 Subject: [PATCH 01/24] chnages added for the bug --- internal/wrappers/client.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index bf20407f2..50dd866b2 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -612,10 +612,10 @@ func configureClientCredentialsAndGetNewToken() (string, error) { return "", err } - if astAPIKey != "" { - accessToken, err = getNewToken(getAPIKeyPayload(astAPIKey), authURI) - } else { + if accessKeyID != "" { accessToken, err = getNewToken(getCredentialsPayload(accessKeyID, accessKeySecret), authURI) + } else { + accessToken, err = getNewToken(getAPIKeyPayload(astAPIKey), authURI) } if err != nil { @@ -874,6 +874,8 @@ func GetAuthURI() (string, error) { override := viper.GetBool(commonParams.ApikeyOverrideFlag) apiKey := viper.GetString(commonParams.AstAPIKey) + //accessKeyID := viper.GetString(commonParams.AccessKeyIDConfigKey) + if len(apiKey) > 0 { logger.PrintIfVerbose("Base Auth URI - Extract from API KEY") authURI, err = ExtractFromTokenClaims(apiKey, audienceClaimKey) From 1c3f1d93f3de98fe8269bed54afa34efe9f57064 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Thu, 1 Jan 2026 23:05:48 +0530 Subject: [PATCH 02/24] some new chnages for bug --- internal/wrappers/client.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index 50dd866b2..3b8981160 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -980,4 +980,5 @@ func extractAZPFromToken(astToken string) (string, error) { return "ast-app", nil // default value in case of error } return azp, nil + } From fc453adaa23bc8efc92a3f113caa7e8909878c4d Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Thu, 1 Jan 2026 23:08:45 +0530 Subject: [PATCH 03/24] chnages restored --- internal/wrappers/client.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index 3b8981160..50dd866b2 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -980,5 +980,4 @@ func extractAZPFromToken(astToken string) (string, error) { return "ast-app", nil // default value in case of error } return azp, nil - } From f7d0138106f4f5bc8b164af89863105677327bed Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Thu, 1 Jan 2026 23:10:35 +0530 Subject: [PATCH 04/24] comment removed --- internal/wrappers/client.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index 50dd866b2..1699966bc 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -874,7 +874,6 @@ func GetAuthURI() (string, error) { override := viper.GetBool(commonParams.ApikeyOverrideFlag) apiKey := viper.GetString(commonParams.AstAPIKey) - //accessKeyID := viper.GetString(commonParams.AccessKeyIDConfigKey) if len(apiKey) > 0 { logger.PrintIfVerbose("Base Auth URI - Extract from API KEY") From 111d604635f24eeeb1cf2a5a49d7af6160650bb4 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Thu, 1 Jan 2026 23:14:23 +0530 Subject: [PATCH 05/24] code matched to main --- internal/wrappers/client.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index 1699966bc..534a77ac9 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -874,7 +874,6 @@ func GetAuthURI() (string, error) { override := viper.GetBool(commonParams.ApikeyOverrideFlag) apiKey := viper.GetString(commonParams.AstAPIKey) - if len(apiKey) > 0 { logger.PrintIfVerbose("Base Auth URI - Extract from API KEY") authURI, err = ExtractFromTokenClaims(apiKey, audienceClaimKey) From cd90cd3f371e4d5b7bd36c6ed2d01090d26d7906 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Fri, 2 Jan 2026 21:44:21 +0530 Subject: [PATCH 06/24] new changes for the bug --- internal/wrappers/client.go | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index 534a77ac9..b7b15f71b 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -5,6 +5,7 @@ import ( "crypto/tls" "encoding/json" "fmt" + "github.com/spf13/cobra" "io" "io/ioutil" "net" @@ -595,10 +596,19 @@ func enrichWithPasswordCredentials( return nil } -func configureClientCredentialsAndGetNewToken() (string, error) { - accessKeyID := viper.GetString(commonParams.AccessKeyIDConfigKey) - accessKeySecret := viper.GetString(commonParams.AccessKeySecretConfigKey) - astAPIKey := viper.GetString(commonParams.AstAPIKey) +func configureClientCredentialsAndGetNewToken(cmd *cobra.Command) (string, error) { + // 🔹 Read CLI values first + accessKeyID, _ := cmd.Flags().GetString(commonParams.AccessKeyIDConfigKey) + accessKeySecret, _ := cmd.Flags().GetString(commonParams.AccessKeySecretConfigKey) + astAPIKey, _ := cmd.Flags().GetString(commonParams.AstAPIKey) + + // 🔹 If nothing passed via CLI, fall back to config + if accessKeyID == "" && accessKeySecret == "" && astAPIKey == "" { + accessKeyID = viper.GetString(commonParams.AccessKeyIDConfigKey) + accessKeySecret = viper.GetString(commonParams.AccessKeySecretConfigKey) + astAPIKey = viper.GetString(commonParams.AstAPIKey) + } + var accessToken string if accessKeyID == "" && astAPIKey == "" { @@ -613,9 +623,15 @@ func configureClientCredentialsAndGetNewToken() (string, error) { } if accessKeyID != "" { - accessToken, err = getNewToken(getCredentialsPayload(accessKeyID, accessKeySecret), authURI) + accessToken, err = getNewToken( + getCredentialsPayload(accessKeyID, accessKeySecret), + authURI, + ) } else { - accessToken, err = getNewToken(getAPIKeyPayload(astAPIKey), authURI) + accessToken, err = getNewToken( + getAPIKeyPayload(astAPIKey), + authURI, + ) } if err != nil { @@ -623,7 +639,6 @@ func configureClientCredentialsAndGetNewToken() (string, error) { } writeCredentialsToCache(accessToken) - return accessToken, nil } From f5daffa5ffe20312293516a713790f474cf2669b Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Fri, 2 Jan 2026 23:02:40 +0530 Subject: [PATCH 07/24] final code changes --- internal/commands/root.go | 7 +++++++ internal/wrappers/client.go | 23 +++++++---------------- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/internal/commands/root.go b/internal/commands/root.go index 453070073..03be18054 100644 --- a/internal/commands/root.go +++ b/internal/commands/root.go @@ -123,6 +123,13 @@ func NewAstCLI( if err != nil { return err } + if cmd.Flags().Changed(params.AccessKeyIDFlag) || cmd.Flags().Changed(params.AccessKeySecretFlag) { + viper.Set(params.AstAPIKey, "") + } + if cmd.Flags().Changed(params.AstAPIKeyFlag) { + viper.Set(params.AccessKeyIDConfigKey, "") + viper.Set(params.AccessKeySecretConfigKey, "") + } // Need to check the __complete command to allow correct behavior of the autocomplete if len(args) > 0 && cmd.Name() != params.Help && cmd.Name() != "__complete" { _ = cmd.Help() diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index b7b15f71b..cb2ccc750 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -5,7 +5,6 @@ import ( "crypto/tls" "encoding/json" "fmt" - "github.com/spf13/cobra" "io" "io/ioutil" "net" @@ -596,18 +595,10 @@ func enrichWithPasswordCredentials( return nil } -func configureClientCredentialsAndGetNewToken(cmd *cobra.Command) (string, error) { - // 🔹 Read CLI values first - accessKeyID, _ := cmd.Flags().GetString(commonParams.AccessKeyIDConfigKey) - accessKeySecret, _ := cmd.Flags().GetString(commonParams.AccessKeySecretConfigKey) - astAPIKey, _ := cmd.Flags().GetString(commonParams.AstAPIKey) - - // 🔹 If nothing passed via CLI, fall back to config - if accessKeyID == "" && accessKeySecret == "" && astAPIKey == "" { - accessKeyID = viper.GetString(commonParams.AccessKeyIDConfigKey) - accessKeySecret = viper.GetString(commonParams.AccessKeySecretConfigKey) - astAPIKey = viper.GetString(commonParams.AstAPIKey) - } +func configureClientCredentialsAndGetNewToken() (string, error) { + accessKeyID := viper.GetString(commonParams.AccessKeyIDConfigKey) + accessKeySecret := viper.GetString(commonParams.AccessKeySecretConfigKey) + astAPIKey := viper.GetString(commonParams.AstAPIKey) var accessToken string @@ -622,14 +613,14 @@ func configureClientCredentialsAndGetNewToken(cmd *cobra.Command) (string, error return "", err } - if accessKeyID != "" { + if astAPIKey != "" { accessToken, err = getNewToken( - getCredentialsPayload(accessKeyID, accessKeySecret), + getAPIKeyPayload(astAPIKey), authURI, ) } else { accessToken, err = getNewToken( - getAPIKeyPayload(astAPIKey), + getCredentialsPayload(accessKeyID, accessKeySecret), authURI, ) } From bd300695df5a7c90d2931cd76ce0d7b897daf2f1 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 5 Jan 2026 14:20:35 +0530 Subject: [PATCH 08/24] new changes --- internal/commands/root.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/commands/root.go b/internal/commands/root.go index 03be18054..4cc5a7e2c 100644 --- a/internal/commands/root.go +++ b/internal/commands/root.go @@ -1,6 +1,7 @@ package commands import ( + "errors" "fmt" "io" "log" From cd45691b37add98427e2e61d85fc086ba5dd2e05 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 5 Jan 2026 14:23:29 +0530 Subject: [PATCH 09/24] removed unused dependency --- internal/commands/root.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/commands/root.go b/internal/commands/root.go index 4cc5a7e2c..03be18054 100644 --- a/internal/commands/root.go +++ b/internal/commands/root.go @@ -1,7 +1,6 @@ package commands import ( - "errors" "fmt" "io" "log" From a2ec18fdf104fe062f079199f40e4d583ff1bd92 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 5 Jan 2026 14:28:08 +0530 Subject: [PATCH 10/24] file restored --- internal/wrappers/client.go | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index cb2ccc750..bf20407f2 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -599,7 +599,6 @@ func configureClientCredentialsAndGetNewToken() (string, error) { accessKeyID := viper.GetString(commonParams.AccessKeyIDConfigKey) accessKeySecret := viper.GetString(commonParams.AccessKeySecretConfigKey) astAPIKey := viper.GetString(commonParams.AstAPIKey) - var accessToken string if accessKeyID == "" && astAPIKey == "" { @@ -614,15 +613,9 @@ func configureClientCredentialsAndGetNewToken() (string, error) { } if astAPIKey != "" { - accessToken, err = getNewToken( - getAPIKeyPayload(astAPIKey), - authURI, - ) + accessToken, err = getNewToken(getAPIKeyPayload(astAPIKey), authURI) } else { - accessToken, err = getNewToken( - getCredentialsPayload(accessKeyID, accessKeySecret), - authURI, - ) + accessToken, err = getNewToken(getCredentialsPayload(accessKeyID, accessKeySecret), authURI) } if err != nil { @@ -630,6 +623,7 @@ func configureClientCredentialsAndGetNewToken() (string, error) { } writeCredentialsToCache(accessToken) + return accessToken, nil } From d8811b10ea27ed8afb62cc084c5b62e2c8fc3554 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 5 Jan 2026 15:30:58 +0530 Subject: [PATCH 11/24] commit --- internal/wrappers/client.go | 1 + 1 file changed, 1 insertion(+) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index bf20407f2..bcb5d594a 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -978,4 +978,5 @@ func extractAZPFromToken(astToken string) (string, error) { return "ast-app", nil // default value in case of error } return azp, nil + } From eeb676551bf62ae8b46e2ab99eadfb1c0de18f20 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 5 Jan 2026 15:32:03 +0530 Subject: [PATCH 12/24] file restored --- internal/wrappers/client.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index bcb5d594a..bf20407f2 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -978,5 +978,4 @@ func extractAZPFromToken(astToken string) (string, error) { return "ast-app", nil // default value in case of error } return azp, nil - } From 0dcef78bfc25c4e2a8ab2157a7fe2804b45f3b5b Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 12 Jan 2026 15:52:22 +0530 Subject: [PATCH 13/24] Test case correction --- internal/commands/auth_test.go | 10 +++++++++- internal/commands/root_test.go | 6 ++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/internal/commands/auth_test.go b/internal/commands/auth_test.go index 0f3d114eb..7579e2443 100644 --- a/internal/commands/auth_test.go +++ b/internal/commands/auth_test.go @@ -29,7 +29,15 @@ func TestAuthValidateMissingFlagsTogether(t *testing.T) { func TestAuthValidateInvalidAPIKey(t *testing.T) { err := executeTestCommand(createASTTestCommand(), "auth", "validate", "--apikey", "invalidApiKey") - assertError(t, err, fmt.Sprintf(wrappers.APIKeyDecodeErrorFormat, "")) + if err == nil { + t.Log("TestAuthValidateInvalidAPIKey:error is nil") + } else { + t.Logf("TestAuthValidateInvalidAPIKey:error is %q", err.Error()) + } + expectedMsg := fmt.Sprintf(wrappers.APIKeyDecodeErrorFormat, "") + t.Logf("TestAuthValidateInvalidAPIKey: expected message fragment = %q", expectedMsg) + + assertError(t, err, expectedMsg) } func TestRunCreateOath2ClientCommand(t *testing.T) { diff --git a/internal/commands/root_test.go b/internal/commands/root_test.go index 654594c5b..735765be1 100644 --- a/internal/commands/root_test.go +++ b/internal/commands/root_test.go @@ -207,6 +207,12 @@ func execCmdNotNilAssertion(t *testing.T, args ...string) error { } func assertError(t *testing.T, err error, expectedMessage string) { + if err == nil { + t.Log("assetError:err is nil") + } else { + t.Logf("assetError:actual error =%q", err.Error()) + } + t.Logf("asseetError:expected error =%q", expectedMessage) assert.Assert(t, err != nil) assert.Assert(t, strings.Contains(strings.ToLower(err.Error()), strings.ToLower(expectedMessage))) } From e01449f781c8f8b2d110e5f585d7d3413faf7f77 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 12 Jan 2026 23:05:32 +0530 Subject: [PATCH 14/24] testing --- internal/commands/root.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/commands/root.go b/internal/commands/root.go index 03be18054..c816d309d 100644 --- a/internal/commands/root.go +++ b/internal/commands/root.go @@ -128,7 +128,6 @@ func NewAstCLI( } if cmd.Flags().Changed(params.AstAPIKeyFlag) { viper.Set(params.AccessKeyIDConfigKey, "") - viper.Set(params.AccessKeySecretConfigKey, "") } // Need to check the __complete command to allow correct behavior of the autocomplete if len(args) > 0 && cmd.Name() != params.Help && cmd.Name() != "__complete" { From a41f969282d2bdbc796489ac45d990716a25947e Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Mon, 12 Jan 2026 23:47:45 +0530 Subject: [PATCH 15/24] new changes --- internal/commands/root.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/internal/commands/root.go b/internal/commands/root.go index c816d309d..fd2f03517 100644 --- a/internal/commands/root.go +++ b/internal/commands/root.go @@ -126,9 +126,10 @@ func NewAstCLI( if cmd.Flags().Changed(params.AccessKeyIDFlag) || cmd.Flags().Changed(params.AccessKeySecretFlag) { viper.Set(params.AstAPIKey, "") } - if cmd.Flags().Changed(params.AstAPIKeyFlag) { + /*if cmd.Flags().Changed(params.AstAPIKeyFlag) { viper.Set(params.AccessKeyIDConfigKey, "") - } + viper.Set(params.AccessKeySecretConfigKey, "") + }*/ // Need to check the __complete command to allow correct behavior of the autocomplete if len(args) > 0 && cmd.Name() != params.Help && cmd.Name() != "__complete" { _ = cmd.Help() From 1bbd257236f130de935cf03f4067282907c1f283 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Tue, 13 Jan 2026 16:06:04 +0530 Subject: [PATCH 16/24] unit test case fixed --- internal/commands/auth_test.go | 12 ++---------- internal/commands/root_test.go | 1 + 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/internal/commands/auth_test.go b/internal/commands/auth_test.go index 7579e2443..5a0e454bd 100644 --- a/internal/commands/auth_test.go +++ b/internal/commands/auth_test.go @@ -24,20 +24,12 @@ func TestAuthValidate(t *testing.T) { } func TestAuthValidateMissingFlagsTogether(t *testing.T) { - _ = execCmdNotNilAssertion(t, "auth", "validate", "--client-id", "fake-client-id", "--client-secret", "fake-client-secret") + _ = execCmdNotNilAssertion(t, "auth", "validate", "--client-id", "fake-client-id", "--client-secret", "fake-client-secret", "--debug") } func TestAuthValidateInvalidAPIKey(t *testing.T) { err := executeTestCommand(createASTTestCommand(), "auth", "validate", "--apikey", "invalidApiKey") - if err == nil { - t.Log("TestAuthValidateInvalidAPIKey:error is nil") - } else { - t.Logf("TestAuthValidateInvalidAPIKey:error is %q", err.Error()) - } - expectedMsg := fmt.Sprintf(wrappers.APIKeyDecodeErrorFormat, "") - t.Logf("TestAuthValidateInvalidAPIKey: expected message fragment = %q", expectedMsg) - - assertError(t, err, expectedMsg) + assertError(t, err, fmt.Sprintf(wrappers.APIKeyDecodeErrorFormat, "")) } func TestRunCreateOath2ClientCommand(t *testing.T) { diff --git a/internal/commands/root_test.go b/internal/commands/root_test.go index 735765be1..6145d02e6 100644 --- a/internal/commands/root_test.go +++ b/internal/commands/root_test.go @@ -160,6 +160,7 @@ func TestCreateCommand_WithInvalidFlag_ShouldReturnExitCode1(t *testing.T) { func executeTestCommand(cmd *cobra.Command, args ...string) error { fmt.Println("Executing command with args ", args) + defer viper.Reset() cmd.SetArgs(args) cmd.SilenceUsage = true return cmd.Execute() From 5bd2d9b040be233f4df9349f5eccc988e9d01910 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Tue, 13 Jan 2026 18:19:28 +0530 Subject: [PATCH 17/24] root_test restored --- internal/commands/root_test.go | 6 ------ 1 file changed, 6 deletions(-) diff --git a/internal/commands/root_test.go b/internal/commands/root_test.go index 6145d02e6..149cc4ba8 100644 --- a/internal/commands/root_test.go +++ b/internal/commands/root_test.go @@ -208,12 +208,6 @@ func execCmdNotNilAssertion(t *testing.T, args ...string) error { } func assertError(t *testing.T, err error, expectedMessage string) { - if err == nil { - t.Log("assetError:err is nil") - } else { - t.Logf("assetError:actual error =%q", err.Error()) - } - t.Logf("asseetError:expected error =%q", expectedMessage) assert.Assert(t, err != nil) assert.Assert(t, strings.Contains(strings.ToLower(err.Error()), strings.ToLower(expectedMessage))) } From 0d36ff060b613ed2fc451e619032cbefb03f876c Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Tue, 13 Jan 2026 18:21:31 +0530 Subject: [PATCH 18/24] test case restored --- internal/commands/auth_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/commands/auth_test.go b/internal/commands/auth_test.go index 5a0e454bd..0f3d114eb 100644 --- a/internal/commands/auth_test.go +++ b/internal/commands/auth_test.go @@ -24,7 +24,7 @@ func TestAuthValidate(t *testing.T) { } func TestAuthValidateMissingFlagsTogether(t *testing.T) { - _ = execCmdNotNilAssertion(t, "auth", "validate", "--client-id", "fake-client-id", "--client-secret", "fake-client-secret", "--debug") + _ = execCmdNotNilAssertion(t, "auth", "validate", "--client-id", "fake-client-id", "--client-secret", "fake-client-secret") } func TestAuthValidateInvalidAPIKey(t *testing.T) { From 9d4ffcfa5982bb5742b3c1fcabd30aa647c197ad Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Wed, 14 Jan 2026 15:45:42 +0530 Subject: [PATCH 19/24] added viper reset for integration --- test/integration/util_command.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/integration/util_command.go b/test/integration/util_command.go index 92f2aa904..56604eadb 100644 --- a/test/integration/util_command.go +++ b/test/integration/util_command.go @@ -173,6 +173,7 @@ func createASTIntegrationTestCommand(t *testing.T) *cobra.Command { // Create a test command by calling createASTIntegrationTestCommand // Redirect stdout of the command to a buffer and return the buffer with the command func createRedirectedTestCommand(t *testing.T) (*cobra.Command, *bytes.Buffer) { + defer viper.Reset() outputBuffer := bytes.NewBufferString("") cmd := createASTIntegrationTestCommand(t) cmd.SetOut(outputBuffer) @@ -226,7 +227,7 @@ func executeCmdWithTimeOutNilAssertion( func executeWithTimeout(cmd *cobra.Command, timeout time.Duration, args ...string) error { args = append(args, flag(params.RetryFlag), "3", flag(params.RetryDelayFlag), "5") - args = appendProxyArgs(args) + //args = appendProxyArgs(args) cmd.SetArgs(args) ctx, cancel := context.WithTimeout(context.Background(), timeout) From cdb0f9fcefad2807a2c73d49c38485e92f5e75db Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Wed, 14 Jan 2026 16:03:19 +0530 Subject: [PATCH 20/24] comment removed --- test/integration/util_command.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/util_command.go b/test/integration/util_command.go index 56604eadb..bad7ea770 100644 --- a/test/integration/util_command.go +++ b/test/integration/util_command.go @@ -227,7 +227,7 @@ func executeCmdWithTimeOutNilAssertion( func executeWithTimeout(cmd *cobra.Command, timeout time.Duration, args ...string) error { args = append(args, flag(params.RetryFlag), "3", flag(params.RetryDelayFlag), "5") - //args = appendProxyArgs(args) + args = appendProxyArgs(args) cmd.SetArgs(args) ctx, cancel := context.WithTimeout(context.Background(), timeout) From 78154bb49425e05bfc599f3f9d3a09fb6d76e03a Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Wed, 14 Jan 2026 18:27:15 +0530 Subject: [PATCH 21/24] removed buffer --- test/integration/util_command.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/test/integration/util_command.go b/test/integration/util_command.go index bad7ea770..3abe41d2f 100644 --- a/test/integration/util_command.go +++ b/test/integration/util_command.go @@ -173,7 +173,6 @@ func createASTIntegrationTestCommand(t *testing.T) *cobra.Command { // Create a test command by calling createASTIntegrationTestCommand // Redirect stdout of the command to a buffer and return the buffer with the command func createRedirectedTestCommand(t *testing.T) (*cobra.Command, *bytes.Buffer) { - defer viper.Reset() outputBuffer := bytes.NewBufferString("") cmd := createASTIntegrationTestCommand(t) cmd.SetOut(outputBuffer) @@ -197,7 +196,6 @@ func executeCommand(t *testing.T, args ...string) (error, *bytes.Buffer) { cmd, buffer := createRedirectedTestCommand(t) err := executeWithTimeout(cmd, 5*time.Minute, args...) - return err, buffer } From 307fddc882603de2c34fb4bd60e5f78a9cc94fe0 Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Thu, 15 Jan 2026 23:20:34 +0530 Subject: [PATCH 22/24] util command restored --- test/integration/util_command.go | 1 + 1 file changed, 1 insertion(+) diff --git a/test/integration/util_command.go b/test/integration/util_command.go index 3abe41d2f..92f2aa904 100644 --- a/test/integration/util_command.go +++ b/test/integration/util_command.go @@ -196,6 +196,7 @@ func executeCommand(t *testing.T, args ...string) (error, *bytes.Buffer) { cmd, buffer := createRedirectedTestCommand(t) err := executeWithTimeout(cmd, 5*time.Minute, args...) + return err, buffer } From a4f8c8b135a46c1c58eedc8ca51993d5d3653c3e Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Fri, 16 Jan 2026 02:30:13 +0530 Subject: [PATCH 23/24] new changes --- internal/commands/root.go | 7 ------ internal/wrappers/client.go | 49 +++++++++++++++++++++++++------------ 2 files changed, 34 insertions(+), 22 deletions(-) diff --git a/internal/commands/root.go b/internal/commands/root.go index 03be18054..453070073 100644 --- a/internal/commands/root.go +++ b/internal/commands/root.go @@ -123,13 +123,6 @@ func NewAstCLI( if err != nil { return err } - if cmd.Flags().Changed(params.AccessKeyIDFlag) || cmd.Flags().Changed(params.AccessKeySecretFlag) { - viper.Set(params.AstAPIKey, "") - } - if cmd.Flags().Changed(params.AstAPIKeyFlag) { - viper.Set(params.AccessKeyIDConfigKey, "") - viper.Set(params.AccessKeySecretConfigKey, "") - } // Need to check the __complete command to allow correct behavior of the autocomplete if len(args) > 0 && cmd.Name() != params.Help && cmd.Name() != "__complete" { _ = cmd.Help() diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index bf20407f2..d640eeba4 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -599,31 +599,50 @@ func configureClientCredentialsAndGetNewToken() (string, error) { accessKeyID := viper.GetString(commonParams.AccessKeyIDConfigKey) accessKeySecret := viper.GetString(commonParams.AccessKeySecretConfigKey) astAPIKey := viper.GetString(commonParams.AstAPIKey) + var accessToken string - if accessKeyID == "" && astAPIKey == "" { - return "", errors.Errorf(FailedToAuth, "access key ID") - } else if accessKeySecret == "" && astAPIKey == "" { - return "", errors.Errorf(FailedToAuth, "access key secret") + if accessKeyID == "" && accessKeySecret == "" && astAPIKey == "" { + return "", errors.Errorf(FailedToAuth, "provide credentials") } - authURI, err := GetAuthURI() - if err != nil { - return "", err - } + // Prefer client credentials over API key + if accessKeyID != "" && accessKeySecret != "" { + if accessKeyID == "" { + return "", errors.Errorf(FailedToAuth, "access key ID") + } + if accessKeySecret == "" { + return "", errors.Errorf(FailedToAuth, "access key secret") + } + + authURI, err := GetAuthURI() + if err != nil { + return "", err + } - if astAPIKey != "" { - accessToken, err = getNewToken(getAPIKeyPayload(astAPIKey), authURI) - } else { accessToken, err = getNewToken(getCredentialsPayload(accessKeyID, accessKeySecret), authURI) - } + if err != nil { + return "", errors.Errorf("%s", err) + } + } else if astAPIKey != "" { + authURI, err := GetAuthURI() + if err != nil { + return "", err + } - if err != nil { - return "", errors.Errorf("%s", err) + accessToken, err = getNewToken(getAPIKeyPayload(astAPIKey), authURI) + if err != nil { + return "", errors.Errorf("%s", err) + } + } else if accessKeyID != "" || accessKeySecret != "" { + // One is provided but not both + if accessKeyID == "" { + return "", errors.Errorf(FailedToAuth, "access key ID") + } + return "", errors.Errorf(FailedToAuth, "access key secret") } writeCredentialsToCache(accessToken) - return accessToken, nil } From 4c988f63f38422a61a210bc99e5f5002666cb4ad Mon Sep 17 00:00:00 2001 From: Harshjeet Patil Date: Fri, 16 Jan 2026 15:44:05 +0530 Subject: [PATCH 24/24] added cleanup function --- test/integration/configuration_test.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/test/integration/configuration_test.go b/test/integration/configuration_test.go index d38c91faa..e1e3398da 100644 --- a/test/integration/configuration_test.go +++ b/test/integration/configuration_test.go @@ -73,6 +73,9 @@ func TestSetConfigProperty_EnvVarConfigFilePath(t *testing.T) { err, _ = executeCommand(t, "configure", "set", "--prop-name", "cx_client_id", "--prop-value", "example_client_id") assert.NilError(t, err) + defer func() { + executeCommand(t, "configure", "set", "--prop-name", "cx_client_id", "--prop-value", "") + }() } func TestLoadConfiguration_ConfigFilePathFlag(t *testing.T) { @@ -100,6 +103,9 @@ func TestSetConfigProperty_ConfigFilePathFlag(t *testing.T) { err, _ = executeCommand(t, "configure", "set", "--prop-name", "cx_client_id", "--prop-value", "example_client_id", "--config-file-path", filePath) assert.NilError(t, err) + defer func() { + executeCommand(t, "configure", "set", "--prop-name", "cx_client_id", "--prop-value", "") + }() } func TestLoadConfiguration_ConfigFilePathFlagFileWithoutPermission(t *testing.T) {