Boundary auth without a keyring configured behaves like -keyring-type none (#4268)

2 years ago · 0dac9005c1
parent fa69ddcb8a
commit 0dac9005c1
2 changed files with 5 additions and 1 deletions
--- a/internal/clientcache/cmd/daemon/command_wrapper.go
+++ b/internal/clientcache/cmd/daemon/command_wrapper.go
@ -102,7 +102,7 @@ func (w *CommandWrapper) addTokenToCache(ctx context.Context, token string) bool
 		return false
 	}
 	keyringType, tokName, err := w.BaseCommand().DiscoverKeyringTokenInfo()
-	if err != nil {
+	if err != nil && token == "" {
 		return false
 	}
 	if token != "" {
--- a/internal/cmd/commands/authenticate/funcs.go
+++ b/internal/cmd/commands/authenticate/funcs.go
@ -98,6 +98,10 @@ func saveAndOrPrintToken(c *base.Command, result *authmethods.AuthenticateResult
 	switch {
 	case gotErr:
 		c.UI.Warn(fmt.Sprintf("The token was not successfully saved to a system keyring. The token is:\n\n%s\n\nIt must be manually passed in via the BOUNDARY_TOKEN env var or -token flag. Storing the token can also be disabled via -keyring-type=none.", token.Token))
+
+		if opts.WithInterceptedToken != nil {
+			*opts.WithInterceptedToken = token.Token
+		}
 	case c.FlagKeyringType == "none":
 		c.UI.Warn("\nStoring the token in a keyring was disabled. The token is:")
 		c.UI.Output(token.Token)