From 0dac9005c142c5f12e2fd63237aa1246edbe4fc6 Mon Sep 17 00:00:00 2001 From: Todd Date: Mon, 22 Jan 2024 16:40:23 -0800 Subject: [PATCH] Boundary auth without a keyring configured behaves like -keyring-type none (#4268) --- internal/clientcache/cmd/daemon/command_wrapper.go | 2 +- internal/cmd/commands/authenticate/funcs.go | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/internal/clientcache/cmd/daemon/command_wrapper.go b/internal/clientcache/cmd/daemon/command_wrapper.go index 7b83c29f7b..cd7b76b9ad 100644 --- a/internal/clientcache/cmd/daemon/command_wrapper.go +++ b/internal/clientcache/cmd/daemon/command_wrapper.go @@ -102,7 +102,7 @@ func (w *CommandWrapper) addTokenToCache(ctx context.Context, token string) bool return false } keyringType, tokName, err := w.BaseCommand().DiscoverKeyringTokenInfo() - if err != nil { + if err != nil && token == "" { return false } if token != "" { diff --git a/internal/cmd/commands/authenticate/funcs.go b/internal/cmd/commands/authenticate/funcs.go index 6bfa7b58b2..3881e42b0a 100644 --- a/internal/cmd/commands/authenticate/funcs.go +++ b/internal/cmd/commands/authenticate/funcs.go @@ -98,6 +98,10 @@ func saveAndOrPrintToken(c *base.Command, result *authmethods.AuthenticateResult switch { case gotErr: c.UI.Warn(fmt.Sprintf("The token was not successfully saved to a system keyring. The token is:\n\n%s\n\nIt must be manually passed in via the BOUNDARY_TOKEN env var or -token flag. Storing the token can also be disabled via -keyring-type=none.", token.Token)) + + if opts.WithInterceptedToken != nil { + *opts.WithInterceptedToken = token.Token + } case c.FlagKeyringType == "none": c.UI.Warn("\nStoring the token in a keyring was disabled. The token is:") c.UI.Output(token.Token)