Breaking changes in 1.4.5 - Credentials does not create token

[dragos-cojocari-ibm]

Since 1.4.5 the Credentials constructor no longer creates a TokenManager, see fc883b5#diff-a22e85bf86882d390da68a1437c116c8 This results in refreshPromise not creating the token and returning undefined.

With this change all code that provides only APIKeys to the Credentials object stopped working. Is the change intentional/documented?

I believe this issue is the cause for a number of other currently open issues.

[paul-carron]

@dragos-cojocari-ibm can you please send me your config? Please remove any credentials before sending.

[dragos-cojocari-ibm]

@paul-carron we were using the Credentials object directly like this:

const Credentials = require('ibm-cos-sdk').Credentials;

const credential = new Credentials({
   apiKeyId: '123456'
});

refreshPromise().then((token) => {
  console.log(token.accessToken);
});

[kellerbr-ibm]

I don't believe instantiating credentials like that without running a web request should work.

If you want to bypass the object storage calls you could use a Config object instead.

const COS = require('ibm-cos-sdk');

const config = new COS.Config({
    apiKeyId: 'foo'
});

config.getCredentials((err) => {
    if (err) console.log(error);
    console.log(config.credentials);
    console.log(config.credentials.tokenManager.token.accessToken);
});

You could theoretically use the token manager directly but the API is subject to change and not guaranteed to be stable going forward.

const COS = require('ibm-cos-sdk');
const TokenManager = require('ibm-cos-sdk/lib/iam/token_manager');

const tokenManager = new TokenManager({
    apiKeyId: 'foo'
});

tokenManager.refreshToken()
.then(token => console.log(token));

Passing in the API key directly to a new COS.S3({...}) constructor will also work correctly, though the tokens will not be fetched until a request to object storage is started.

[paul-carron]

@dragos-cojocari-ibm did @kellerbr-ibm advice help?

[paul-carron]

@dragos-cojocari-ibm please #close this issue if it is now resolved.

[dragos-cojocari-ibm]

@paul-carron @kellerbr-ibm sorry for the delay.

I don't believe instantiating credentials like that without running a web request should work.

This did work prior to 1.4.5

You could theoretically use the token manager directly but the API is subject to change and not guaranteed to be stable going forward.

This is really the key of the issue. We have been using the COS Sdk for accessing COS ans then we extended its usage to get an IAM token for other services. So if the Token Manager is not to be used directly it would be good to have this clearly documented.

Based on the above the issue could be closed with the recommendation to document the TokenManager as internal.

Thanks.

[kellerbr-ibm]

Yeah, the COS token manager isn't intended to be used outside of the COS SDK itself.

It sounds like you want to take a look at node-sdk-core. It contains standalone authentication functionality for IBM Cloud.

[dragos-cojocari-ibm]

Thanks @kellerbr-ibm Looks like that package is better suited for our needs. I'm closing this issue.