ASK/Account Switch Key not working

[amoening]

I cant seem to get the ASK/Account Switch options to take effect.

USAGE:
akamai netlist [global options] command [command options] [arguments...]

$ akamai netlist --account-switch-key "XXXXX" get all

$ akamai netlist --ask "XXXXX" get all

Responds only with what my default credential account and not my intended target switch account. I asked (pun intended) around and it seems this flag is not working as others get similar results of the netlist CLI (does not respect the ask flag).

The netlist CLI is a super easy way to manage quick updates to the lists and looking forward to getting this one fixed.

[RafPe]

Hi @amoening

Could you maybe provide some more info ?

• Which version of CLI are you using ?
• Can you paste obfuscated credentials setup ( especially profile names you have )
• Can you check results when running with --debug debug

Looking to hear from you!

[amoening]

I have the latest installed from homebrew

$ akamai -version 
akamai version 1.2.1

My obfuscated credentials:

[papi]
host = akab-{host}.luna.akamaiapis.net
client_token = akab-{client-token}
client_secret = {secret}
access_token = akab-{access-token}

[default]
host = akab-{host}.luna.akamaiapis.net
client_token = akab-{client-token}
client_secret = {secret}
access_token = akab-{access-token}

[testing]
host = akab-{host}.luna.akamaiapis.net
client_token = akab-{client-token}
client_secret = {secret}
access_token = akab-{access-token}


[newnew]
host = akab-{host}.luna.akamaiapis.net
client_token = akab-{client-token}
client_secret = {secret}
access_token = akab-{access-token}

I tried even specifying my conf and section and still no joy (obfuscating a bit but you get the jist)

$ akamai netlist --account-switch-key "XXXXX"  --debug debug --config ~/.edgerc --section default get all
2021/08/18 09:20:12.522301 DEBUG RESTY 
==============================================================================
GET  /network-list/v2/network-lists?extended=false&includeElements=false&search=  HTTP/1.1
HOST   : akab-{client-token-from-default-section}
HEADERS:
                   Accept: application/json
            Authorization: EG1-HMAC-SHA256 client_token=akab-{client-token-from-default-section};access_token=akab-{access-token-from-default-section};timestamp=20210818T16:20:05+0000;nonce=70a19b8c-bad5-4139-b8d5-97e72b694e1f;signature=sPsPFC/GwEY69L+FE/Poran/w/W2/CgaZo7EnVtd2RU=
             Content-Type: application/json
               User-Agent: apiheat/go-edgegrid/v6.1.0
BODY   :
***** NO CONTENT *****
------------------------------------------------------------------------------
STATUS 		: 200 OK
RECEIVED AT	: 2021-08-18T09:20:12.509506-07:00
RESPONSE TIME	: 7.419775233s
HEADERS:
               Connection: keep-alive
             Content-Type: application/json
                     Date: Wed, 18 Aug 2021 16:20:13 GMT
                   Server: nginx
                     Vary: accept-encoding
         X-Ids-Session-Id: 1b9660a8-a3e9-4c5b-bea4-e9d6d2e7718d
               X-Trace-Id: 8d5a611d33382386

Still gives my my default client namespace / not respecting the ASK..

I noticed an update in the common-cli-golang https://github.com/akamai/cli-common-golang/blob/master/common.go maybe this impacted your package? Im very new to GO so maybe nothing ... yea thanks for the look see!

[RafPe]

@amoening I looked at the repo - but the one you reffered is not one we use :) we use this one https://github.com/apiheat/akamai-cli-common/

From the get request you posted I can see it does not really add the query string required
GET /network-list/v2/network-lists?extended=false&includeElements=false&search= HTTP/1.1

Correct one should look like ...
GET /network-list/v2/network-lists?accountSwitchKey=ssss&extended=false&includeElements=false&search= HTTP/1.1

I wonder if there is some logic that goes wrong. Could you do the following:

• Skip section and config file location ( as they are default https://github.com/apiheat/akamai-cli-common/blob/v4.0.3/app.go#L42 )
• Paste all the log output from request so we can see also what does the log say

[amoening]

IDK if this is a credentials issue as I do have access to my base namespace, and I am getting responses from the endpoint, however still no ASK query string :(

I stripped down my edgerc to simplify - So all I have in credentials is a section called "networklistcreds"

$ cat ~/.edgerc 
[networklistcreds]
host = akab-{host}.luna.akamaiapis.net
client_token = akab-{client-token}
client_secret = {secret}
access_token = akab-{access-token}

Expected failure as no credential is in default, my base setup is looking for default

$ akamai netlist --account-switch-key "XXXXX"  --debug debug get all
Cannot load credentials

Still no account-switch-key query param with request when specifying the switch and the credentials section:

$ akamai netlist --account-switch-key "XXXXX"  --debug debug --config ~/.edgerc --section networklistcreds get all
2021/08/18 14:11:45.856385 DEBUG RESTY 
==============================================================================
GET  /network-list/v2/network-lists?extended=false&includeElements=false&search=  HTTP/1.1
HOST   : akab-{host}.luna.akamaiapis.net
HEADERS:
                   Accept: application/json
            Authorization: EG1-HMAC-SHA256 client_token=akab-{client-token};access_token=akab-{access-token};timestamp=20210818T21:11:41+0000;nonce=2ef5a241-0f90-4e67-99f9-591c32a9aacc;signature=LzTdoNOCZHIt1DMIL2sZFPmPoAQXOQd5VMdQhmhLb5s=
             Content-Type: application/json
               User-Agent: apiheat/go-edgegrid/v6.1.0
BODY   :
***** NO CONTENT *****
------------------------------------------------------------------------------
STATUS 		: 200 OK
RECEIVED AT	: 2021-08-18T14:11:45.847305-07:00
RESPONSE TIME	: 4.220470625s
HEADERS:
               Connection: keep-alive
             Content-Type: application/json
                     Date: Wed, 18 Aug 2021 21:11:47 GMT
                   Server: nginx
                     Vary: accept-encoding
         X-Ids-Session-Id: 90575429-4b20-4b4d-b724-b17d2e02ced9
               X-Trace-Id: ee2c611d7790b97d
BODY   :

Same when I switch it around and only name credentials section with "default" and dont specific the credentials::

$ cat ~/.edgerc 
[default]
host = akab-{host}.luna.akamaiapis.net
client_token = akab-{client-token}
client_secret = {secret}
access_token = akab-{access-token}

$ akamai netlist --account-switch-key XXXXX  --debug debug get all
2021/08/18 14:19:48.314269 DEBUG RESTY 
==============================================================================
GET  /network-list/v2/network-lists?extended=false&includeElements=false&search=  HTTP/1.1
HOST   : akab-{host}.luna.akamaiapis.net
HEADERS:
                   Accept: application/json
            Authorization: EG1-HMAC-SHA256 client_token=akab-{client-token};access_token=akab-{access-token};timestamp=20210818T21:19:44+0000;nonce=44040964-fbb0-4ea2-ba31-e5861f670043;signature=7MF7D6ItG+Daqnw19hd+jEWeY91s+fwgLWs5K8tBjDc=
             Content-Type: application/json
               User-Agent: apiheat/go-edgegrid/v6.1.0
BODY   :
***** NO CONTENT *****
------------------------------------------------------------------------------
STATUS 		: 200 OK
RECEIVED AT	: 2021-08-18T14:19:48.303243-07:00
RESPONSE TIME	: 4.219393091s
HEADERS:
               Connection: keep-alive
             Content-Type: application/json
                     Date: Wed, 18 Aug 2021 21:19:49 GMT
                   Server: nginx
                     Vary: accept-encoding
         X-Ids-Session-Id: 63a72bae-e38e-465e-b282-919f3351744f
               X-Trace-Id: a183611d7971beb5
BODY   :

Thanks again for taking a look!

[RafPe]

Hi @amoening - I think culprit of this issue is in one of the packages we depend on building the correct flags.

Please take a look on https://github.com/apiheat/akamai-cli-netlist/releases/tag/v6.1.0

If you could download that version and use it as just standalone - and let me know if you can see ASK being correctly added as query string.

For global fix - we need on our side make some chained changes. So depending if this will work for you we will know how much work we got :)

[amoening]

OK making progress (now seeing the ask query and getting the right response / namespace but its got some funny things in the debug output ) but I think we may have an input encoding issue er something. Let me demonstrate ::

Running the local updated bin

$ ./akamai-cli-netlist_darwin_amd64 --account-switch-key F-AC-XXXXXXX:Y-YYYY  --debug debug get all

2021/08/19 07:49:36.800815 DEBUG RESTY 
==============================================================================
GET  /network-list/v2/network-lists?accountSwitchKey=F-AC-XXXXXXX%!A(MISSING)Y-YYYY&extended=false&includeElements=false&search=  HTTP/1.1
HOST   : akab-{host}.luna.akamaiapis.net
HEADERS:
                   Accept: application/json
            Authorization: EG1-HMAC-SHA256 akab-{client-token};access_token=akab-{access-token};timestamp=20210819T14:49:33+0000;nonce=23cb8ce8-0776-481f-9e40-4d72c5a3170b;signature=nu6GZ8SqXs86rhe+19aY87v4CEvaq1CAst8wJco0VDs=
             Content-Type: application/json
               User-Agent: apiheat/go-edgegrid/v6.1.0
BODY   :
***** NO CONTENT *****
------------------------------------------------------------------------------
STATUS 		: 200 OK
RECEIVED AT	: 2021-08-19T07:49:36.799542-07:00
RESPONSE TIME	: 3.190631548s
HEADERS:
               Connection: keep-alive
             Content-Type: application/json
                     Date: Thu, 19 Aug 2021 14:49:39 GMT
                   Server: nginx
                     Vary: accept-encoding
         X-Ids-Session-Id: 903ab269-9f2c-4a40-addc-4a49fcca481a
               X-Trace-Id: a1af611e6f806ab0
BODY   :
... {correct body for ASK name space below}

Notice the "(MISSING)" part in the URI in between the 2 aspects of the ASK key ::

F-AC-XXXXXXX:Y-YYYY

Maybe the ":" semicolon is getting borked somehow?

It works as it is but that MISSING part has me scratching my head...

Again thanks for this tool and the help!

[RafPe]

Hey @amoening the missing part got me really confused as well. So for a fix I need to make a PR on our common repo. The missing part is logging of the underlying http client which seems to be wrong

I checked it and I have exactly the same

2021/08/20 11:59:24.697976 DEBUG RESTY
==============================================================================
GET  /network-list/v2/network-lists/1024_AMAZONELASTICCOMPUTECLOU?accountSwitchKey=xxxxx-xxxx%!A(MISSING)1-xxxxx&extended=false&includeElements=false  HTTP/1.1
HOST   : akab-xxxx-xxxx.luna.akamaiapis.net
HEADERS:
                   Accept: application/json
            Authorization: ********
             Content-Type: application/json
               User-Agent: apiheat/go-edgegrid/v6.1.0
BODY   :
***** NO CONTENT *****
------------------------------------------------------------------------------
STATUS 		: 200 OK
RECEIVED AT	: 2021-08-20T11:59:24.69763+02:00
RESPONSE TIME	: 640.526162ms
HEADERS:

I have opened an issue on go-resty/resty#446 and will follow up with PR on our end

[RafPe]

In order to solve this we will need to upgrade to newer version of resty