oci-cli
oci-cli copied to clipboard
oracle
session authencation port is hardcoded
If a port is occupied then next available or a random port must be selected instead of an error:
Could not complete bootstrap process because port xxxx is already in use.
@qtlin, so here I have gone through the code for creating user session, and what i have seen here src\oci_cli\cli_setup_bootstrap.py is that the port assigning is done in static way and its hard coded so right now user cannot do anything other than ensuring that port is available while creating user-session.
Now, I might be wrong as this is the first time I have gone through the code so tagging contributors to clear the air here, but as far as I can see that the port is hard coded and a dynamic approach would be a much better feature as every time one would not like to go and free-up the 8181 port as it offers a lot of hindrance to the workflow and installation.
@harshkumar-dev , @HamadaGabrIbrahim, @mross22, @vish1, @kernleee , @karthik-k-kamath
Also opening a PR to solve this issue. Please also advise is there any security vulnerabilities with this dynamic approach.
I mentioned this in #736 but this should be implemented as a command-line parameter not as a dynamic process. Having the ability to provide a specific port would allow users with restrictive firewalls to still use this process.
I agree with @Djelibeybi that port must be configurable in advance or requested from command line in case 8181 is occupied for whatever reason. Right now the process fails if 8181 is not available.
I have an internal branch with this implemented and working for oci setup bootstrap but something is blocking the oci session authenticate flow.
I need to find the right folks in the Identity team to talk to about this, and it's already Friday here, so I'll probably resume again on Monday.
ok, whatever it is let me know, whether the port selection should be don in advance or has to be requested from command line in case 8181 is occupied.