Provide more info in response to authentication errors and allow users to update password on mainframe

[adam-wolfe]

Is your feature request related to a problem? Please describe.

Currently, if authentication to z/OSMF fails, we ask the user to update their credentials. However, this may not be useful if the password has expired or if the user ID has been revoked.

Describe the solution you'd like

According to https://www.ibm.com/support/pages/apar/PH34912, there is a PTF for z/OS 2.4 that:

...
3. Enhances the Authenticate REST services to
a. Report if a password is expired, or a user ID is revoked.
b. provide a new REST service to change the password.
HTTP method and URI path for change password:
PUT /zosmf/services/authenticate
...

Note: This functionality must be manually enabled in z/OSMF for it to be provided to consumers of the REST API. See https://github.com/zowe/api-layer/issues/2995

Zowe Explorer should make use of this information to 1. let users know that their password has expired and give them the opportunity to change their password using Zowe Explorer; and 2. tell users if the User ID has been revoked so they know to take some other action.

We should determine how to make use of this information in a way that is backwards compatible for users without the PTF installed. We should also determine what information we get back from the Mediation Layer.

Describe alternatives you've considered

Currently, if credentials are rejected, users have to log into TSO to figure out what they need to do.

Additional context

Research is needed to determine what is available for users authenticating to the API ML. I.e., can we determine if the password has expired or if the user ID has been revoked when users attempt to authenticate to the API Mediation Layer?

Interested mainly in reading:

"messageNumber": "ZWEAT412E" -> "The password for the specified identity has expired" "messageNumber": "ZWEAT414E" -> "Account Suspended"