[PR #790] [MERGED] fix(web-auth): add debug diagnostics for 401 login failures #789

New issue

Closed

opened 2026-02-26 22:32:34 +03:00 by kerem · 0 comments

kerem commented 2026-02-26 22:32:34 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/rudrankriyam/App-Store-Connect-CLI/pull/790
Author: @rudrankriyam
Created: 2/26/2026
Status: ✅ Merged
Merged: 2/26/2026
Merged by: @rudrankriyam

Base: main ← Head: feat/web-auth-debug-logging

---

📝 Commits (1)

• 2fc11a8 fix(web-auth): add redacted debug diagnostics for login failures

📊 Changes

5 files changed (+331 additions, -9 deletions)

View changed files

➕ internal/cli/shared/debug_overrides_test.go (+67 -0)
📝 internal/cli/shared/shared.go (+10 -4)
📝 internal/cli/web/web_auth.go (+2 -0)
📝 internal/web/auth.go (+161 -5)
📝 internal/web/auth_test.go (+91 -0)

📄 Description

Summary

• apply root --debug / --api-debug runtime overrides to web-session auth flows so debug flags work for asc web auth login
• add sanitized web-auth HTTP diagnostics for each auth stage (status, request/correlation IDs, and service error codes) without leaking tokens/passwords/query secrets
• add tests for root logging override application and redaction/no-op behavior in web auth debug logging

Test plan

• ASC_BYPASS_KEYCHAIN=1 go test ./internal/web ./internal/cli/shared ./internal/cli/web ./internal/cli/cmdtest
• make format
• make lint
• ASC_BYPASS_KEYCHAIN=1 make test

Why this helps with 401s

• friend can run asc --debug web auth login --apple-id \"...\" (or --api-debug) and share request metadata + stage-level status/codes for diagnosis
• logs include Apple request IDs and service codes while keeping sensitive values redacted

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/rudrankriyam/App-Store-Connect-CLI/pull/790 **Author:** [@rudrankriyam](https://github.com/rudrankriyam) **Created:** 2/26/2026 **Status:** ✅ Merged **Merged:** 2/26/2026 **Merged by:** [@rudrankriyam](https://github.com/rudrankriyam) **Base:** `main` ← **Head:** `feat/web-auth-debug-logging` --- ### 📝 Commits (1) - [`2fc11a8`](https://github.com/rudrankriyam/App-Store-Connect-CLI/commit/2fc11a892a5827b8f1fe1312eb8408f69b34d154) fix(web-auth): add redacted debug diagnostics for login failures ### 📊 Changes **5 files changed** (+331 additions, -9 deletions) <details> <summary>View changed files</summary> ➕ `internal/cli/shared/debug_overrides_test.go` (+67 -0) 📝 `internal/cli/shared/shared.go` (+10 -4) 📝 `internal/cli/web/web_auth.go` (+2 -0) 📝 `internal/web/auth.go` (+161 -5) 📝 `internal/web/auth_test.go` (+91 -0) </details> ### 📄 Description ## Summary - apply root `--debug` / `--api-debug` runtime overrides to web-session auth flows so debug flags work for `asc web auth login` - add sanitized web-auth HTTP diagnostics for each auth stage (status, request/correlation IDs, and service error codes) without leaking tokens/passwords/query secrets - add tests for root logging override application and redaction/no-op behavior in web auth debug logging ## Test plan - [x] `ASC_BYPASS_KEYCHAIN=1 go test ./internal/web ./internal/cli/shared ./internal/cli/web ./internal/cli/cmdtest` - [x] `make format` - [x] `make lint` - [x] `ASC_BYPASS_KEYCHAIN=1 make test` ## Why this helps with 401s - friend can run `asc --debug web auth login --apple-id \"...\"` (or `--api-debug`) and share request metadata + stage-level status/codes for diagnosis - logs include Apple request IDs and service codes while keeping sensitive values redacted --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-02-26 22:32:34 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.49.1

0.49.0

0.48.1

0.48.0

0.47.1

0.47.0

0.46.2

0.46.1

0.46.0

0.45.4

0.45.3

0.45.2

0.45.1

0.45.0

0.44.2

0.44.1

0.44.0

0.43.0

0.42.0

0.41.4

0.41.3

0.41.2

0.41.1

0.41.0

0.40.1

0.40.0

0.39.1

0.39.0

0.38.3

0.38.2

0.38.1

0.38.0

0.37.3

0.37.2

0.37.1

0.37.0

0.36.3

0.36.2

0.36.1

0.36.0

0.35.3

0.35.2

0.35.1

0.35.0

0.34.1

0.34.0

0.33.2

0.33.1

0.33.0

0.32.0

0.31.3

0.31.2

0.31.1

0.31.0

0.30.0

0.29.3

0.29.2

0.29.1

0.29.0

0.28.14

0.28.13

0.28.12

0.28.11

0.28.10

0.28.9

0.28.8

0.28.7

0.28.6

0.28.5

0.28.4

0.28.3

0.28.2

0.28.1

0.28.0

0.27.0

0.26.4

0.26.3

0.26.2

0.26.1

0.26.0

0.25.4

0.25.3

0.25.1

0.25.0

0.24.3

0.24.2

0.24.1

0.24.0

0.23.5

0.23.4

0.23.3

0.23.2

0.23.1

0.23.0

0.22.1

0.22.0

0.21.0

0.20.2

0.20.1

0.20.0

0.19.3

0.19.2

0.19.1

0.19.0

0.18.2

0.18.1

0.18.0

0.17.0

0.16.0

0.15.0

0.14.0

0.13.0

0.12.4

0.12.3

0.12.2

0.12.1

0.12.0

0.11.0

0.10.2

0.10.1

0.10.0

0.9.0

0.8.1

0.8.0

0.7.0

0.6.0

0.5.0

0.3.1

0.3.0

0.2.0

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Labels

Clear labels   

bug

  

bug

  

documentation

  

enhancement

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

bug

documentation

enhancement

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/App-Store-Connect-CLI#789

No description provided.