OCM-18900 | fix: Improve proxy validation error messages for special characters in passwords

Author: olucasfreitas

cmd/list/dnsdomains/cmd.go

@@ -53,7 +53,7 @@ func init() {
 		"all",
 		"a",
 		false,
-		"List all DNS domains (default lists just user defined).",
+		"List all DNS domains across organizations (for support).",
 	)
 
 	flags.BoolVar(
@@ -70,14 +70,19 @@ func run(_ *cobra.Command, _ []string) {
 	r := rosa.NewRuntime().WithOCM()
 	defer r.Cleanup()
 
-	r.Reporter.Debugf("Loading dns domains for current org id")
-	search := "user_defined='true'"
+	organizationID, _, err := r.OCMClient.GetCurrentOrganization()
+	if err != nil {
+		_ = r.Reporter.Errorf("Failed to get current organization: %v", err)
+		os.Exit(1)
+	}
+
+	search := fmt.Sprintf("user_defined='true' and organization.id='%s'", organizationID)
 	if args.all {
-		search = ""
+		search = "user_defined='true'"
 	}
 	dnsDomains, err := r.OCMClient.ListDNSDomains(search)
 	if err != nil {
-		r.Reporter.Errorf("Failed to list DNS Domains: %v", err)
+		_ = r.Reporter.Errorf("Failed to list DNS Domains: %v", err)
 		os.Exit(1)
 	}
 
@@ -88,7 +93,7 @@ func run(_ *cobra.Command, _ []string) {
 	if output.HasFlag() {
 		err = output.Print(dnsDomains)
 		if err != nil {
-			r.Reporter.Errorf("%s", err)
+			_ = r.Reporter.Errorf("%s", err)
 			os.Exit(1)
 		}
 		os.Exit(0)

pkg/ocm/helpers.go

@@ -139,12 +139,25 @@ func ValidateHTTPProxy(val interface{}) error {
 		if httpProxy == "" {
 			return nil
 		}
-		url, err := url.ParseRequestURI(httpProxy)
+		parsedURL, err := url.ParseRequestURI(httpProxy)
 		if err != nil {
-			return fmt.Errorf("Invalid http-proxy value '%s'", httpProxy)
+			errMsg := err.Error()
+			if strings.Contains(errMsg, "invalid port") && strings.Contains(httpProxy, "@") {
+				return fmt.Errorf("Invalid http-proxy value '%s': password contains special characters that must be URL-encoded (e.g., '/' as '%%2F', '#' as '%%23')",
+					httpProxy)
+			}
+			if !strings.Contains(httpProxy, "://") {
+				return fmt.Errorf("Invalid http-proxy value '%s': missing protocol scheme. URL must start with 'http://'",
+					httpProxy)
+			}
+			// Show the actual parsing error for other cases
+			return fmt.Errorf("Invalid http-proxy value '%s': %s", httpProxy, err)
 		}
-		if url.Scheme != "http" {
-			return errors.Errorf("%s", "Expected http-proxy to have an http:// scheme")
+		if parsedURL.Scheme != "http" {
+			if parsedURL.Scheme == "https" {
+				return errors.Errorf("Invalid http-proxy value '%s': use --https-proxy for HTTPS proxies", httpProxy)
+			}
+			return errors.Errorf("Expected http-proxy to have an http:// scheme")
 		}
 		return nil
 	}

pkg/ocm/helpers_test.go

@@ -695,3 +695,43 @@ var _ = Describe("GetAutoNodeRoleArn", func() {
 		Expect(exists).To(BeTrue())
 	})
 })
+
+var _ = Describe("ValidateHTTPProxy", func() {
+	It("accepts valid proxy URL with authentication", func() {
+		err := ValidateHTTPProxy("http://user:[email protected]:8080")
+		Expect(err).NotTo(HaveOccurred())
+	})
+
+	It("accepts valid proxy URL without authentication", func() {
+		err := ValidateHTTPProxy("http://proxy.example.com:8080")
+		Expect(err).NotTo(HaveOccurred())
+	})
+
+	It("accepts empty string", func() {
+		err := ValidateHTTPProxy("")
+		Expect(err).NotTo(HaveOccurred())
+	})
+
+	It("rejects password with forward slash and provides helpful error", func() {
+		err := ValidateHTTPProxy("http://proxyuser:QvoZjyy/[email protected]:8080")
+		Expect(err).To(HaveOccurred())
+		Expect(err.Error()).To(ContainSubstring("must be URL-encoded"))
+	})
+
+	It("accepts password with URL-encoded forward slash", func() {
+		err := ValidateHTTPProxy("http://proxyuser:QvoZjyy%[email protected]:8080")
+		Expect(err).NotTo(HaveOccurred())
+	})
+
+	It("rejects HTTPS scheme and suggests using --https-proxy", func() {
+		err := ValidateHTTPProxy("https://proxy.example.com:8080")
+		Expect(err).To(HaveOccurred())
+		Expect(err.Error()).To(ContainSubstring("use --https-proxy"))
+	})
+
+	It("rejects missing protocol scheme", func() {
+		err := ValidateHTTPProxy("proxy.example.com:8080")
+		Expect(err).To(HaveOccurred())
+		Expect(err.Error()).To(ContainSubstring("http:// scheme"))
+	})
+})