Keyfactor
diff --git a/‎CHANGELOG.md‎
Lines changed: 20 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎cmd/constants.go‎
Lines changed: 7 additions & 3 deletions b/‎cmd/constants.go‎
Lines changed: 7 additions & 3 deletions
diff --git a/‎cmd/helpers.go‎
Lines changed: 33 additions & 17 deletions b/‎cmd/helpers.go‎
Lines changed: 33 additions & 17 deletions
diff --git a/‎cmd/logging.go‎
Lines changed: 45 additions & 0 deletions b/‎cmd/logging.go‎
Lines changed: 45 additions & 0 deletions
diff --git a/‎cmd/login.go‎
Lines changed: 21 additions & 5 deletions b/‎cmd/login.go‎
Lines changed: 21 additions & 5 deletions
diff --git a/‎cmd/logout.go‎
Lines changed: 1 addition & 3 deletions b/‎cmd/logout.go‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎cmd/root.go‎
Lines changed: 68 additions & 16 deletions b/‎cmd/root.go‎
Lines changed: 68 additions & 16 deletions
@@ -1,3 +1,23 @@
+# v1.7.0
+
+## Features
+
+### CLI
+
+- `stores import csv`: supports interactive credential input, as well as input via flags and environmental
+  variables. [docs](docs/kfutil_stores_import_csv.md)
+
+## Fixes
+
+### CLI
+
+- `stores import csv`: providing a `Password(/StorePassword)` does not crash CLI.
+- `stores import csv`: results CSV retains input header ordering.
+- `stores import csv`: Handle `BOM` characters in an input CSV file.
+- `store-types create`: URL encode `-b` parameter when passed.
+- `store-types create`: Initialize logger before fetching store-type definitions.
+- `stores rot`: Re-enabled and improved logging.
+
 # v1.6.2
 
 ## Fixes
 
@@ -30,10 +30,14 @@ const (
 	FlagGitRef                = "git-ref"
 	FlagGitRepo               = "repo"
 	FlagFromFile              = "from-file"
-	DebugFuncEnter            = "entered: %s"
-	DebugFuncExit             = "exiting: %s"
-	DebugFuncCall             = "calling: %s"
+	DebugFuncEnter            = "entered:"
+	DebugFuncExit             = "exiting:"
+	DebugFuncCall             = "calling:"
 	MinHttpTimeout            = 3
+
+	EnvStoresImportCSVServerUsername = "KFUTIL_CSV_SERVER_USERNAME"
+	EnvStoresImportCSVServerPassword = "KFUTIL_CSV_SERVER_PASSWORD"
+	EnvStoresImportCSVStorePassword  = "KFUTIL_CSV_STORE_PASSWORD"
 )
 
 var ProviderTypeChoices = []string{
 
@@ -23,15 +23,15 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
+	"slices"
 	"strconv"
 	"time"
 
 	"github.com/google/uuid"
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/cobra"
-
-	stdlog "log"
+	//stdlog "log"
 )
 
 func boolToPointer(b bool) *bool {
@@ -132,7 +132,7 @@ func csvToMap(filename string) ([]map[string]string, error) {
 
 			// Populate the map with data from the row
 			for i, column := range header {
-				rowMap[column] = row[i]
+				rowMap[column] = stripAllBOMs(row[i])
 			}
 
 			// Append the map to the data slice
@@ -190,12 +190,23 @@ func informDebug(debugFlag bool) {
 }
 
 func initLogger() {
-	stdlog.SetOutput(io.Discard)
-	zerolog.TimeFieldFormat = zerolog.TimeFormatUnix
-	zerolog.SetGlobalLevel(zerolog.Disabled) // default to disabled
-	log.Logger = log.With().Caller().Logger()
+	// Configure zerolog to include caller information
+	log.Logger = log.With().Caller().Logger().Output(
+		zerolog.ConsoleWriter{
+			Out:        os.Stdout,
+			TimeFormat: time.RFC3339,
+			FormatCaller: func(caller interface{}) string {
+				if c, ok := caller.(string); ok {
+					return c // This will include the full file path and line number
+				}
+				return ""
+			},
+		},
+	)
 	log.Logger = log.Output(zerolog.ConsoleWriter{Out: os.Stdout, TimeFormat: time.RFC3339})
 
+	initStdLogger()
+
 }
 
 func intToPointer(i int) *int {
@@ -282,27 +293,32 @@ func logGlobals() {
 
 }
 
-func mapToCSV(data []map[string]string, filename string) error {
-	file, err := os.Create(filename)
-	if err != nil {
-		return err
+func mapToCSV(data []map[string]string, filename string, inputHeader []string) error {
+	file, fErr := os.Create(filename)
+	if fErr != nil {
+		return fErr
 	}
 	defer file.Close()
 
 	writer := csv.NewWriter(file)
 	defer writer.Flush()
 
 	// Write the header using keys from the first map
-	var header []string
-	if len(data) > 0 {
+	var header = inputHeader
+	if len(header) <= 0 && len(data) > 0 {
 		for key := range data[0] {
-			header = append(header, key)
-		}
-		if err := writer.Write(header); err != nil {
-			return err
+			header = append(header, stripAllBOMs(key))
 		}
 	}
 
+	errorColFound := slices.Contains(header, "Errors")
+	if !errorColFound {
+		header = append(header, "Errors")
+	}
+	if hErr := writer.Write(header); hErr != nil {
+		return hErr
+	}
+
 	// Write map data to CSV
 	for _, row := range data {
 		var record []string
 
@@ -0,0 +1,45 @@
+package cmd
+
+import (
+	"strings"
+
+	"github.com/rs/zerolog/log"
+)
+
+// zerologWriter implements io.Writer and forwards standard log output to zerolog
+type zerologWriter struct{}
+
+func (w zerologWriter) Write(p []byte) (n int, err error) {
+	// Clean up the log message (remove timestamp, etc.)
+	msg := string(p)
+	msg = strings.TrimSpace(msg)
+
+	// Check if it's a debug message
+	if strings.Contains(msg, "[DEBUG]") {
+		msg = strings.Replace(msg, "[DEBUG]", "", 1)
+		log.Debug().Msg(strings.TrimSpace(msg))
+	} else if strings.Contains(msg, "[ERROR]") {
+		msg = strings.Replace(msg, "[ERROR]", "", 1)
+		log.Error().Msg(strings.TrimSpace(msg))
+	} else if strings.Contains(msg, "[INFO]") {
+		msg = strings.Replace(msg, "[INFO]", "", 1)
+		log.Info().Msg(strings.TrimSpace(msg))
+
+	} else if strings.Contains(msg, "[WARN]") {
+		msg = strings.Replace(msg, "[WARN]", "", 1)
+		log.Warn().Msg(strings.TrimSpace(msg))
+
+	} else if strings.Contains(msg, "[FATAL]") {
+		msg = strings.Replace(msg, "[FATAL]", "", 1)
+		log.Fatal().Msg(strings.TrimSpace(msg))
+
+	} else if strings.Contains(msg, "[TRACE]") {
+		msg = strings.Replace(msg, "[TRACE]", "", 1)
+		log.Trace().Msg(strings.TrimSpace(msg))
+	} else {
+		// Default to info level
+		log.Info().Msg(msg)
+	}
+
+	return len(p), nil
+}
@@ -17,8 +17,6 @@ package cmd
 import (
 	"bufio"
 	"fmt"
-	"io"
-	stdlog "log"
 	"os"
 	"path"
 	"strings"
@@ -70,7 +68,7 @@ WARNING: This will write the environmental credentials to disk and will be store
 		if debugErr != nil {
 			return debugErr
 		}
-		stdlog.SetOutput(io.Discard)
+		//stdlog.SetOutput(io.Discard)
 		informDebug(debugFlag)
 		logGlobals()
 
@@ -237,14 +235,32 @@ WARNING: This will write the environmental credentials to disk and will be store
 		}
 
 		if authType == "oauth" {
-			log.Debug().Msg("attempting to authenticate via OAuth")
+			log.Debug().
+				Str("profile", profile).
+				Str("configFile", configFile).
+				Str("host", outputServer.Host).
+				Str("authType", authType).
+				Str("accessToken", hashSecretValue(kfcOAuth.AccessToken)).
+				Str("clientID", kfcOAuth.ClientID).
+				Str("clientSecret", hashSecretValue(kfcOAuth.ClientSecret)).
+				Str("apiPath", kfcOAuth.CommandAPIPath).
+				Msg("attempting to authenticate via OAuth")
 			aErr := kfcOAuth.Authenticate()
 			if aErr != nil {
 				log.Error().Err(aErr)
 				return aErr
 			}
 		} else if authType == "basic" {
-			log.Debug().Msg("attempting to authenticate via Basic Auth")
+			log.Debug().
+				Str("profile", profile).
+				Str("configFile", configFile).
+				Str("host", outputServer.Host).
+				Str("authType", authType).
+				Str("username", kfcBasicAuth.Username).
+				Str("domain", kfcBasicAuth.Domain).
+				Str("password", hashSecretValue(kfcBasicAuth.Password)).
+				Str("apiPath", kfcBasicAuth.CommandAPIPath).
+				Msg("attempting to authenticate via Basic Auth")
 			aErr := kfcBasicAuth.Authenticate()
 			if aErr != nil {
 				log.Error().Err(aErr)
 
@@ -16,8 +16,6 @@ package cmd
 
 import (
 	"fmt"
-	"io"
-	stdlog "log"
 	"os"
 
 	"github.com/Keyfactor/keyfactor-auth-client-go/auth_providers"
@@ -39,7 +37,7 @@ var logoutCmd = &cobra.Command{
 		if debugErr != nil {
 			return debugErr
 		}
-		stdlog.SetOutput(io.Discard)
+		//stdlog.SetOutput(io.Discard)
 		informDebug(debugFlag)
 
 		logGlobals()
 
@@ -17,7 +17,6 @@ package cmd
 import (
 	_ "embed"
 	"fmt"
-	"io"
 	stdlog "log"
 	"os"
 	"strings"
@@ -135,6 +134,13 @@ func getServerConfigFromEnv() (*auth_providers.Server, error) {
 	apiPath, aOk := os.LookupEnv(auth_providers.EnvKeyfactorAPIPath)
 	clientId, cOk := os.LookupEnv(auth_providers.EnvKeyfactorClientID)
 	clientSecret, csOk := os.LookupEnv(auth_providers.EnvKeyfactorClientSecret)
+	audience, _ := os.LookupEnv(auth_providers.EnvKeyfactorAuthAudience)
+	scopesCSV, _ := os.LookupEnv(auth_providers.EnvKeyfactorAuthScopes)
+	var scopes []string
+	if scopesCSV != "" {
+		scopes = strings.Split(scopesCSV, ",")
+	}
+
 	tokenUrl, tOk := os.LookupEnv(auth_providers.EnvKeyfactorAuthTokenURL)
 	skipVerify, svOk := os.LookupEnv(auth_providers.EnvKeyfactorSkipVerify)
 	var skipVerifyBool bool
@@ -161,24 +167,44 @@ func getServerConfigFromEnv() (*auth_providers.Server, error) {
 	}
 
 	if isBasicAuth {
-		log.Debug().
-			Str("username", username).
-			Str("password", hashSecretValue(password)).
-			Str("domain", domain).
-			Str("hostname", hostname).
+
+		log.Debug().Str("hostname", hostname).
 			Str("apiPath", apiPath).
 			Bool("skipVerify", skipVerifyBool).
-			Msg("call: basicAuthNoParamsConfig.Authenticate()")
+			Msg("setting up basic auth client base configuration")
 		basicAuthNoParamsConfig.WithCommandHostName(hostname).
 			WithCommandAPIPath(apiPath).
 			WithSkipVerify(skipVerifyBool)
 
-		bErr := basicAuthNoParamsConfig.
+		log.Debug().
+			Str("username", username).
+			Str("password", hashSecretValue(password)).
+			Str("domain", domain).
+			Msg("setting up basic auth configuration")
+		_ = basicAuthNoParamsConfig.
 			WithUsername(username).
 			WithPassword(password).
-			WithDomain(domain).
-			Authenticate()
-		log.Debug().Msg("complete: basicAuthNoParamsConfig.Authenticate()")
+			WithDomain(domain)
+
+		log.Debug().
+			Str("username", basicAuthNoParamsConfig.Username).
+			Str("password", hashSecretValue(password)).
+			Str("domain", basicAuthNoParamsConfig.Domain).
+			Str("hostname", basicAuthNoParamsConfig.CommandHostName).
+			Str("apiPath", basicAuthNoParamsConfig.CommandAPIPath).
+			Bool("skipVerify", basicAuthNoParamsConfig.CommandAuthConfig.SkipVerify).
+			Msg(fmt.Sprintf("%s basicAuthNoParamsConfig.Authenticate()", DebugFuncCall))
+
+		bErr := basicAuthNoParamsConfig.Authenticate()
+		log.Debug().
+			Str("username", basicAuthNoParamsConfig.Username).
+			Str("password", hashSecretValue(password)).
+			Str("domain", basicAuthNoParamsConfig.Domain).
+			Str("hostname", basicAuthNoParamsConfig.CommandHostName).
+			Str("apiPath", basicAuthNoParamsConfig.CommandAPIPath).
+			Bool("skipVerify", basicAuthNoParamsConfig.CommandAuthConfig.SkipVerify).
+			Msg("complete: basicAuthNoParamsConfig.Authenticate()")
+
 		if bErr != nil {
 			log.Error().Err(bErr).Msg("unable to authenticate with provided credentials")
 			return nil, bErr
@@ -187,16 +213,36 @@ func getServerConfigFromEnv() (*auth_providers.Server, error) {
 		return basicAuthNoParamsConfig.GetServerConfig(), nil
 	} else if isOAuth {
 		log.Debug().
-			Str("clientId", clientId).
-			Str("clientSecret", hashSecretValue(clientSecret)).
-			Str("tokenUrl", tokenUrl).
 			Str("hostname", hostname).
 			Str("apiPath", apiPath).
 			Bool("skipVerify", skipVerifyBool).
-			Msg("call: oAuthNoParamsConfig.Authenticate()")
+			Msg("setting up oAuth client base configuration")
 		_ = oAuthNoParamsConfig.CommandAuthConfig.WithCommandHostName(hostname).
 			WithCommandAPIPath(apiPath).
 			WithSkipVerify(skipVerifyBool)
+
+		log.Debug().
+			Str("clientId", clientId).
+			Str("clientSecret", hashSecretValue(clientSecret)).
+			Str("tokenUrl", tokenUrl).
+			Str("audience", audience).
+			Strs("scopes", scopes).
+			Msg("setting up oAuth configuration")
+		_ = oAuthNoParamsConfig.WithClientId(clientId).
+			WithClientSecret(clientSecret).
+			WithTokenUrl(tokenUrl).
+			WithAudience(audience).
+			WithScopes(scopes)
+
+		log.Debug().
+			Str("clientId", oAuthNoParamsConfig.ClientID).
+			Str("clientSecret", hashSecretValue(oAuthNoParamsConfig.ClientSecret)).
+			Str("tokenUrl", oAuthNoParamsConfig.TokenURL).
+			Str("hostname", oAuthNoParamsConfig.CommandHostName).
+			Str("apiPath", oAuthNoParamsConfig.CommandAPIPath).
+			Bool("skipVerify", oAuthNoParamsConfig.SkipVerify).
+			Str("caCert", oAuthNoParamsConfig.CommandCACert).
+			Msg(fmt.Sprintf("%s oAuthNoParamsConfig.Authenticate()", DebugFuncCall))
 		oErr := oAuthNoParamsConfig.Authenticate()
 		log.Debug().Msg("complete: oAuthNoParamsConfig.Authenticate()")
 		if oErr != nil {
@@ -738,7 +784,7 @@ var RootCmd = &cobra.Command{
 // Execute adds all child commands to the root command and sets flags appropriately.
 // This is called by main.main(). It only needs to happen once to the rootCmd.
 func Execute() {
-	stdlog.SetOutput(io.Discard)
+	//stdlog.SetOutput(io.Discard)
 	err := RootCmd.Execute()
 	if err != nil {
 		os.Exit(1)
@@ -881,3 +927,9 @@ func init() {
 
 	RootCmd.AddCommand(makeDocsCmd)
 }
+
+func initStdLogger() {
+	// Redirect standard library's log to zerolog
+	stdlog.SetOutput(zerologWriter{})
+	stdlog.SetFlags(0) // Remove timestamp from standard logger
+}