auth:jwt:grant doesn't honor the HTTPS_PROXY environment variable

[mkhokhlov]

Summary

auth:jwt:grant doesn't honor the HTTPS_PROXY environment variable in sfdx-cli version newer than 7.146.1.

Steps To Reproduce:

1. Install sfdx-cli@latest - that's 7.158.1 as of this writing.
2. Install mitmproxy.
3. Start mitmproxy without any flags, so that it runs in the regular proxy mode and listens on the default port 8080.
4. Run the auth:jwt:grant command with environment variables instructing sfdx-cli to go through mitmproxy as the HTTPS proxy:

   NODE_TLS_REJECT_UNAUTHORIZED=0 \
     HTTPS_PROXY=http://localhost:8080 \
     SFDX_AUDIENCE_URL=https://test.salesforce.com \
     sfdx auth:jwt:grant 
       --clientid "<your client ID>" \
       --jwtkeyfile <path to your private key file> \
       --username <your username> \
       --instanceurl https://your-org--sandboxname.my.salesforce.com
   

Expected result

mitmproxy should register two requests, which indicates that sfdx-cli honors the HTTPS_PROXY environment variable:

Actual result

mitmproxy is not registering any requests, which indicates that sfdx-cli does not honor the `HTTPS_PROXY environment variable and sends the requests bypassing the proxy:

System Information

sfdx version --verbose --json
{
        "cliVersion": "sfdx-cli/7.158.1",
        "architecture": "linux-x64",
        "nodeVersion": "node-v14.19.1",
        "pluginVersions": [
                "@oclif/plugin-autocomplete 0.3.0 (core)",
                "@oclif/plugin-commands 1.3.0 (core)",
                "@oclif/plugin-help 3.3.1 (core)",
                "@oclif/plugin-not-found 1.2.6 (core)",
                "@oclif/plugin-plugins 1.10.11 (core)",
                "@oclif/plugin-update 1.5.0 (core)",
                "@oclif/plugin-warn-if-update-available 1.7.3 (core)",
                "@oclif/plugin-which 1.0.4 (core)",
                "@salesforce/sfdx-plugin-lwc-test 1.0.0 (core)",
                "alias 2.1.0 (core)",
                "apex 0.13.0 (core)",
                "auth 2.2.2 (core)",
                "community 2.0.0 (core)",
                "config 1.4.12 (core)",
                "custom-metadata 2.0.0 (core)",
                "data 2.0.4 (core)",
                "generator 2.0.2 (core)",
                "info 2.0.1 (core)",
                "limits 2.0.1 (core)",
                "org 2.0.1 (core)",
                "salesforce-alm 54.6.2 (core)",
                "schema 2.1.1 (core)",
                "sfdx-cli 7.158.1 (core)",
                "signups 1.2.0 (core)",
                "source 2.0.3 (core)",
                "telemetry 2.0.0 (core)",
                "templates 55.0.0 (core)",
                "trust 2.0.1 (core)",
                "user 2.1.0 (core)"
        ],
        "osVersion": "Linux 5.17.11-1-amd64"
}

[github-actions]

Thank you for filing this issue. We appreciate your feedback and will review the issue as soon as possible. Remember, however, that GitHub isn't a mechanism for receiving support under any agreement or SLA. If you require immediate assistance, contact Salesforce Customer Support.

[mshanemc]

does it work if you use HTTP_PROXY instead?

[mshanemc]

@mkhokhlov I think a tiny change to jsforce might solve this. See the PR that just linked.

[JohanJohanson]

@mshanemc experiencing the same issue and having both HTTP_PROXY as well as HTTPS_PROXY set does no difference.

[mkhokhlov]

Setting HTTP_PROXY (without setting HTTPS_PROXY) does seem to help. One somewhat interesting bit is that I'm seeing two 400/BadRequest, seemingly due to a double slash after the hostname:

[mshanemc]

@W-11426296@

[mshanemc]

this should be fixed in today's RC (will be 7.161.0)