Clients are updated to manage API key rotation appropriately after v1.9.0

[izgeri]

Following the release of v1.9.0 which included a medium security bug fix, we have some clients capable of rotating API keys which need to be updated to ensure they follow the new guidelines.

In Conjur v1.9.0+ (and DAP 11.7+), when a role is rotating its own API key, it must authenticate to the /api_key route using basic authentication, and cannot send the request with only an access token.

That is, the request should look something like:

curl -f -X PUT -s --user "host/{host ID}:{api_key}" http://{Conjur URL}/authn/{accouont}/api_key

In this mini-epic, we track the work required to make these downstream updates.

• Ruby client uses basic authentication throws errors when using the wrong API call for API key rotation events - Ruby client uses basic authentication for API key rotation events conjur-api-ruby#181
• There is a new release of the Ruby client including a fix for API key rotation - There is a new release of the Ruby client including a fix for API key rotation conjur-api-ruby#182
• Update CLI to consume new Ruby client version - Update CLI to consume new Ruby client version cyberark-conjur-cli-docker-based#297
• There is a new release of the Conjur CLI - There is a new release of the Conjur CLI cyberark-conjur-cli-docker-based#298
• Golang client lib raises errors when attempting to rotate own API key - Client gets 401 response from server when attempting to rotate own API key via RotateAPIKey* conjur-api-go#78
• Golang client lib is again able to be used to rotate current user's API key - - Add capability to rotate own API key conjur-api-go#79
• There is a new release of the Golang client library - - Release a new version of this API conjur-api-go#80