gem login fails if you choose show_dashboard scope

[indirect]

Command I ran:

❯ gem login
Enter your RubyGems.org credentials.
Don't have an account yet? Create one at https://rubygems.org/sign_up
Username/email:   andre@arko.net
      Password:

API Key name [sabine.local-andre-20240509150710]:
The default access scope is:
  index_rubygems: y

Do you want to customise scopes? [yN]  y
show_dashboard (exclusive scope, answering yes will not prompt for other scopes) [yN]  y
HTTP Basic: Access denied.

Expected outcome: logged in with API key that has show_dashboard scope.

Actual outcome: not logged in, no API key saved.

Gem env:

RubyGems Environment:
  - RUBYGEMS VERSION: 3.5.10
  - RUBY VERSION: 3.2.2 (2023-03-30 patchlevel 53) [arm64-darwin23]
  - INSTALLATION DIRECTORY: /Users/andre/.gem/ruby/3.2.2
  - USER INSTALLATION DIRECTORY: /Users/andre/.gem/ruby/3.2.0
  - RUBY EXECUTABLE: /Users/andre/.rubies/ruby-3.2.2/bin/ruby
  - GIT EXECUTABLE: /opt/homebrew/bin/git
  - EXECUTABLE DIRECTORY: /Users/andre/.gem/ruby/3.2.2/bin
  - SPEC CACHE DIRECTORY: /Users/andre/.gem/specs
  - SYSTEM CONFIGURATION DIRECTORY: /Users/andre/.rubies/ruby-3.2.2/etc
  - RUBYGEMS PLATFORMS:
     - ruby
     - arm64-darwin-23
  - GEM PATHS:
     - /Users/andre/.gem/ruby/3.2.2
     - /Users/andre/.rubies/ruby-3.2.2/lib/ruby/gems/3.2.0
  - GEM CONFIGURATION:
     - :update_sources => true
     - :verbose => true
     - :backtrace => true
     - :bulk_threshold => 1000
  - REMOTE SOURCES:
     - https://rubygems.org/
  - SHELL PATH:
     - /Users/andre/.gem/ruby/3.2.2/bin
     - /Users/andre/.rubies/ruby-3.2.2/lib/ruby/gems/3.2.0/bin
     - /Users/andre/.rubies/ruby-3.2.2/bin
     - /Users/andre/.nodenv/shims
     - /Users/andre/.bin
     - /Users/andre/.cargo/bin
     - /opt/homebrew/bin
     - /opt/homebrew/sbin
     - /usr/local/bin
     - /System/Cryptexes/App/usr/bin
     - /usr/bin
     - /bin
     - /usr/sbin
     - /sbin
     - /var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin
     - /var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin
     - /var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin
     - /Library/Apple/usr/bin
     - /Applications/Little Snitch.app/Contents/Components
     - /Applications/VMware Fusion.app/Contents/Public
     - /Users/andre/.orbstack/bin
     - /Users/andre/.zsh/znap/unixorn/fzf-zsh-plugin/bin
     - /Users/andre/.fzf/bin

[deivid-rodriguez]

@indirect This is the error I get if I introduce invalid credentials. Can you double check your password is correct?

[indirect]

hmmmm at the time I was able to log in using (I thought) the same password but without setting the show_dashboard scope. I just went to reproduce, and now I am getting a totally different error! very confusing 🤔

❯ gem login --verbose
Enter your RubyGems.org credentials.
Don't have an account yet? Create one at https://rubygems.org/sign_up
Username/email:   andre@arko.net
      Password:

API Key name [sabine.local-andre-20240513132732]:
The default access scope is:
  index_rubygems: y

Do you want to customise scopes? [yN]

GET https://rubygems.org/api/v1/profile/me.yaml
200 OK
POST https://rubygems.org/api/v1/api_key
401 Unauthorized
POST https://rubygems.org/api/v1/webauthn_verification
200 OK
You have enabled multi-factor authentication. Please visit https://rubygems.org/webauthn_verification/k6QjKQqyCVmQ5btL?port=56732 to authenticate via security device. If you can't verify using WebAuthn but have OTP enabled, you can re-run the gem signin command with the `--otp [your_code]` option.
GET https://rubygems.org/api/v1/webauthn_verification/k6QjKQqyCVmQ5btL/status.json
401 Unauthorized
ERROR:  Security device verification failed: Unauthorized