feat(node): support username and _password in .npmrc file (#24793)

Closes #23950
2025-08-03 18:38:33 +00:00 · 2024-08-14 18:53:15 +02:00 · 2024-08-14 18:53:15 +02:00 · f89b531149
commit f89b531149
parent 1f2d48cd97
17 changed files with 135 additions and 8 deletions
--- a/cli/npm/common.rs
+++ b/cli/npm/common.rs
@ -1,25 +1,54 @@
 // Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.

+use base64::prelude::BASE64_STANDARD;
+use base64::Engine;
+use deno_core::anyhow::bail;
+use deno_core::error::AnyError;
 use deno_npm::npm_rc::RegistryConfig;
 use http::header;

 // TODO(bartlomieju): support more auth methods besides token and basic auth
 pub fn maybe_auth_header_for_npm_registry(
  registry_config: &RegistryConfig,
-) -> Option<(header::HeaderName, header::HeaderValue)> {
+) -> Result<Option<(header::HeaderName, header::HeaderValue)>, AnyError> {
  if let Some(token) = registry_config.auth_token.as_ref() {
-    return Some((
+    return Ok(Some((
      header::AUTHORIZATION,
      header::HeaderValue::from_str(&format!("Bearer {}", token)).unwrap(),
-    ));
+    )));
  }

  if let Some(auth) = registry_config.auth.as_ref() {
-    return Some((
+    return Ok(Some((
      header::AUTHORIZATION,
      header::HeaderValue::from_str(&format!("Basic {}", auth)).unwrap(),
-    ));
+    )));
  }

-  None
+  let (username, password) = (
+    registry_config.username.as_ref(),
+    registry_config.password.as_ref(),
+  );
+  if (username.is_some() && password.is_none())
+    || (username.is_none() && password.is_some())
+  {
+    bail!("Both the username and password must be provided for basic auth")
+  }
+
+  if username.is_some() && password.is_some() {
+    return Ok(Some((
+      header::AUTHORIZATION,
+      header::HeaderValue::from_str(&format!(
+        "Basic {}",
+        BASE64_STANDARD.encode(&format!(
+          "{}:{}",
+          username.unwrap(),
+          password.unwrap()
+        ))
+      ))
+      .unwrap(),
+    )));
+  }
+
+  Ok(None)
 }
--- a/cli/npm/managed/cache/registry_info.rs
+++ b/cli/npm/managed/cache/registry_info.rs
@ -192,7 +192,13 @@ impl RegistryInfoDownloader {
    let downloader = self.clone();
    let package_url = self.get_package_url(name);
    let registry_config = self.npmrc.get_registry_config(name);
-    let maybe_auth_header = maybe_auth_header_for_npm_registry(registry_config);
+    let maybe_auth_header =
+      match maybe_auth_header_for_npm_registry(registry_config) {
+        Ok(maybe_auth_header) => maybe_auth_header,
+        Err(err) => {
+          return std::future::ready(Err(Arc::new(err))).boxed_local()
+        }
+      };
    let guard = self.progress_bar.update(package_url.as_str());
    let name = name.to_string();
    async move {
--- a/cli/npm/managed/cache/tarball.rs
+++ b/cli/npm/managed/cache/tarball.rs
@ -167,7 +167,7 @@ impl TarballCache {
      let tarball_uri = Url::parse(&dist.tarball)?;
      let maybe_registry_config =
        tarball_cache.npmrc.tarball_config(&tarball_uri);
-      let maybe_auth_header = maybe_registry_config.and_then(|c| maybe_auth_header_for_npm_registry(c));
+      let maybe_auth_header = maybe_registry_config.and_then(|c| maybe_auth_header_for_npm_registry(c).ok()?);

      let guard = tarball_cache.progress_bar.update(&dist.tarball);
      let result = tarball_cache.http_client_provider