gsoft-inc / azure-devops-npm-auth Goto Github PK
View Code? Open in Web Editor NEWUses the OAuth2 device code flow to authenticate against the Azure DevOps artifact private registry.
Uses the OAuth2 device code flow to authenticate against the Azure DevOps artifact private registry.
Hi, thanks for this great tool!
It would be great if this would also support alternative package managers like PNPM even when NPM is not installed. Currently this does not work, when executing the preinstall script the following output appears:
'npm' is not recognized as an internal or external command,
operable program or batch file.
child_process.js:655
throw err;
^
Error: Command failed: npm config get userconfig
operable program or batch file.
The documentation says:
If you want to use your own Azure Active Directory application, it's possible to specify the client_id and tenant_id arguments
. . .
When creating your own Azure Active Directory application, under the authentication section, you need the configure it to be a public application
But it doesn't explain the details:
This GitHub repo seems to only contain code for the CLI tool.
Using this library together with npm preinstall
script is a great experience when developing locally. Especially when new developers are added to a project.
But when running in CI environment this setup means that npm install
will never complete since it is waiting for the login to be completed by the user.
What we need is a way to skip authentication in CI environments (at leas as part of the preinstall
. This would allow great developer experience locally while not breaking CI environments.
Hi,
I'm using azure-devops-npm-auth to access my organisation's private NPM feed and I have a weird behaviour which is: from time to time it's possible to generate a token (go to the browser, paste code), and, when it works I can generate several times (deleting the .npmrc) and then suddenly starts to throw timeouts as shown on the image bellow
When I get timeouts, if I comment the code that throws the timeout on the timed-out.js (got module) it works again!:
Can you help?
Is possibile to use this library to authenticate a Service Principal with client_id and client_secret? I'm looking for a solution to authenticate a CI/CD service without a personal access token.
Would be possible to add custom config path to cli?
I downloaded your npm module globally and tried to run it. It doesn't appear to work right now as I got
(node:25238) UnhandledPromiseRejectionWarning: TypeError: Cannot set property device_authorization_endpoint of # which has only a getter
at Function.assign ()
at Function. (/usr/local/lib/node_modules/azure-devops-npm-auth/dist/authentication/mso-issuer.js:20:20)
at Generator.next ()
at fulfilled (/usr/local/lib/node_modules/azure-devops-npm-auth/dist/authentication/mso-issuer.js:5:58)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
(node:25238) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag --unhandled-rejections=strict
(see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:25238) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
We have npm preinstall scripts setup as described, but are running into the following 2 issues:
npm install
after token is no longer valid
preinstall
script is executed and token is retrievednpm install
Both problems can be fixed by manually running npm run preinstall
before executing npm install
, however:
Note:
Any ideas where the error might be?
Thank you so much for this awesome tool!
It would be great if this also supported Yarn v2!
Currently this works very well with Yarn v1, because Yarn v1 will read from a .npmrc
file.
But, this doesn't work with Yarn v2, because Yarn v2 does not support the .npmrc
file, it only supports the .yarnrc.yml
file.
I think this could be implemented in azure-devops-npm-auth
by doing the following:
.yarnrc.yml
file exists in the current directory (this would be an indication that the user is using Yarn v2)~/.yarnrc.yaml
instead of .npmrc
~/.yarnrc.yaml
file with something like:npmRegistries:
//registry.name.com:
npmAuthIdent: 'base64Encoded(vstsOrgName:vstsPersonalAccessToken)'
I'd be happy to contribute this, if this is something desired, with some pointers around the code, if possible!
Thank you!
I'm getting this error after to authenticate successfully. Also, I see that the .npmrc
file has the tokens there.
Done! You can now install packages from https://pkgs.dev.azure.com/xxx/xxx/_packaging/xxx/npm/registry/
npm ERR! code E401
npm ERR! Unable to authenticate, your authentication token seems to be invalid.
npm ERR! To correct this please trying logging in again with:
npm ERR! npm login
Do you know what the problem can be?
Thanks in advance!
I'm getting the same error that PR2 is meant to fix:
C:\Git\my-project\.npmrc
(node:4816) UnhandledPromiseRejectionWarning: Error: No private registry defined in project .npmrc or user defined .npmrc.
at getRegistry (C:\Git\my-project\node_modules\azure-devops-npm-auth\dist\index.js:73:15)
I'm using [email protected]
That suggests that this fix hasn't yet been published as a new version of this package
When using scoped registry the no private registry is found.
Sample .npmrc
:
@myscope:registry=someregistryurl
always-auth=true
Fails with:
(node:30304) UnhandledPromiseRejectionWarning: Error: No private registry defined in project .npmrc or user defined .npmrc.
at getRegistry (C:\git\ktit\node_modules\azure-devops-npm-auth\dist\index.js:73:15)
When removing the scope everything works just fine, so issue is in detection of the registry and not configuration or how the command is executed etc.
After update the command npx azure-devops-npm-auth --client_id='xxxxxxx' --tenant_id='xxxxxxxxx'
is not working.
Version Npm: 8.5.1
Error Console:
sh: azure-devops-npm-auth: command not found
error Command failed with exit code 127.
Version 1.0.13 using the same command works normally.
Hey,
see:
azure-devops-npm-auth/npm-config/index.ts
Lines 13 to 15 in 9c2fca4
It's fairly common (I think) to not prefix nested dotfiles with a dot
e.g. mine is at ~/.config/npm/npmrc
which causes this script to break as it tries to find the config file at ~/.config/npm/npmrc/.npmrc
Was just going to submit a PR but it might need a bit of thinking about so I'm raising a bug for now
Looking through the dependencies of the package.json I have found that the @types/mocha library is not placed in the devDependencies, which is causing our project to crash (since we use jest as per company policy.)
Solution would be to move @types/mocha to devDependencies instead of the regular depencies of the package.
I am trying to use azure-devops-npm-auth in a directory that does not contain a .npmrc file.
Requirement
The use case for this is to create a react app from a react template package that exists in a private registry. Example: npx create-react-app my-app --template @private-registry/cra-template-typescript
Issue
I am receiving the error below:
C:\Users\andrewfabrizi\source>azure-devops-npm-auth
C:\Users\andrewfabrizi\AppData\Roaming\npm\node_modules\azure-devops-npm-auth\dist\npm-config\ini-config.js:16
throw new Error(Configuration file at '${filePath}' doesn't exist.
);
^
Error: Configuration file at 'C:\Users\andrewfabrizi\source.npmrc' doesn't exist.
at new IniConfig (C:\Users\andrewfabrizi\AppData\Roaming\npm\node_modules\azure-devops-npm-auth\dist\npm-config\ini-config.js:16:23)
at new NpmConfig (C:\Users\andrewfabrizi\AppData\Roaming\npm\node_modules\azure-devops-npm-auth\dist\npm-config\index.js:15:9)
at new ProjectNpmConfig (C:\Users\andrewfabrizi\AppData\Roaming\npm\node_modules\azure-devops-npm-auth\dist\npm-config\index.js:51:9)
at Object. (C:\Users\andrewfabrizi\AppData\Roaming\npm\node_modules\azure-devops-npm-auth\dist\index.js:20:26)
at Module._compile (internal/modules/cjs/loader.js:1158:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1178:10)
at Module.load (internal/modules/cjs/loader.js:1002:32)
at Function.Module._load (internal/modules/cjs/loader.js:901:14)
at Module.require (internal/modules/cjs/loader.js:1044:19)
at require (internal/modules/cjs/helpers.js:77:18)
Workaround
If I create an empty .npmrc file in the current directory here: C:\Users\andrewfabrizi\source.npmrc, it works and adds the tokens to the user config .npmrc here: C:\Users\andrewfabrizi.npmrc.
Solution
Can you remove the need for the empty .npmrc file in the project directory? If it doesn't exist, it can then fallback to the user config as npm does with it's commands.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.