From 6ed943303ce7a267ddb26aa25caa035f832895dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kat=20March=C3=A1n?= Date: Wed, 29 Aug 2018 13:31:58 -0700 Subject: [PATCH] login: stop using npm-registry-client for SSO auth --- lib/auth/legacy.js | 2 +- lib/auth/sso.js | 103 ++++++++++++++++++++++++++------------------- lib/profile.js | 2 +- lib/token.js | 2 +- 4 files changed, 63 insertions(+), 46 deletions(-) diff --git a/lib/auth/legacy.js b/lib/auth/legacy.js index 909933670ee5f..7ad678be5e5c1 100644 --- a/lib/auth/legacy.js +++ b/lib/auth/legacy.js @@ -1,7 +1,7 @@ 'use strict' const read = require('../utils/read-user-info.js') -const profile = require('npm-profile') +const profile = require('libnpm/profile') const log = require('npmlog') const figgyPudding = require('figgy-pudding') const npmConfig = require('../config/figgy-config.js') diff --git a/lib/auth/sso.js b/lib/auth/sso.js index 519ca8496c74c..099e764e3ab40 100644 --- a/lib/auth/sso.js +++ b/lib/auth/sso.js @@ -1,56 +1,73 @@ -var log = require('npmlog') -var npm = require('../npm.js') -var output = require('../utils/output') -var openUrl = require('../utils/open-url') +'use strict' + +const BB = require('bluebird') + +const figgyPudding = require('figgy-pudding') +const log = require('npmlog') +const npmConfig = require('../config/figgy-config.js') +const npmFetch = require('npm-registry-fetch') +const output = require('../utils/output.js') +const openUrl = BB.promisify(require('../utils/open-url.js')) +const otplease = require('../utils/otplease.js') +const profile = require('libnpm/profile') + +const SsoOpts = figgyPudding({ + ssoType: 'sso-type', + 'sso-type': {}, + ssoPollFrequency: 'sso-poll-frequency', + 'sso-poll-frequency': {} +}) module.exports.login = function login (creds, registry, scope, cb) { - var ssoType = npm.config.get('sso-type') + const opts = SsoOpts(npmConfig()).concat({creds, registry, scope}) + const ssoType = opts.ssoType if (!ssoType) { return cb(new Error('Missing option: sso-type')) } - var params = { - // We're reusing the legacy login endpoint, so we need some dummy - // stuff here to pass validation. They're never used. - auth: { - username: 'npm_' + ssoType + '_auth_dummy_user', - password: 'placeholder', - email: 'support@npmjs.com', - authType: ssoType - } + // We're reusing the legacy login endpoint, so we need some dummy + // stuff here to pass validation. They're never used. + const auth = { + username: 'npm_' + ssoType + '_auth_dummy_user', + password: 'placeholder', + email: 'support@npmjs.com', + authType: ssoType } - npm.registry.adduser(registry, params, function (er, doc) { - if (er) return cb(er) - if (!doc || !doc.token) return cb(new Error('no SSO token returned')) - if (!doc.sso) return cb(new Error('no SSO URL returned by services')) - - openUrl(doc.sso, 'to complete your login please visit', function () { - pollForSession(registry, doc.token, function (err, username) { - if (err) return cb(err) - log.info('adduser', 'Authorized user %s', username) - var scopeMessage = scope ? ' to scope ' + scope : '' - output('Logged in as %s%s on %s.', username, scopeMessage, registry) - - cb(null, { token: doc.token }) - }) + otplease(opts, + opts => profile.loginCouch(auth.username, auth.password, opts) + ).then(({token, sso}) => { + if (!token) { throw new Error('no SSO token returned') } + if (!sso) { throw new Error('no SSO URL returned by services') } + return openUrl(sso, 'to complete your login please visit').then(() => { + return pollForSession(registry, token, opts) + }).then(username => { + log.info('adduser', 'Authorized user %s', username) + var scopeMessage = scope ? ' to scope ' + scope : '' + output('Logged in as %s%s on %s.', username, scopeMessage, registry) + return {token} }) - }) + }).nodeify(cb) } -function pollForSession (registry, token, cb) { +function pollForSession (registry, token, opts) { log.info('adduser', 'Polling for validated SSO session') - npm.registry.whoami(registry, { - auth: { - token: token - } - }, function (er, username) { - if (er && er.statusCode !== 401) { - cb(er) - } else if (!username) { - setTimeout(function () { - pollForSession(registry, token, cb) - }, npm.config.get('sso-poll-frequency')) - } else { - cb(null, username) + return npmFetch.json( + '/-/whoami', opts.concat({registry, forceAuth: {token}}) + ).then( + ({username}) => username, + err => { + if (err.code === 'E401') { + return sleep(opts['sso-poll-frequency']).then(() => { + return pollForSession(registry, token, opts) + }) + } else { + throw err + } } + ) +} + +function sleep (time) { + return new BB((resolve) => { + setTimeout(resolve, time) }) } diff --git a/lib/profile.js b/lib/profile.js index ff01db90f722f..d821973a07763 100644 --- a/lib/profile.js +++ b/lib/profile.js @@ -1,5 +1,5 @@ 'use strict' -const profile = require('npm-profile') +const profile = require('libnpm/profile') const npm = require('./npm.js') const log = require('npmlog') const output = require('./utils/output.js') diff --git a/lib/token.js b/lib/token.js index d442d37eb806b..cccbba2f9ad75 100644 --- a/lib/token.js +++ b/lib/token.js @@ -1,5 +1,5 @@ 'use strict' -const profile = require('npm-profile') +const profile = require('libnpm/profile') const npm = require('./npm.js') const output = require('./utils/output.js') const Table = require('cli-table3')