bot/node_modules/npm/lib/auth/sso.js

// XXX: To date, npm Enterprise Legacy is the only system that ever
// implemented support for this type of login.  A better way to do
// SSO is to use the WebLogin type of login supported by the npm-login
// module.  This more forward-looking login style is, ironically,
// supported by the '--auth-type=legacy' type of login.
// When and if npm Enterprise Legacy is no longer supported by the npm
// CLI, we can remove this, and fold the lib/auth/legacy.js back into
// lib/adduser.js

const profile = require('npm-profile')
const npmFetch = require('npm-registry-fetch')
const log = require('../utils/log-shim')
const openUrl = require('../utils/open-url.js')
const otplease = require('../utils/otplease.js')

const pollForSession = ({ registry, token, opts }) => {
  log.info('adduser', 'Polling for validated SSO session')
  return npmFetch.json(
    '/-/whoami', { ...opts, registry, forceAuth: { token } }
  ).then(
    ({ username }) => username,
    err => {
      if (err.code === 'E401') {
        return sleep(opts.ssoPollFrequency).then(() => {
          return pollForSession({ registry, token, opts })
        })
      } else {
        throw err
      }
    }
  )
}

function sleep (time) {
  return new Promise((resolve) => setTimeout(resolve, time))
}

const login = async (npm, { creds, registry, scope }) => {
  log.warn('deprecated', 'SSO --auth-type is deprecated')

  const opts = { ...npm.flatOptions, creds, registry, scope }
  const { ssoType } = opts

  if (!ssoType) {
    throw new Error('Missing option: sso-type')
  }

  // We're reusing the legacy login endpoint, so we need some dummy
  // stuff here to pass validation. They're never used.
  const auth = {
    username: 'npm_' + ssoType + '_auth_dummy_user',
    password: 'placeholder',
    email: 'support@npmjs.com',
    authType: ssoType,
  }

  const { token, sso } = await otplease(opts,
    opts => profile.loginCouch(auth.username, auth.password, opts)
  )

  if (!token) {
    throw new Error('no SSO token returned')
  }
  if (!sso) {
    throw new Error('no SSO URL returned by services')
  }

  await openUrl(npm, sso, 'to complete your login please visit')

  const username = await pollForSession({ registry, token, opts })

  log.info('adduser', `Authorized user ${username}`)

  const scopeMessage = scope ? ' to scope ' + scope : ''
  const message = `Logged in as ${username}${scopeMessage} on ${registry}.`

  return {
    message,
    newCreds: { token },
  }
}

module.exports = login
Starting bot dev 2022-02-16 11:32:42 +01:00			`// XXX: To date, npm Enterprise Legacy is the only system that ever`
			`// implemented support for this type of login. A better way to do`
			`// SSO is to use the WebLogin type of login supported by the npm-login`
			`// module. This more forward-looking login style is, ironically,`
			`// supported by the '--auth-type=legacy' type of login.`
			`// When and if npm Enterprise Legacy is no longer supported by the npm`
			`// CLI, we can remove this, and fold the lib/auth/legacy.js back into`
			`// lib/adduser.js`

			`const profile = require('npm-profile')`
			`const npmFetch = require('npm-registry-fetch')`
			`const log = require('../utils/log-shim')`
			`const openUrl = require('../utils/open-url.js')`
			`const otplease = require('../utils/otplease.js')`

			`const pollForSession = ({ registry, token, opts }) => {`
			`log.info('adduser', 'Polling for validated SSO session')`
			`return npmFetch.json(`
			`'/-/whoami', { ...opts, registry, forceAuth: { token } }`
			`).then(`
			`({ username }) => username,`
			`err => {`
			`if (err.code === 'E401') {`
			`return sleep(opts.ssoPollFrequency).then(() => {`
			`return pollForSession({ registry, token, opts })`
			`})`
			`} else {`
			`throw err`
			`}`
			`}`
			`)`
			`}`

			`function sleep (time) {`
			`return new Promise((resolve) => setTimeout(resolve, time))`
			`}`

			`const login = async (npm, { creds, registry, scope }) => {`
			`log.warn('deprecated', 'SSO --auth-type is deprecated')`

			`const opts = { ...npm.flatOptions, creds, registry, scope }`
			`const { ssoType } = opts`

			`if (!ssoType) {`
			`throw new Error('Missing option: sso-type')`
			`}`

			`// We're reusing the legacy login endpoint, so we need some dummy`
			`// stuff here to pass validation. They're never used.`
			`const auth = {`
			`username: 'npm_' + ssoType + '_auth_dummy_user',`
			`password: 'placeholder',`
			`email: 'support@npmjs.com',`
			`authType: ssoType,`
			`}`

			`const { token, sso } = await otplease(opts,`
			`opts => profile.loginCouch(auth.username, auth.password, opts)`
			`)`

			`if (!token) {`
			`throw new Error('no SSO token returned')`
			`}`
			`if (!sso) {`
			`throw new Error('no SSO URL returned by services')`
			`}`

			`await openUrl(npm, sso, 'to complete your login please visit')`

			`const username = await pollForSession({ registry, token, opts })`

			log.info('adduser', `Authorized user ${username}`)

			`const scopeMessage = scope ? ' to scope ' + scope : ''`
			const message = `Logged in as ${username}${scopeMessage} on ${registry}.`

			`return {`
			`message,`
			`newCreds: { token },`
			`}`
			`}`

			`module.exports = login`