Skip to content

Commit

Permalink
feat: warn on config --auth-type=sso/saml/oauth, undeprecate --auth-type
Browse files Browse the repository at this point in the history
  • Loading branch information
fritzy committed Jul 12, 2022
1 parent 3fb6fb9 commit d0cef40
Show file tree
Hide file tree
Showing 7 changed files with 78 additions and 35 deletions.
7 changes: 4 additions & 3 deletions docs/content/commands/npm-adduser.md
Original file line number Diff line number Diff line change
Expand Up @@ -94,10 +94,11 @@ npm init --scope=@foo --yes

* Default: "legacy"
* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
a future version of npm in favor of web-based login.

What authentication strategy to use with `adduser`/`login`.
DEPRECATED: values "sso", "saml", and "oauth" will be removed in a future
version.

What authentication strategy to use with `login`.

Pass `webauthn` to use a web-based login.

Expand Down
29 changes: 15 additions & 14 deletions docs/content/using-npm/config.md
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,21 @@ exit code.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->

#### `auth-type`

* Default: "legacy"
* Type: "legacy", "webauthn", "sso", "saml", or "oauth"

DEPRECATED: values "sso", "saml", and "oauth" will be removed in a future
version.

What authentication strategy to use with `login`.

Pass `webauthn` to use a web-based login.

<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->

#### `before`

* Default: null
Expand Down Expand Up @@ -1905,20 +1920,6 @@ When set to `dev` or `development`, this is an alias for `--include=dev`.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->

#### `auth-type`

* Default: "legacy"
* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
a future version of npm in favor of web-based login.

What authentication strategy to use with `adduser`/`login`.

Pass `webauthn` to use a web-based login.

<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->

#### `cache-max`

* Default: Infinity
Expand Down
15 changes: 14 additions & 1 deletion lib/utils/config/definitions.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ module.exports = definitions

const Definition = require('./definition.js')

const log = require('../log-shim')
const { version: npmVersion } = require('../../../package.json')
const ciDetect = require('@npmcli/ci-detect')
const ciName = ciDetect()
Expand Down Expand Up @@ -239,12 +240,24 @@ define('audit-level', {
define('auth-type', {
default: 'legacy',
type: ['legacy', 'webauthn', 'sso', 'saml', 'oauth'],
// deprecation in description rather than field, because not every value
// is deprecated
description: `
DEPRECATED: values "sso", "saml", and "oauth" will be removed in a future version.
What authentication strategy to use with \`login\`.
Pass \`webauthn\` to use a web-based login.
`,
flatten,
flatten (key, obj, flatOptions) {
flatOptions.authType = obj[key]
if (obj[key] === 'sso') {
// no need to deprecate saml/oauth here, as sso-type will be set by these in
// lib/auth/ and is deprecated already
log.warn('config',
`auth-type=sso is deprecated and will be removed in a future version.`)
}
},
})

define('before', {
Expand Down
17 changes: 17 additions & 0 deletions tap-snapshots/test/lib/commands/adduser.js.test.cjs
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
/* IMPORTANT
* This snapshot file is auto-generated, but designed for humans.
* It should be checked into source control and tracked carefully.
* Re-generate by setting TAP_SNAPSHOT=1 and running tests.
* Make sure to inspect the output below. Do not ignore changes!
*/
'use strict'
exports[`test/lib/commands/adduser.js TAP auth-type sso warning > warning 1`] = `
Object {
"warn": Array [
Array [
"config",
"auth-type=sso is deprecated and will be removed in a future version.",
],
],
}
`
7 changes: 4 additions & 3 deletions tap-snapshots/test/lib/utils/config/definitions.js.test.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -254,10 +254,11 @@ exports[`test/lib/utils/config/definitions.js TAP > config description for auth-
* Default: "legacy"
* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
a future version of npm in favor of web-based login.
What authentication strategy to use with \`adduser\`/\`login\`.
DEPRECATED: values "sso", "saml", and "oauth" will be removed in a future
version.
What authentication strategy to use with \`login\`.
Pass \`webauthn\` to use a web-based login.
`
Expand Down
29 changes: 15 additions & 14 deletions tap-snapshots/test/lib/utils/config/describe-all.js.test.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,21 @@ exit code.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### \`auth-type\`
* Default: "legacy"
* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
DEPRECATED: values "sso", "saml", and "oauth" will be removed in a future
version.
What authentication strategy to use with \`login\`.
Pass \`webauthn\` to use a web-based login.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### \`before\`
* Default: null
Expand Down Expand Up @@ -1778,20 +1793,6 @@ When set to \`dev\` or \`development\`, this is an alias for \`--include=dev\`.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### \`auth-type\`
* Default: "legacy"
* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
a future version of npm in favor of web-based login.
What authentication strategy to use with \`adduser\`/\`login\`.
Pass \`webauthn\` to use a web-based login.
<!-- automatically generated, do not edit manually -->
<!-- see lib/utils/config/definitions.js -->
#### \`cache-max\`
* Default: Infinity
Expand Down
9 changes: 9 additions & 0 deletions test/lib/commands/adduser.js
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,15 @@ t.test('bad auth type', async t => {
})
})

t.test('auth-type sso warning', async t => {
const { logs } = await loadMockNpm(t, {
config: {
'auth-type': 'sso',
},
})
t.matchSnapshot({ warn: logs.warn }, 'warning')
})

t.test('scoped login', async t => {
const stdin = new stream.PassThrough()
stdin.write('test-user\n')
Expand Down

0 comments on commit d0cef40

Please sign in to comment.