summaryrefslogtreecommitdiff
path: root/cli/tools/registry/auth.rs
diff options
context:
space:
mode:
Diffstat (limited to 'cli/tools/registry/auth.rs')
-rw-r--r--cli/tools/registry/auth.rs51
1 files changed, 51 insertions, 0 deletions
diff --git a/cli/tools/registry/auth.rs b/cli/tools/registry/auth.rs
new file mode 100644
index 000000000..df0f849db
--- /dev/null
+++ b/cli/tools/registry/auth.rs
@@ -0,0 +1,51 @@
+// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
+
+use std::io::IsTerminal;
+
+use deno_core::anyhow;
+use deno_core::anyhow::bail;
+use deno_core::error::AnyError;
+
+pub enum AuthMethod {
+ Interactive,
+ Token(String),
+ Oidc(OidcConfig),
+}
+
+pub struct OidcConfig {
+ pub url: String,
+ pub token: String,
+}
+
+fn get_gh_oidc_env_vars() -> Option<Result<(String, String), AnyError>> {
+ if std::env::var("GITHUB_ACTIONS").unwrap_or_default() == "true" {
+ let url = std::env::var("ACTIONS_ID_TOKEN_REQUEST_URL");
+ let token = std::env::var("ACTIONS_ID_TOKEN_REQUEST_TOKEN");
+ match (url, token) {
+ (Ok(url), Ok(token)) => Some(Ok((url, token))),
+ (Err(_), Err(_)) => Some(Err(anyhow::anyhow!(
+ "No means to authenticate. Pass a token to `--token`, or enable tokenless publishing from GitHub Actions using OIDC. Learn more at https://deno.co/ghoidc"
+ ))),
+ _ => None,
+ }
+ } else {
+ None
+ }
+}
+
+pub fn get_auth_method(
+ maybe_token: Option<String>,
+) -> Result<AuthMethod, AnyError> {
+ if let Some(token) = maybe_token {
+ return Ok(AuthMethod::Token(token));
+ }
+
+ match get_gh_oidc_env_vars() {
+ Some(Ok((url, token))) => Ok(AuthMethod::Oidc(OidcConfig { url, token })),
+ Some(Err(err)) => Err(err),
+ None if std::io::stdin().is_terminal() => Ok(AuthMethod::Interactive),
+ None => {
+ bail!("No means to authenticate. Pass a token to `--token`.")
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-27 16:04:54 +0000