From 533a9b108677f1560fe55882771a0be2bb0b0fd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9E=97=E7=82=B3=E6=9D=83?= <695601626@qq.com> Date: Wed, 16 Oct 2024 00:10:07 +0800 Subject: chore: upgrade to rust 1.81.0 (#26261) --- cli/npm/common.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'cli/npm/common.rs') diff --git a/cli/npm/common.rs b/cli/npm/common.rs index a3a828e74..de282310a 100644 --- a/cli/npm/common.rs +++ b/cli/npm/common.rs @@ -40,7 +40,7 @@ pub fn maybe_auth_header_for_npm_registry( header::AUTHORIZATION, header::HeaderValue::from_str(&format!( "Basic {}", - BASE64_STANDARD.encode(&format!( + BASE64_STANDARD.encode(format!( "{}:{}", username.unwrap(), password.unwrap() -- cgit v1.2.3 From 5389972ba5037b1ed48da11506f6798deec2b48e Mon Sep 17 00:00:00 2001 From: Marvin Hagemeister Date: Mon, 28 Oct 2024 12:08:51 +0100 Subject: fix(npm): match npm bearer token generation (#26544) Spend some time stepping through the npm client code and noticed that the bearer token was different from ours. They do some double encoding and @dsherret helped me in matching the encoding behavior. Fixes https://github.com/denoland/deno/issues/26033 --- cli/npm/common.rs | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) (limited to 'cli/npm/common.rs') diff --git a/cli/npm/common.rs b/cli/npm/common.rs index de282310a..55f1bc086 100644 --- a/cli/npm/common.rs +++ b/cli/npm/common.rs @@ -3,6 +3,7 @@ use base64::prelude::BASE64_STANDARD; use base64::Engine; use deno_core::anyhow::bail; +use deno_core::anyhow::Context; use deno_core::error::AnyError; use deno_npm::npm_rc::RegistryConfig; use http::header; @@ -36,17 +37,21 @@ pub fn maybe_auth_header_for_npm_registry( } if username.is_some() && password.is_some() { + // The npm client does some double encoding when generating the + // bearer token value, see + // https://github.com/npm/cli/blob/780afc50e3a345feb1871a28e33fa48235bc3bd5/workspaces/config/lib/index.js#L846-L851 + let pw_base64 = BASE64_STANDARD + .decode(password.unwrap()) + .with_context(|| "The password in npmrc is an invalid base64 string")?; + let bearer = BASE64_STANDARD.encode(format!( + "{}:{}", + username.unwrap(), + String::from_utf8_lossy(&pw_base64) + )); + return Ok(Some(( header::AUTHORIZATION, - header::HeaderValue::from_str(&format!( - "Basic {}", - BASE64_STANDARD.encode(format!( - "{}:{}", - username.unwrap(), - password.unwrap() - )) - )) - .unwrap(), + header::HeaderValue::from_str(&format!("Basic {}", bearer)).unwrap(), ))); } -- cgit v1.2.3