search

eirslett / frontend-maven-plugin

"Maven-node-grunt-gulp-npm-node-plugin to end all maven-node-grunt-gulp-npm-plugins." A Maven plugin that downloads/installs Node and NPM locally, runs NPM install, Grunt, Gulp and/or Karma.
Apache License 2.0
4.21k stars 867 forks source link

Allow Authentication via Http Header #1042

Open MichaelCkr opened 2 years ago

MichaelCkr commented 2 years ago

Do you want to request a feature or report a bug?

Feature

What is the current behavior?

Authentication for downloading npm and node (goal install-node-and-npm) is only possible via username and password. In a CI pipeline one may usually use a token, which needs a authentication via an http header.

See coding in com.github.eirslett.maven.plugins.frontend.lib.DefaultFileDownloader#execute.

What is the expected behavior?

I'd like to use kind of following server configuration in my maven settings

<server>
   <id>gitlab</id>
   <configuration>
      <httpHeaders>
         <property>
            <name>Job-Token</name>
            <value>${env.CI_JOB_TOKEN}</value>
         </property>
      </httpHeaders>
   </configuration>
</server>

with the server id configured in the plugin configuration.

E.g. gitlab added the opportunity to use the CI_JOB_TOKEN for authentication with an http header, see issue 30650 here. Using a token like this, allow to drop any configured token, because it is created for every pipeline individually. Using a job token with a username und password authentication unfortunately is not possible.

Please mention your frontend-maven-plugin and operating system version.

aixigo-soffermann commented 4 months ago

Are there any plans on fixing this?