eyalbe4
commented
8 years ago Sure thing. Thank you for this @mithun! Will review this soon.
Closed mithun closed 8 years ago
eyalbe4
commented
8 years ago Sure thing. Thank you for this @mithun! Will review this soon.
mithun
commented
8 years ago Is it possible to use API keys instead of username:encryptedpassword in the registry URL?
eyalbe4
commented
8 years ago Hi @mithun, Currently API keys are not supported, but we would like to support this in the future. I looked at your PR, and the code you added indeed removes the authentication information from the Artifactory URL used for the log print, but please note that the URL cleanup does not apply for all scenarios. For example, if your Artifactory instance is not accessible (try to configure the wrong port for example), you'll still see the URL as is in the error message. This is because that error print is not part of the resolver code. Please let me know what you think.
mithun
commented
8 years ago @eyalbe4 I agree this will not apply to errors outside of bower-art-resolver (e.g., request can error out directly).
Ideally, I think credentials (user/password OR API key) should be stored in the .bowerrc in a bower-art-resolver specific configuration tree and not part of the URL. bower-art-resolver should construct an appropriate request using those configurations.
eyalbe4
commented
8 years ago @mithun, since the authentication details removal is not complete (as discussed above), I suggest we don't add this code for now. Maybe authentication details for resolver is something that should be supported by the .bowerrc specification. With your permission, I'll close this issue.
mithun
commented
8 years ago @eyalbe4 sounds good.
@eyalbe4 can you please review this?