Open kaiyoma opened 4 months ago
iclanton
commented
3 months ago Which .npmrc file are you sticking the credentials in? I'm not particularly familiar with how Artifactory's authentication works, there may be quirks in how it expects credentials.
Can you try setting the credentials as an environment variable, referenced in the common/config/rush/.npmrc or common/config/rush/.npmrc-publish file?
kaiyoma
commented
3 months ago The credentials were already in common/config/rush/.npmrc. I tried copying them to common/config/rush/.npmrc-publish but that didn't help.
As a workaround, I ended up writing a small tool that simulates what rush-pnpm does: it iterates over the directories of packages, copies common/config/rush/.npmrc into each one, then runs npm publish inside the package directory. This works correctly, so it's our solution for now. But isn't this basically what rush-pnpm should be doing?
kaiyoma
commented
1 month ago I'm still running into this, even with our old reliable Verdaccio registry. I'm authenticated:
$ npm whoami
jenkinsAnd when I copy my auth token from ~/.npmrc to common/config/rush/.npmrc and then try to publish, it says I'm not authenticated:
npm ERR! code E401
npm ERR! Unable to authenticate, your authentication token seems to be invalid.
npm ERR! To correct this please try logging in again with:
npm ERR! npm loginThese are the messages in npm's logfile:
40 notice Publishing to (redacted) with tag latest and default access
41 http fetch PUT 401 (redacted) 204ms
42 timing command:publish Completed in 655ms
43 verbose stack HttpErrorAuthUnknown: Unable to authenticate, need: Basic, Bearer
43 verbose stack at ...\nvm\v20.11.1\node_modules\npm\node_modules\npm-registry-fetch\lib\check-response.js:80:17
43 verbose stack at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
43 verbose stack at async publish (...\nvm\v20.11.1\node_modules\npm\node_modules\libnpmpublish\lib\publish.js:53:15)
43 verbose stack at async otplease (...\nvm\v20.11.1\node_modules\npm\lib\utils\otplease.js:4:12)
43 verbose stack at async Publish.exec (...\nvm\v20.11.1\node_modules\npm\lib\commands\publish.js:126:7)
43 verbose stack at async module.exports (...\nvm\v20.11.1\node_modules\npm\lib\cli-entry.js:61:5)
44 verbose statusCode 401
45 verbose pkgid (redacted)
46 verbose cwd C:\Users\kgetz\AppData\Local\Temp\d081be8290c6f9f5d6c4b2e60fa4a3fc
47 verbose Windows_NT 10.0.22631
48 verbose node v20.11.1
49 verbose npm v10.5.0
50 error code E401
51 error Unable to authenticate, your authentication token seems to be invalid.
52 error To correct this please try logging in again with:
52 error npm login
53 verbose exit 1What does HttpErrorAuthUnknown: Unable to authenticate, need: Basic, Bearer mean?
iclanton
commented
1 month ago From that error message, it sounds like the token that you're using isn't correct. Specifically this line:
51 error Unable to authenticate, your authentication token seems to be invalid.
I suspect the HttpErrorAuthUnknown: Unable to authenticate, need: Basic, Bearer error is saying that the server is expecting bearer or basic auth. What format is your token in?
kaiyoma
commented
1 month ago What format is your token in?
How do I figure this out? I have a token in my ~/.npmrc after authenticating with npm login and it looks like this:
$ cat ~/.npmrc
//(internal server name)/:_authToken=(base-64 encoded string)I'll also mention that this command is showing that my auth token is valid:
$ rush-pnpm --rush-skip-checks whoami
jenkinsEdit: never mind, this command just seems to be repeating what npm whoami does. I'm not convinced it's working properly.
iclanton
commented
1 month ago You can try changing the format to //(internal server name)/:_authToken=Bearer (base-64 encoded string).
This doesn't seem like specifically a Rush issue at this point - I'm pretty sure Artifactory just doesn't like the token that you're giving it.
kaiyoma
commented
1 month ago You can try changing the format to
//(internal server name)/:_authToken=Bearer (base-64 encoded string).This doesn't seem like specifically a Rush issue at this point - I'm pretty sure Artifactory just doesn't like the token that you're giving it.
I'm actually back to using Verdaccio, our old registry, and still having issues, so its not an Artifactory problem. I tried adding Bearer but it doesn't work either.
kaiyoma
commented
1 month ago This is basically what I'm seeing (output has been abridged to be easier to follow):
$ rush-pnpm logout
$ rush-pnpm whoami
npm ERR! code ENEEDAUTH
npm ERR! need auth This command requires you to be logged in.
npm ERR! need auth You need to authorize this machine using `npm adduser`
$ rush-pnpm login
npm notice Log in on (redacted)
Username: jenkins
Password: Logged in on (redacted)
$ rush-pnpm whoami
jenkins
$ rush-pnpm publish --no-git-checks -r
npm notice Publishing to (redacted) with tag latest and default access
npm ERR! code E401
npm ERR! Unable to authenticate, your authentication token seems to be invalid.
npm ERR! To correct this please try logging in again with:
npm ERR! npm loginThe Verdaccio documentation (https://verdaccio.org/docs/authentication/) mentions that authentication is controlled by which authentication plugin you're using. Which plugin are you using?
kaiyoma
commented
1 month ago I believe we're using verdaccio-ldap though we're also investigating a move to AD.
Summary
I'm trying to publish monorepo packages to an Artifactory npm registry, but no matter what I try, I get an error about being unauthenticated, even though I'm already authenticated.
Repro steps
Details
It doesn't matter if I use
npm loginand specify the username/password on the command line, or if I store the auth token inside.npmrc. Same result either way.Standard questions
Please answer these questions to help us investigate your issue more quickly:
@microsoft/rushglobally installed version?rushVersionfrom rush.json?node -v)?