I am trying to create an authenticated token with npm login to use in my ci/cd environment. I read in this article that in order to get past the ENEEDAUTH error I need to log in to npm with the access token and use the auth token generated from that in ci so that publishing to npm will work. However, authentication fails when attempting to use the generated access token for the password in npm login/adduser
I created the access token, ran npm login and got a 401 response, invalid password. I've typed, pasted and then tried using the npm-cli-login package to make sure the credentials were passed correctly. Is it not possible to log in with the access token as the password?
I've also tried deleting the package-lock.json (mentioned in other stackoverflow questions about similar problems)
I'm using:
node v18.13 lts
npm v8.19.2
Related
What I want to achieve:
I want to create private/local npm package repository using couchdb. It should allow me and other users to first, set registry
-npm set registry http://localhost:5984/registry and then to be able to make npm login and npm adduser or at least to login with predefined user.
Problem:
I'm not able to make npm login or npm adduser so that user is registered and allowed to publish/install packages. If I create the user in the _users database and give him permission to a registry database, npm login / npm adduser will fail with 401 Unauthorized - PUT http://localhost:5984/registry/-/user/org.couchdb.user:npm - unauthorized , same will happen if I dont create user first and try to create one with npm adduser.
What am I missing? How can I make that npm login / npm adduser work with my couchdb registry database?
NOTE: I am aware of some other solutions like verdaccio, but I do not want to use it.
What I managed to do:
I created couchdb with private-registry database, it is accessible via browser or simple curl requests. It works if I make my own _auth encoding. Basically this:
echo -n "username:password" | base64. And then update my .npmrc file with something like this:
//localhost:5984/registry/:_auth="dGVzdDp0ZXN0". After that I can normally publish/install packages to/from my local registry. But this is not solution I like because it requires some extra manual steps to update .npmrc.
versions:
npm: 9.5.0
couchdb:latest, 3, 3.3, 3.3.1
I'm currently getting this error when trying to install (any) NPM package:
npm ERR! errno UNABLE_TO_GET_ISSUER_CERT_LOCALLY
npm ERR! request to https://registry.npmjs.org/gulp-cli failed, reason: unable to get local issuer certificate
I'm trying to wrap my head around what exactly NPM is doing - it seems that it's performing some form of mutual TLS where I need to present a client certificate to whatever servers. And from the error, it seems that my certificate is being rejected. I'm not using a VPN and my organisation uses a proxy but it works perfectly for everyone else - I'm the only one being affected. My next thought is to have a look at the certificate being presented but I don't know where this certificate is stored on my computer. How do I determine and find which certificate is being used?
When checking my npm config, the values for ca and cert are null - should these be referencing my certificate info, and if so, are these supposed to be null by default?
I am working in RStudio and I cloned a project lately (using my personal access token, with read_repository and write_repository permissions).
When I want to push my changes to the gitlab repository, I get an error:
remote: HTTP Basic: Access denied
remote: You must use a personal access token with 'read_repository' or 'write_repository' scope for Git over HTTP.
remote: You can generate one at https://test.com/-/profile/personal_access_tokens
fatal: Authentication failed for 'https://test.com/test/test.git/'
Why is the private token not woking anymore? I did not change anything.
My notebook uses MacOS, and already set up http(s) proxy inside the Network Preferences, but always failed to install any packages when running npm install in the terminal, it popped up the error 407 Proxy Authentication Required.
So I installed the cntlm and applied the correct configuration.
Below is the test and it seems pass (return HTTP Code 200):
cntlm -c /usr/local/etc/cntlm.conf -I -M http://registry.npmjs.org/vue
Password:
Config profile 1/4... OK (HTTP code: 200)
----------------------------[ Profile 0 ]------
Auth NTLMv2
PassNTLMv2 28B089518C6573274C6B9D83D0XXXXXX
When I ran npm i vue-cli -g, cntlm did receive the request as below:
cntlm -c /usr/local/etc/cntlm.conf -f
Oct 15 15:12:29 cntlm[17646] <Info>: Cntlm ready, staying in the foreground
Oct 15 15:12:38 cntlm[17646] <Info>: Using proxy company-proxy:80
Oct 15 15:12:38 cntlm[17646] <Debug>: 127.0.0.1 GET http://registry.npmjs.org/nexe
But nodejs threw out below exceptions:
npm i vue-cli -g
npm ERR! code E407
npm ERR! 407 Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied. ): vue-cli#latest
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/****/.npm/_logs/2018-10-15T23_13_47_019Z-debug.log
It confused me: because the test is PASS, but why the cntlm still failed to connect to npmjs.org?
Finally find out the solution:
don't use plain text password ( add one # at the beginning of the Password line, like change Password XXX to #Password XXX)
use PassLM, PassNT, PassNTLMv2 instead (it seems hash values will prevent from auth handshake mechanism again, which should mean you are on behalf of the applications with logged in Windows user account).
The default cntlm configuration file already introduces the steps how to generate them.
My steps are as below:
execute cntlm -H -d your_domain -u your_username
then it prompts password, fill in your password then hit Enter:
The output will be like below:
Password:
PassLM F5314AF8A2DB16BDB7EE9FA6CFC5BC9A
PassNT 4EC02E0D65F8F0C1A9386C69CB6A2555
PassNTLMv2 28B089518C6573274C6B9D83D0EB8651
paste above hash values to the relevant fields in the configuration file.
save then restart cntlm, it works.
I have a GitLab domain, project and repo. This project is accessible via a group I am apart of.
I would like for this to be downloaded via npm install in the following ways:
Local computer
GitLab CI job
Inside of a Docker container
I'm guessing the easiest way of doing this is to just make it public. Is there a way to fix this so it is secure. I can imagine that it must be done with keys.
In my package.json under dependencies I currently have this, but it gives a 401 error of course:
"my-module": "my-domain.com:my-project/my-repo#my-branch",
I do not want hardcoded tokens in the package.json file, if it can be avoided.
You can use SSH keys to access your repository. Add ssh keys to GitLab server and define url to your repsitory in following form:
git+ssh://git#git.mydomain.com:Username/Repository#{branch|tag}
or
git+ssh://git#git.mydomain.com/Username/Repository#{branch|tag}
In your package.json it will be something like this "my-module": "git+ssh://git#my-domain.com:my-project/my-repo#my-branch"
If your ssh key is password protected, then npm will ask for password.