chasing down errant uses of old auth, part 1

4 files changed, 62 insertions, 33 deletions

diff --git a/lib/adduser.js b/lib/adduser.js
index 23c073ae7..7e933ea7d 100644
--- a/lib/adduser.js
+++ b/lib/adduser.js
@@ -2,7 +2,6 @@
 module.exports = adduser
 
 var log = require("npmlog")
-  , url = require("url")
   , npm = require("./npm.js")
   , registry = npm.registry
   , read = require("read")
@@ -20,9 +19,10 @@ function adduser (args, cb) {
   if (!crypto) return cb(new Error(
     "You must compile node with ssl support to use the adduser feature"))
 
-  var c = { u : npm.config.get("username") || ""
-          , p : npm.config.get("_password") || ""
-          , e : npm.config.get("email") || ""
+  var creds = npm.config.getCredentialsByURI(npm.config.get("registry"))
+  var c = { u : creds.username || ""
+          , p : creds.password || ""
+          , e : creds.email || ""
           }
     , u = {}
     , fns = [readUsername, readPassword, readEmail, save]
@@ -157,23 +157,20 @@ function save (c, u, cb) {
     // don't want this polluting the configuration
     npm.config.del("_token", "user")
 
-    if (scope) {
-      npm.config.set(scope + ":registry", uri, "user")
-    }
-
-    var munged = url.parse(uri)
-    delete munged.protocol
-    // 'nerf dart' courtesy jennmoneydollaz
-    var nerfDart = url.format(munged)
+    if (scope) npm.config.set(scope + ":registry", uri, "user")
 
     if (doc && doc.token) {
-      npm.config.set(nerfDart + ":_authToken", doc.token, "user")
+      npm.config.setCredentialsByURI(uri, {
+        token : doc.token
+      })
+    }
+    else {
+      npm.config.setCredentialsByURI(uri, {
+        username : u.u,
+        password : u.p,
+        email    : u.e
+      })
     }
-
-    var auth = u.u + ":" + u.p
-    var quasiSecret = new Buffer(auth, "utf8").toString("base64")
-    npm.config.set(nerfDart + ":_auth", quasiSecret, "user")
-    npm.config.set(nerfDart + ":email", u.e, "user")
 
     log.info("adduser", "Authorized user %s", u.u)
     npm.config.save("user", cb)
diff --git a/lib/deprecate.js b/lib/deprecate.js
index 17c029f92..48b2b9b1c 100644
--- a/lib/deprecate.js
+++ b/lib/deprecate.js
@@ -8,18 +8,19 @@ deprecate.usage = "npm deprecate <pkg>[@<version>] <message>"
 deprecate.completion = function (opts, cb) {
   // first, get a list of remote packages this user owns.
   // once we have a user account, then don't complete anything.
-  var un = npm.config.get("username")
-  if (!npm.config.get("username")) return cb()
   if (opts.conf.argv.remain.length > 2) return cb()
   // get the list of packages by user
-  var path = "/-/by-user/"+encodeURIComponent(un)
+  var path = "/-/by-user/"
   mapToRegistry(path, npm.config, function (er, uri) {
     if (er) return cb(er)
 
-    npm.registry.get(uri, { timeout : 60000 }, function (er, list) {
+    var c = npm.config.getCredentialsByURI(uri)
+    if (!(c && c.username)) return cb()
+
+    npm.registry.get(uri + c.username, { timeout : 60000 }, function (er, list) {
       if (er) return cb()
       console.error(list)
-      return cb(null, list[un])
+      return cb(null, list[c.username])
     })
   })
 }
diff --git a/lib/utils/map-to-registry.js b/lib/utils/map-to-registry.js
index 169167f76..588d3fd31 100644
--- a/lib/utils/map-to-registry.js
+++ b/lib/utils/map-to-registry.js
@@ -12,14 +12,16 @@ function mapToRegistry(name, config, cb) {
   // the name itself takes precedence
   var data = isScoped(name)
   if (data) {
+    name = name.replace("/", "%2f")
+
     var packageScope = "@" + data.scope
     if (!packageScope) return cb(new Error("No scope found in scoped package named " + name))
     log.silly("mapToRegistry", "packageScope", packageScope)
 
-    var escaped  = name.replace("/", "%2f")
     scopedRegistry = config.get(packageScope + ":registry")
     if (scopedRegistry) {
-      uri = url.resolve(scopedRegistry, escaped)
+      log.silly("mapToRegistry", "scopedRegistry (scoped package)", scopedRegistry)
+      uri = url.resolve(scopedRegistry, name)
     }
     else {
       log.verbose("mapToRegistry", "no registry URL found for scope", packageScope)
@@ -34,6 +36,7 @@ function mapToRegistry(name, config, cb) {
 
     scopedRegistry = config.get(scope + ":registry")
     if (scopedRegistry) {
+      log.silly("mapToRegistry", "scopedRegistry (scope in config)", scopedRegistry)
       uri = url.resolve(scopedRegistry, name)
     }
     else {
@@ -46,6 +49,7 @@ function mapToRegistry(name, config, cb) {
     uri = url.resolve(config.get("registry"), name)
   }
 
+  log.verbose("mapToRegistry", "name", name)
   log.verbose("mapToRegistry", "uri", uri)
   cb(null, uri)
 }
diff --git a/lib/whoami.js b/lib/whoami.js
index f1c67e2b0..654c539e6 100644
--- a/lib/whoami.js
+++ b/lib/whoami.js
@@ -1,13 +1,40 @@
-module.exports = whoami
-
 var npm = require("./npm.js")
 
-whoami.usage = "npm whoami\n(just prints the 'username' config)"
+module.exports = whoami
+
+whoami.usage = "npm whoami\n(just prints username according to given registry)"
 
 function whoami (args, silent, cb) {
-  if (typeof cb !== "function") cb = silent, silent = false
-  var me = npm.config.get("username")
-  var msg = me ? me : "Not authed.  Run 'npm adduser'"
-  if (!silent) console.log(msg)
-  process.nextTick(cb.bind(this, null, me))
+  // FIXME: need tighter checking on this, but is a breaking change
+  if (typeof cb !== "function") {
+    cb = silent
+    silent = false
+  }
+
+  var registry = npm.config.get("registry")
+  if (!registry) return cb(new Error("no default registry set"))
+
+  var credentials = npm.config.getCredentialsByURI(registry)
+  if (credentials) {
+    if (credentials.username) {
+      if (!silent) console.log(credentials.username)
+      process.nextTick(cb.bind(this, null, credentials.username))
+    }
+    else if (credentials.token) {
+      npm.registry.whoami(registry, function (er, username) {
+        if (er) return cb(er)
+
+        if (!silent) console.log(username)
+        cb(null, username)
+      })
+    }
+    else {
+      process.nextTick(cb.bind(this, new Error("credentials without username or token")))
+    }
+  }
+  else {
+    var msg = "Not authed.  Run 'npm adduser'"
+    if (!silent) console.log(msg)
+      process.nextTick(cb.bind(this, null, msg))
+  }
 }