@@ -197,7 +197,7 @@ class PackageManager {
197197 return this . _registries [ cacheKey ]
198198 }
199199
200- async getAuthToken ( scope ) {
200+ async getAuthConfig ( scope ) {
201201 // get npmrc (https://docs.npmjs.com/configuring-npm/npmrc.html#files)
202202 const possibleRcPaths = [
203203 path . resolve ( this . context , '.npmrc' ) ,
@@ -225,8 +225,18 @@ class PackageManager {
225225 . replace ( / h t t p s ? : / , '' ) // remove leading protocol
226226 . replace ( / ( [ ^ / ] ) $ / , '$1/' ) // ensure ending with slash
227227 const authTokenKey = `${ registryWithoutProtocol }
228+ const authUsernameKey = `${ registryWithoutProtocol }
229+ const authPasswordKey = `${ registryWithoutProtocol }
228230
229- return npmConfig [ authTokenKey ]
231+ const auth = { }
232+ if ( authTokenKey in npmConfig ) {
233+ auth . token = npmConfig [ authTokenKey ]
234+ }
235+ if ( authPasswordKey in npmConfig ) {
236+ auth . username = npmConfig [ authUsernameKey ]
237+ auth . password = Buffer . from ( npmConfig [ authPasswordKey ] , 'base64' ) . toString ( )
238+ }
239+ return auth
230240 }
231241
232242 async setRegistryEnvs ( ) {
@@ -296,9 +306,13 @@ class PackageManager {
296306 headers . Accept = 'application/vnd.npm.install-v1+json;q=1.0, application/json;q=0.9, */*;q=0.8'
297307 }
298308
299- const authToken = await this . getAuthToken ( scope )
300- if ( authToken ) {
301- headers . Authorization = `Bearer ${ authToken }
309+ const authConfig = await this . getAuthConfig ( scope )
310+ if ( 'password' in authConfig ) {
311+ const credentials = Buffer . from ( `${ authConfig . username } ${ authConfig . password } ) . toString ( 'base64' )
312+ headers . Authorization = `Basic ${ credentials }
313+ }
314+ if ( 'token' in authConfig ) {
315+ headers . Authorization = `Bearer ${ authConfig . token }
302316 }
303317
304318 const url = `${ registry . replace ( / \/ $ / g, '' ) } ${ packageName }
0 commit comments