@vltpkg/registry-client 0.0.0-0.1730239248325 → 0.0.0-10

package/dist/esm/get-header.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-header.js","sourceRoot":"","sources":["../../src/get-header.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,GAAG,CAAI,CAAM,EAAoB,EAAE,CACjD,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;AAE7B,MAAM,CAAC,MAAM,SAAS,GAAG,CACvB,OAKa,EACb,GAAW,EACoB,EAAE;IACjC,IAAI,CAAC,OAAO;QAAE,OAAO,SAAS,CAAA;IAC9B,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,OAAO,SAAS,CAAA;QACrC,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9B,yBAAyB;YACzB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,OAGlB,EAAE,CAAC;gBACJ,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,GAAG;oBAAE,OAAO,CAAC,CAAA;YACvC,CAAC;QACH,CAAC;aAAM,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACpC,sBAAsB;YACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3C,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,KAAK,GAAG;oBAAE,OAAO,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IACL,UAAU,CAA0C,OAAO,CAAC,EAC5D,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAA;QACvC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAA;QACvC,CAAC;IACH,CAAC;AACH,CAAC,CAAA","sourcesContent":["const isIterable = <T>(o: any): o is Iterable<T> =>\n  !!o && !!o[Symbol.iterator]\n\nexport const getHeader = (\n  headers:\n    | Iterable<[string, string[] | string | undefined]>\n    | Record<string, string[] | string | undefined>\n    | string[]\n    | null\n    | undefined,\n  key: string,\n): string[] | string | undefined => {\n  if (!headers) return undefined\n  key = key.toLowerCase()\n  if (Array.isArray(headers)) {\n    if (!headers.length) return undefined\n    if (Array.isArray(headers[0])) {\n      // [string,HeaderValue][]\n      for (const [k, v] of headers as unknown as [\n        string,\n        string[] | string,\n      ][]) {\n        if (k.toLowerCase() === key) return v\n      }\n    } else if (headers.length % 2 === 0) {\n      // [k, v, k2, v2, ...]\n      for (let i = 0; i < headers.length; i += 2) {\n        if (headers[i]?.toLowerCase() === key) return headers[i + 1]\n      }\n    }\n  } else if (\n    isIterable<[string, string[] | string | undefined]>(headers)\n  ) {\n    for (const [k, v] of headers) {\n      if (k.toLowerCase() === key) return v\n    }\n  } else {\n    for (const [k, v] of Object.entries(headers)) {\n      if (k.toLowerCase() === key) return v\n    }\n  }\n}\n"]}
+{"version":3,"file":"get-header.js","sourceRoot":"","sources":["../../src/get-header.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,GAAG,CAAI,CAAU,EAAoB,EAAE,CACrD,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,IAAI,CAAC,CAAA;AAEtD,MAAM,CAAC,MAAM,SAAS,GAAG,CACvB,OAKa,EACb,GAAW,EACoB,EAAE;IACjC,IAAI,CAAC,OAAO;QAAE,OAAO,SAAS,CAAA;IAC9B,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IACvB,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,OAAO,SAAS,CAAA;QACrC,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9B,yBAAyB;YACzB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,OAGlB,EAAE,CAAC;gBACJ,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,GAAG;oBAAE,OAAO,CAAC,CAAA;YACvC,CAAC;QACH,CAAC;aAAM,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACpC,sBAAsB;YACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3C,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,KAAK,GAAG;oBAAE,OAAO,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IACL,UAAU,CAA0C,OAAO,CAAC,EAC5D,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAA;QACvC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,GAAG;gBAAE,OAAO,CAAC,CAAA;QACvC,CAAC;IACH,CAAC;AACH,CAAC,CAAA","sourcesContent":["const isIterable = <T>(o: unknown): o is Iterable<T> =>\n  !!o && typeof o === 'object' && Symbol.iterator in o\n\nexport const getHeader = (\n  headers:\n    | Iterable<[string, string[] | string | undefined]>\n    | Record<string, string[] | string | undefined>\n    | string[]\n    | null\n    | undefined,\n  key: string,\n): string[] | string | undefined => {\n  if (!headers) return undefined\n  key = key.toLowerCase()\n  if (Array.isArray(headers)) {\n    if (!headers.length) return undefined\n    if (Array.isArray(headers[0])) {\n      // [string,HeaderValue][]\n      for (const [k, v] of headers as unknown as [\n        string,\n        string[] | string,\n      ][]) {\n        if (k.toLowerCase() === key) return v\n      }\n    } else if (headers.length % 2 === 0) {\n      // [k, v, k2, v2, ...]\n      for (let i = 0; i < headers.length; i += 2) {\n        if (headers[i]?.toLowerCase() === key) return headers[i + 1]\n      }\n    }\n  } else if (\n    isIterable<[string, string[] | string | undefined]>(headers)\n  ) {\n    for (const [k, v] of headers) {\n      if (k.toLowerCase() === key) return v\n    }\n  } else {\n    for (const [k, v] of Object.entries(headers)) {\n      if (k.toLowerCase() === key) return v\n    }\n  }\n}\n"]}

package/dist/esm/handle-304-response.d.ts

@@ -1,4 +1,4 @@
-import { Dispatcher } from 'undici';
-import { CacheEntry } from './cache-entry.js';
+import type { Dispatcher } from 'undici';
+import type { CacheEntry } from './cache-entry.ts';
 export declare const handle304Response: (resp: Dispatcher.ResponseData, entry?: CacheEntry) => entry is CacheEntry;
 //# sourceMappingURL=handle-304-response.d.ts.map

package/dist/esm/handle-304-response.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handle-304-response.d.ts","sourceRoot":"","sources":["../../src/handle-304-response.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACnC,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C,eAAO,MAAM,iBAAiB,SACtB,UAAU,CAAC,YAAY,UACrB,UAAU,KACjB,KAAK,IAAI,UASX,CAAA"}
+{"version":3,"file":"handle-304-response.d.ts","sourceRoot":"","sources":["../../src/handle-304-response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACxC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAElD,eAAO,MAAM,iBAAiB,SACtB,UAAU,CAAC,YAAY,UACrB,UAAU,KACjB,KAAK,IAAI,UASX,CAAA"}

package/dist/esm/handle-304-response.js.map

@@ -1 +1 @@
-{"version":3,"file":"handle-304-response.js","sourceRoot":"","sources":["../../src/handle-304-response.ts"],"names":[],"mappings":"AAGA,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,IAA6B,EAC7B,KAAkB,EACG,EAAE;IACvB,IAAI,IAAI,CAAC,UAAU,KAAK,GAAG,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAA;IAEnD,MAAM,CAAC,GACL,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;IAC7D,KAAK,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;IACvC,2CAA2C;IAC3C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAA;IAClB,OAAO,IAAI,CAAA;AACb,CAAC,CAAA","sourcesContent":["import { Dispatcher } from 'undici'\nimport { CacheEntry } from './cache-entry.js'\n\nexport const handle304Response = (\n  resp: Dispatcher.ResponseData,\n  entry?: CacheEntry,\n): entry is CacheEntry => {\n  if (resp.statusCode !== 304 || !entry) return false\n\n  const d =\n    String(resp.headers.date ?? '') || new Date().toUTCString()\n  entry.setHeader('date', Buffer.from(d))\n  // shouldn't have a body, but just in case.\n  resp.body.resume()\n  return true\n}\n"]}
+{"version":3,"file":"handle-304-response.js","sourceRoot":"","sources":["../../src/handle-304-response.ts"],"names":[],"mappings":"AAGA,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAC/B,IAA6B,EAC7B,KAAkB,EACG,EAAE;IACvB,IAAI,IAAI,CAAC,UAAU,KAAK,GAAG,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAA;IAEnD,MAAM,CAAC,GACL,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;IAC7D,KAAK,CAAC,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;IACvC,2CAA2C;IAC3C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAA;IAClB,OAAO,IAAI,CAAA;AACb,CAAC,CAAA","sourcesContent":["import type { Dispatcher } from 'undici'\nimport type { CacheEntry } from './cache-entry.ts'\n\nexport const handle304Response = (\n  resp: Dispatcher.ResponseData,\n  entry?: CacheEntry,\n): entry is CacheEntry => {\n  if (resp.statusCode !== 304 || !entry) return false\n\n  const d =\n    String(resp.headers.date ?? '') || new Date().toUTCString()\n  entry.setHeader('date', Buffer.from(d))\n  // shouldn't have a body, but just in case.\n  resp.body.resume()\n  return true\n}\n"]}

package/dist/esm/index.d.ts

@@ -1,17 +1,54 @@
 import { Cache } from '@vltpkg/cache';
-import { Integrity } from '@vltpkg/types';
-import { Agent, Dispatcher } from 'undici';
-import { CacheEntry } from './cache-entry.js';
-export { type CacheEntry };
+import type { Integrity } from '@vltpkg/types';
+import type { Dispatcher } from 'undici';
+import { RetryAgent } from 'undici';
+import type { Token } from './auth.ts';
+import { deleteToken, getKC, isToken, keychains, setToken } from './auth.ts';
+import type { JSONObj } from './cache-entry.ts';
+import { CacheEntry } from './cache-entry.ts';
+import type { TokenResponse } from './token-response.ts';
+import type { WebAuthChallenge } from './web-auth-challenge.ts';
+export { CacheEntry, deleteToken, getKC, isToken, keychains, setToken, type JSONObj, type Token, type TokenResponse, type WebAuthChallenge, };
+export type CacheableMethod = 'GET' | 'HEAD';
+export declare const isCacheableMethod: (m: unknown) => m is CacheableMethod;
 export type RegistryClientOptions = {
     /**
      * Path on disk where the cache should be stored
      *
-     * @default `$HOME/.config/vlt/cache`
+     * Defaults to the XDG cache folder for `vlt/registry-client`
      */
     cache?: string;
+    /**
+     * Number of retries to perform when encountering network errors or
+     * likely-transient errors from git hosts.
+     */
+    'fetch-retries'?: number;
+    /** The exponential backoff factor to use when retrying git hosts */
+    'fetch-retry-factor'?: number;
+    /** Number of milliseconds before starting first retry */
+    'fetch-retry-mintimeout'?: number;
+    /** Maximum number of milliseconds between two retries */
+    'fetch-retry-maxtimeout'?: number;
+    /** the identity to use for storing auth tokens */
+    identity?: string;
+    /**
+     * If the server does not serve a `stale-while-revalidate` value in the
+     * `cache-control` header, then this multiplier is applied to the `max-age`
+     * or `s-maxage` values.
+     *
+     * By default, this is `60`, so for example a response that is cacheable for
+     * 5 minutes will allow a stale response while revalidating for up to 5
+     * hours.
+     *
+     * If the server *does* provide a `stale-while-revalidate` value, then that
+     * is always used.
+     *
+     * Set to 0 to prevent any `stale-while-revalidate` behavior unless
+     * explicitly allowed by the server's `cache-control` header.
+     */
+    'stale-while-revalidate-factor'?: number;
 };
-export type RegistryClientRequestOptions = Omit<Dispatcher.DispatchOptions, 'method' | 'path'> & {
+export type RegistryClientRequestOptions = Omit<Dispatcher.RequestOptions, 'method' | 'path'> & {
     /**
      * `path` should not be set when using the RegistryClient.
      * It will be overwritten with the path on the URL being requested.
@@ -30,6 +67,12 @@ export type RegistryClientRequestOptions = Omit<Dispatcher.DispatchOptions, 'met
      * the local disk cache, items are assumed to be trustworthy.
      */
     integrity?: Integrity;
+    /**
+     * Set to true if the integrity should be trusted implicitly without
+     * a recalculation, for example if it comes from a trusted registry that
+     * also serves the tarball itself.
+     */
+    trustIntegrity?: boolean;
     /**
      * Follow up to 10 redirections by default. Set this to 0 to just return
      * the 3xx response. If the max redirections are expired, and we still get
@@ -40,16 +83,62 @@ export type RegistryClientRequestOptions = Omit<Dispatcher.DispatchOptions, 'met
     /**
      * the number of redirections that have already been seen. This is used
      * internally, and should always start at 0.
-     *
      * @internal
      */
     redirections?: Set<string>;
+    /**
+     * Set to `false` to suppress ANY lookups from cache. This will also
+     * prevent storing the result to the cache.
+     */
+    useCache?: false;
+    /**
+     * Set to pass an `npm-otp` header on the request.
+     *
+     * This should not be set except by the RegistryClient itself, when
+     * we receive a 401 response with an OTP challenge.
+     * @internal
+     */
+    otp?: string;
+    /**
+     * Set to false to explicitly prevent `stale-while-revalidate` behavior,
+     * for use in revalidating while stale.
+     * @internal
+     */
+    staleWhileRevalidate?: false;
 };
 export declare const userAgent: string;
 export declare class RegistryClient {
-    agent: Agent;
+    #private;
+    agent: RetryAgent;
     cache: Cache;
-    constructor({ cache, }: RegistryClientOptions);
+    identity: string;
+    staleWhileRevalidateFactor: number;
+    constructor(options: RegistryClientOptions);
+    /**
+     * Fetch the entire set of a paginated list of objects
+     */
+    scroll<T>(url: URL | string, options?: RegistryClientRequestOptions, seek?: (obj: T) => boolean): Promise<T[]>;
+    /**
+     * find a given item in a paginated set
+     */
+    seek<T>(url: URL | string, seek: (obj: T) => boolean, options?: RegistryClientRequestOptions): Promise<T | undefined>;
+    /**
+     * Log out from the registry specified, attempting to destroy the
+     * token if the registry supports that endpoint.
+     */
+    logout(registry: string): Promise<void>;
+    /**
+     * Log into the registry specified
+     *
+     * Does not return the token or expose it, just saves to the auth keychain
+     * and returns void if it worked. Otherwise, error is raised.
+     */
+    login(registry: string): Promise<void>;
+    /**
+     * Given a {@link WebAuthChallenge}, open the `loginUrl` in a browser and
+     * hang on the `doneUrl` until it returns a {@link TokenResponse} object.
+     */
+    webAuthOpener({ doneUrl, loginUrl }: WebAuthChallenge): Promise<TokenResponse>;
     request(url: URL | string, options?: RegistryClientRequestOptions): Promise<CacheEntry>;
 }
 //# sourceMappingURL=index.d.ts.map

package/dist/esm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAA;AAErC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAA;AAGzC,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAE1C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAM7C,OAAO,EAAE,KAAK,UAAU,EAAE,CAAA;AAE1B,MAAM,MAAM,qBAAqB,GAAG;IAClC;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAA;CACf,CAAA;AAED,MAAM,MAAM,4BAA4B,GAAG,IAAI,CAC7C,UAAU,CAAC,eAAe,EAC1B,QAAQ,GAAG,MAAM,CAClB,GAAG;IACF;;;;;OAKG;IACH,IAAI,CAAC,EAAE,MAAM,CAAA;IAEb;;OAEG;IACH,MAAM,CAAC,EAAE,UAAU,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAA;IAC7C;;;;;OAKG;IACH,SAAS,CAAC,EAAE,SAAS,CAAA;IAErB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;IAExB;;;;;OAKG;IACH,YAAY,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;CAC3B,CAAA;AASD,eAAO,MAAM,SAAS,QAA8C,CAAA;AAoBpE,qBAAa,cAAc;IACzB,KAAK,EAAE,KAAK,CAAA;IACZ,KAAK,EAAE,KAAK,CAAA;gBAEA,EACV,KAAoC,GACrC,EAAE,qBAAqB;IAUlB,OAAO,CACX,GAAG,EAAE,GAAG,GAAG,MAAM,EACjB,OAAO,GAAE,4BAAiC,GACzC,OAAO,CAAC,UAAU,CAAC;CAmGvB"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAA;AAIrC,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,eAAe,CAAA;AAM9C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AACxC,OAAO,EAAS,UAAU,EAAE,MAAM,QAAQ,CAAA;AAE1C,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,WAAW,CAAA;AACtC,OAAO,EACL,WAAW,EACX,KAAK,EAEL,OAAO,EACP,SAAS,EACT,QAAQ,EACT,MAAM,WAAW,CAAA;AAClB,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAO7C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAA;AAExD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAE/D,OAAO,EACL,UAAU,EACV,WAAW,EACX,KAAK,EACL,OAAO,EACP,SAAS,EACT,QAAQ,EACR,KAAK,OAAO,EACZ,KAAK,KAAK,EACV,KAAK,aAAa,EAClB,KAAK,gBAAgB,GACtB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG,MAAM,CAAA;AAC5C,eAAO,MAAM,iBAAiB,MAAO,OAAO,KAAG,CAAC,IAAI,eACvB,CAAA;AAE7B,MAAM,MAAM,qBAAqB,GAAG;IAClC;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAA;IACd;;;OAGG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,oEAAoE;IACpE,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B,yDAAyD;IACzD,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,yDAAyD;IACzD,wBAAwB,CAAC,EAAE,MAAM,CAAA;IAEjC,kDAAkD;IAClD,QAAQ,CAAC,EAAE,MAAM,CAAA;IAEjB;;;;;;;;;;;;;;OAcG;IACH,+BAA+B,CAAC,EAAE,MAAM,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,4BAA4B,GAAG,IAAI,CAC7C,UAAU,CAAC,cAAc,EACzB,QAAQ,GAAG,MAAM,CAClB,GAAG;IACF;;;;;OAKG;IACH,IAAI,CAAC,EAAE,MAAM,CAAA;IAEb;;OAEG;IACH,MAAM,CAAC,EAAE,UAAU,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAA;IAC7C;;;;;OAKG;IACH,SAAS,CAAC,EAAE,SAAS,CAAA;IAErB;;;;OAIG;IACH,cAAc,CAAC,EAAE,OAAO,CAAA;IAExB;;;;;OAKG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;IAExB;;;;OAIG;IACH,YAAY,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;IAE1B;;;OAGG;IACH,QAAQ,CAAC,EAAE,KAAK,CAAA;IAEhB;;;;;;OAMG;IACH,GAAG,CAAC,EAAE,MAAM,CAAA;IAEZ;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,KAAK,CAAA;CAC7B,CAAA;AAgBD,eAAO,MAAM,SAAS,QAA8C,CAAA;AAoBpE,qBAAa,cAAc;;IACzB,KAAK,EAAE,UAAU,CAAA;IACjB,KAAK,EAAE,KAAK,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,0BAA0B,EAAE,MAAM,CAAA;gBAEtB,OAAO,EAAE,qBAAqB;IA0C1C;;OAEG;IACG,MAAM,CAAC,CAAC,EACZ,GAAG,EAAE,GAAG,GAAG,MAAM,EACjB,OAAO,GAAE,4BAAiC,EAC1C,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,GACzB,OAAO,CAAC,CAAC,EAAE,CAAC;IAYf;;OAEG;IACG,IAAI,CAAC,CAAC,EACV,GAAG,EAAE,GAAG,GAAG,MAAM,EACjB,IAAI,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,OAAO,EACzB,OAAO,GAAE,4BAAiC,GACzC,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAIzB;;;OAGG;IACG,MAAM,CAAC,QAAQ,EAAE,MAAM;IA0B7B;;;;;OAKG;IACG,KAAK,CAAC,QAAQ,EAAE,MAAM;IAqC5B;;;OAGG;IACG,aAAa,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,gBAAgB;IA6CrD,OAAO,CACX,GAAG,EAAE,GAAG,GAAG,MAAM,EACjB,OAAO,GAAE,4BAAiC,GACzC,OAAO,CAAC,UAAU,CAAC;CAwKvB"}

package/dist/esm/index.js

@@ -1,20 +1,34 @@
 import { Cache } from '@vltpkg/cache';
-import { register } from '@vltpkg/cache-unzip';
+import { register as cacheUnzipRegister } from '@vltpkg/cache-unzip';
+import { asError, error } from '@vltpkg/error-cause';
+import { logRequest } from '@vltpkg/output';
+import { urlOpen } from '@vltpkg/url-open';
 import { XDG } from '@vltpkg/xdg';
+import { dirname, resolve } from 'node:path';
+import { setTimeout } from 'node:timers/promises';
 import { loadPackageJson } from 'package-json-from-dist';
-import { Agent } from 'undici';
-import { addHeader } from './add-header.js';
-import { CacheEntry } from './cache-entry.js';
-import { bun, deno, node } from './env.js';
-import { handle304Response } from './handle-304-response.js';
-import { isRedirect, redirect } from './redirect.js';
-import { setCacheHeaders } from './set-cache-headers.js';
-const { version } = loadPackageJson(import.meta.filename);
+import { Agent, RetryAgent } from 'undici';
+import { addHeader } from "./add-header.js";
+import { deleteToken, getKC, getToken, isToken, keychains, setToken, } from "./auth.js";
+import { CacheEntry } from "./cache-entry.js";
+import { register } from "./cache-revalidate.js";
+import { bun, deno, node } from "./env.js";
+import { handle304Response } from "./handle-304-response.js";
+import { otplease } from "./otplease.js";
+import { isRedirect, redirect } from "./redirect.js";
+import { setCacheHeaders } from "./set-cache-headers.js";
+import { isTokenResponse } from "./token-response.js";
+import { isWebAuthChallenge } from "./web-auth-challenge.js";
+export { CacheEntry, deleteToken, getKC, isToken, keychains, setToken, };
+export const isCacheableMethod = (m) => m === 'GET' || m === 'HEAD';
+const { version } = loadPackageJson(import.meta.filename, process.env.__VLT_INTERNAL_REGISTRY_CLIENT_PACKAGE_JSON);
+/* c8 ignore start - we do test this, but coverage fails */
 const nua = globalThis.navigator?.userAgent ??
     (bun ? `Bun/${bun}`
         : deno ? `Deno/${deno}`
             : node ? `Node.js/${node}`
                 : '(unknown platform)');
+/* c8 ignore stop */
 export const userAgent = `@vltpkg/registry-client/${version} ${nua}`;
 const agentOptions = {
     bodyTimeout: 600_000,
@@ -35,32 +49,184 @@ const xdg = new XDG('vlt');
 export class RegistryClient {
     agent;
     cache;
-    constructor({ cache = xdg.cache('registry-client'), }) {
+    identity;
+    staleWhileRevalidateFactor;
+    constructor(options) {
+        const { cache = xdg.cache(), 'fetch-retry-factor': timeoutFactor = 2, 'fetch-retry-mintimeout': minTimeout = 0, 'fetch-retry-maxtimeout': maxTimeout = 30_000, 'fetch-retries': maxRetries = 3, identity = '', 'stale-while-revalidate-factor': staleWhileRevalidateFactor = 60, } = options;
+        this.identity = identity;
+        this.staleWhileRevalidateFactor = staleWhileRevalidateFactor;
+        const path = resolve(cache, 'registry-client');
         this.cache = new Cache({
-            path: cache,
+            path,
             onDiskWrite(_path, key, data) {
-                if (CacheEntry.decode(data).isGzip)
-                    register(cache, key);
+                if (CacheEntry.isGzipEntry(data)) {
+                    cacheUnzipRegister(path, key);
+                }
+            },
+        });
+        const dispatch = new Agent(agentOptions);
+        this.agent = new RetryAgent(dispatch, {
+            maxRetries,
+            timeoutFactor,
+            minTimeout,
+            maxTimeout,
+            retryAfter: true,
+            errorCodes: [
+                'ECONNREFUSED',
+                'ECONNRESET',
+                'EHOSTDOWN',
+                'ENETDOWN',
+                'ENETUNREACH',
+                'ENOTFOUND',
+                'EPIPE',
+                'UND_ERR_SOCKET',
+            ],
+        });
+    }
+    /**
+     * Fetch the entire set of a paginated list of objects
+     */
+    async scroll(url, options = {}, seek) {
+        const resp = await this.request(url, options);
+        const { objects, urls } = resp.json();
+        // if we have more, and haven't found our target, fetch more
+        return urls.next && !(seek && objects.some(seek)) ?
+            objects.concat(await this.scroll(urls.next, options, seek))
+            : objects;
+    }
+    /**
+     * find a given item in a paginated set
+     */
+    async seek(url, seek, options = {}) {
+        return (await this.scroll(url, options, seek)).find(seek);
+    }
+    /**
+     * Log out from the registry specified, attempting to destroy the
+     * token if the registry supports that endpoint.
+     */
+    async logout(registry) {
+        // if we have no token for that registry, nothing to do
+        const tok = await getToken(registry, this.identity);
+        if (!tok)
+            return;
+        const s = tok.replace(/^(Bearer|Basic) /i, '');
+        const tokensUrl = new URL('-/npm/v1/tokens', registry);
+        const record = await this.seek(tokensUrl, ({ token }) => s.startsWith(token), {
+            useCache: false,
+        }).catch(() => undefined);
+        if (record) {
+            const { key } = record;
+            await this.request(new URL(`-/npm/v1/tokens/token/${key}`, registry), { useCache: false, method: 'DELETE' });
+        }
+        await deleteToken(registry, this.identity);
+    }
+    /**
+     * Log into the registry specified
+     *
+     * Does not return the token or expose it, just saves to the auth keychain
+     * and returns void if it worked. Otherwise, error is raised.
+     */
+    async login(registry) {
+        // - make POST to '/-/v1/login'
+        // - include a body of {} and npm-auth-type:web
+        // - get a {doneUrl, loginUrl}
+        // - open the loginUrl
+        // - hang on the doneUrl until done
+        //
+        // if that fails: fall back to couchdb login
+        const webLoginURL = new URL('-/v1/login', registry);
+        const response = await this.request(webLoginURL, {
+            method: 'POST',
+            useCache: false,
+            headers: {
+                'content-type': 'application/json',
+                'npm-auth-type': 'web',
             },
+            body: '{}',
+        });
+        if (response.statusCode === 200) {
+            const challenge = response.json();
+            if (isWebAuthChallenge(challenge)) {
+                const result = await this.webAuthOpener(challenge);
+                await setToken(registry, `Bearer ${result.token}`, this.identity);
+                return;
+            }
+        }
+        /* c8 ignore start */
+        // TODO: fall back to username/password login, and/or couchdb PUT login
+        throw error('Failed to perform web login', { response });
+    }
+    /* c8 ignore stop */
+    /**
+     * Given a {@link WebAuthChallenge}, open the `loginUrl` in a browser and
+     * hang on the `doneUrl` until it returns a {@link TokenResponse} object.
+     */
+    async webAuthOpener({ doneUrl, loginUrl }) {
+        const ac = new AbortController();
+        const { signal } = ac;
+        /* c8 ignore start - race condition */
+        const [result] = await Promise.all([
+            this.#checkLogin(doneUrl, { signal }).then(result => {
+                ac.abort();
+                return result;
+            }),
+            urlOpen(loginUrl, { signal }).catch((er) => {
+                if (asError(er).name === 'AbortError')
+                    return;
+                ac.abort();
+                throw er;
+            }),
+        ]);
+        /* c8 ignore stop */
+        return result;
+    }
+    async #checkLogin(url, options = {}) {
+        const response = await this.request(url, {
+            ...options,
+            useCache: false,
+        });
+        const { signal } = options;
+        if (response.statusCode === 202) {
+            const rt = response.getHeader('retry-after');
+            const retryAfter = rt ? Number(rt.toString()) : -1;
+            if (retryAfter > 0) {
+                await setTimeout(retryAfter * 1000, null, { signal });
+            }
+            return await this.#checkLogin(url, options);
+        }
+        if (response.statusCode === 200) {
+            const body = response.json();
+            if (isTokenResponse(body))
+                return body;
+        }
+        throw error('Invalid response from web login endpoint', {
+            response,
         });
-        this.agent = new Agent(agentOptions);
     }
     async request(url, options = {}) {
+        logRequest(url, 'start');
         const u = typeof url === 'string' ? new URL(url) : url;
-        const { method = 'GET', integrity, redirections = new Set(), } = options;
+        const { method = 'GET', integrity, redirections = new Set(), signal, otp = (process.env.VLT_OTP ?? '').trim(), staleWhileRevalidate = true, } = options;
+        let { trustIntegrity } = options;
+        const m = isCacheableMethod(method) ? method : undefined;
+        const { useCache = !!m } = options;
+        signal?.throwIfAborted();
         // first, try to get from the cache before making any request.
-        const { origin, pathname } = u;
-        const key = JSON.stringify([origin, method, pathname]);
-        const buffer = await this.cache.fetch(key, {
-            context: { integrity },
-        });
+        const { origin } = u;
+        const key = `${method !== 'GET' ? method + ' ' : ''}${u}`;
+        const buffer = useCache ?
+            await this.cache.fetch(key, { context: { integrity } })
+            : undefined;
         const entry = buffer ? CacheEntry.decode(buffer) : undefined;
-        if (entry?.valid)
+        if (entry?.valid) {
+            return entry;
+        }
+        if (staleWhileRevalidate && entry?.staleWhileRevalidate && m) {
+            // revalidate while returning the stale entry
+            register(dirname(this.cache.path()), m, url);
             return entry;
-        // TODO: stale-while-revalidate timeout, say 1 day, where we'll
-        // use the cached response even if it's invalid, and validate
-        // in the background without waiting for it.
-        // either no cache entry, or need to revalidate it.
+        }
+        // either no cache entry, or need to revalidate before use.
         setCacheHeaders(options, entry);
         redirections.add(String(url));
         Object.assign(options, {
@@ -69,54 +235,84 @@ export class RegistryClient {
         });
         options.origin = u.origin;
         options.headers = addHeader(addHeader(options.headers, 'accept-encoding', 'gzip;q=1.0, identity;q=0.5'), 'user-agent', userAgent);
+        if (otp) {
+            options.headers = addHeader(options.headers, 'npm-otp', otp);
+        }
+        if (integrity) {
+            options.headers = addHeader(options.headers, 'accept-integrity', integrity);
+        }
         options.method = options.method ?? 'GET';
-        const result = await new Promise((res, rej) => {
-            /* c8 ignore start - excessive type setting for eslint */
-            this.agent
-                .request(options)
-                .then(res)
-                .catch((er) => rej(er));
-            /* c8 ignore stop */
-        }).then(resp => {
-            if (handle304Response(resp, entry))
-                return entry;
-            const h = [];
-            for (const [key, value] of Object.entries(resp.headers)) {
-                /* c8 ignore start - theoretical */
-                if (Array.isArray(value)) {
-                    h.push(Buffer.from(key), Buffer.from(value.join(', ')));
-                    /* c8 ignore stop */
-                }
-                else if (typeof value === 'string') {
-                    h.push(Buffer.from(key), Buffer.from(value));
-                }
+        // will remove if we don't have a token.
+        options.headers = addHeader(options.headers, 'authorization', await getToken(origin, this.identity));
+        let response = null;
+        try {
+            response = await this.agent.request(options);
+            /* c8 ignore start */
+        }
+        catch (er) {
+            // Rethrow so we get a better stack trace
+            throw error('Request failed', {
+                code: 'EREQUEST',
+                cause: er,
+                url,
+                method,
+            });
+        }
+        /* c8 ignore stop */
+        const result = await this.#handleResponse(u, options, response, entry);
+        if (result.getHeader('integrity')) {
+            trustIntegrity = true;
+        }
+        if (result.isGzip && !trustIntegrity) {
+            result.checkIntegrity({ url });
+        }
+        if (useCache) {
+            this.cache.set(key, result.encode(), {
+                integrity: result.integrity,
+            });
+        }
+        return result;
+    }
+    async #handleResponse(url, options, response, entry) {
+        if (handle304Response(response, entry))
+            return entry;
+        if (response.statusCode === 401) {
+            const repeatRequest = await otplease(this, options, response);
+            if (repeatRequest)
+                return await this.request(url, repeatRequest);
+        }
+        const h = [];
+        for (const [key, value] of Object.entries(response.headers)) {
+            /* c8 ignore start - theoretical */
+            if (Array.isArray(value)) {
+                h.push(Buffer.from(key), Buffer.from(value.join(', ')));
+                /* c8 ignore stop */
             }
-            const result = new CacheEntry(
-            /* c8 ignore next - should always have a status code */
-            resp.statusCode || 200, h, options.integrity);
-            if (isRedirect(result)) {
-                resp.body.resume();
-                try {
-                    const [nextURL, nextOptions] = redirect(options, result, u);
-                    if (nextOptions && nextURL) {
-                        return this.request(nextURL, nextOptions);
-                    }
-                    return result;
-                }
-                catch (er) {
-                    /* c8 ignore start */
-                    throw er instanceof Error ? er : (new Error(typeof er === 'string' ? er : 'Unknown error'));
-                    /* c8 ignore stop */
-                }
+            else if (typeof value === 'string') {
+                h.push(Buffer.from(key), Buffer.from(value));
             }
-            resp.body.on('data', (chunk) => result.addBody(chunk));
-            return new Promise((res, rej) => {
-                resp.body.on('error', rej);
-                resp.body.on('end', () => res(result));
-            });
+        }
+        const { integrity, trustIntegrity } = options;
+        const result = new CacheEntry(
+        /* c8 ignore next - should always have a status code */
+        response.statusCode || 200, h, {
+            integrity,
+            trustIntegrity,
+            'stale-while-revalidate-factor': this.staleWhileRevalidateFactor,
+        });
+        if (isRedirect(result)) {
+            response.body.resume();
+            const [nextURL, nextOptions] = redirect(options, result, url);
+            if (nextOptions && nextURL) {
+                return await this.request(nextURL, nextOptions);
+            }
+            return result;
+        }
+        response.body.on('data', (chunk) => result.addBody(chunk));
+        return await new Promise((res, rej) => {
+            response.body.on('error', rej);
+            response.body.on('end', () => res(result));
         });
-        this.cache.set(key, result.encode());
-        return result;
     }
 }
 //# sourceMappingURL=index.js.map