Error: Could not authenticate deployment

[yorch]

Do you want to request a feature or report a bug?
A bug

What is the current behavior?
Getting an error when trying to run yarn install on an Angular 2 project that works fine with npm install

yarn install v0.17.6
info No lockfile found.
[1/4] 🔍  Resolving packages...
error An unexpected error occurred: "https://registry.yarnpkg.com/@angular%2fcommon: Could not authenticate deployment".
info If you think this is a bug, please open a bug report with the information provided in "/Users/user/Project/yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.

If the current behavior is a bug, please provide the steps to reproduce.

• Create a project using angular-cli
• Delete node_modules
• Run yarn install

What is the expected behavior?
To yarn to run successfully and to have all the dependencies installed in node_modules

Please mention your node.js, yarn and operating system version.
node 7.1.0, installed with nvm
MacOS 10.11.6
yarn 0.17.6

[hpurmann]

Hey @yorch! Maybe /Users/user/Project/yarn-error.log contains some helpful debug information. Can you post it here?

[olingern]

Indeed, stack trace from yarn-error.log would be most helpful. I'm unable to reproduce given your description, @yorch

[Daniel15]

I have no idea where that error message is coming from, I don't see it anywhere on GitHub at all :P https://github.com/search?q=%22could+not+authenticate+deployment%22&type=Code&utf8=%E2%9C%93

[yorch]

So I tried to replicate the problem on another mac, and couldn't. Went back to the original mac, and turns out the problem is related to the ~/.npmrc file. It contains something like:

init.author.name = My Name
init.author.email = [email protected]
init.author.url = http://profile
#registry = http://internal-url/
email = [email protected]
_auth = SOMEAUTHCODE

The last line is the one causing troubles, not sure why considering that npm works fine with it. Not sure if this is a bug or expected behaviour.

In any case, thanks for your help!

[klaemo]

I had the same issue:

error An unexpected error occurred: "https://registry.yarnpkg.com/@kadira%2fstorybook: Could not authenticate klaemo".

When I commented out the _auth line from .npmrc it started working.

[therealklanni]

This also affects yarn install

[bestander]

This should be quite easy to fix, as the code that reads those .npmrc settings is easy to find, a PR is welcome.

[mapsam]

I hit this with version 0.24.6 as well - can confirm commenting out the _auth line in the ~/.npmrc file does the trick.

[BYK]

Working on this

[BYK]

Okay, I realized this only happened if you had an old _auth entry which did not contain your current, valid login information and when you used the new scoped package names (like @timer/detect-port) (hence why it was hard to track down). I also noticed this was fixed on master so I started bisecting. Looks like 3382071 solved it which made it into the v0.26.x releases so upgrading your yarn should resolve the issue.

[Daniel15]

0.26.x is still an RC release though, so only upgrade to it if you're comfortable testing an RC 😃

[mapsam]

Thanks for investigating @BYK!

[arcanis]

Apparently fixed, so I'm going to close this issue for now 👍

[webuniverseio]

@arcanis just came back after update to 0.27.5 from 0.26.1

yarn-error.txt

[arcanis]

The commit that fixed this issue was breaking installing private package ... by fixing it we broke again this one :/ @BYK I kinda remember you worked a bit on this, what do you think would be the best way to solve this issue? If I understand correctly:

• When fetching a private package from the NPM registry, the auth token must be sent (logic)
• When fetching a public package from the NPM registry, the auth token must NOT be sent (weird?)
• Afaik there's no way to know if a package is public/private without trying

So it seems the only course of action here would be to try without the token, then try again with a token if it fails with a 404 status. Missing something?

[BYK]

I think NPM allows you to make authenticated requests for public packages without a problem provided that your tokens are valid. May be we can retry with/without a token if the first request fails?

We can also probably save the token/no-token preference per package to somewhere for future requests?

[arcanis]

I was probably tired, I can't reproduce this issue on the computer where I thought it failed... Just tried with 0.27.5, and it worked just fine with both public & private scopped packages 😶

[pensierinmusica]

@szarouski yep I confirm it comes back to me as well in v0.27.5. @arcanis @lumaxis @bestander any idea what is causing it?

relates #2507

[arcanis]

@pensierinmusica Can you try to check inside your ~/.npmrc or ~/.yarnrc file? Is there an _auth= key, or _authToken=?

[pensierinmusica]

Ok, I've solved it. It looks like I had changed the password in the meantime and the .npmrc file was not updated accordingly. For future reference in case other users hit the same problem, you just need to run npm login and authenticate.

@arcanis maybe this could be suggested right there in the error message?