feat: warn on config --auth-type=sso/saml/oauth, undeprecate --auth-type

docs/content/commands/npm-adduser.md

@@ -94,10 +94,11 @@ npm init --scope=@foo --yes
 
 * Default: "legacy"
 * Type: "legacy", "webauthn", "sso", "saml", or "oauth"
-* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
-  a future version of npm in favor of web-based login.
 
-What authentication strategy to use with `adduser`/`login`.
+NOTE: auth-type values "sso", "saml", and "oauth" will be removed in a
+future version.
+
+What authentication strategy to use with `login`.
 
 Pass `webauthn` to use a web-based login.
 

docs/content/using-npm/config.md

@@ -215,6 +215,21 @@ exit code.
 <!-- automatically generated, do not edit manually -->
 <!-- see lib/utils/config/definitions.js -->
 
+#### `auth-type`
+
+* Default: "legacy"
+* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
+
+NOTE: auth-type values "sso", "saml", and "oauth" will be removed in a
+future version.
+
+What authentication strategy to use with `login`.
+
+Pass `webauthn` to use a web-based login.
+
+<!-- automatically generated, do not edit manually -->
+<!-- see lib/utils/config/definitions.js -->
+
 #### `before`
 
 * Default: null
@@ -1905,20 +1920,6 @@ When set to `dev` or `development`, this is an alias for `--include=dev`.
 <!-- automatically generated, do not edit manually -->
 <!-- see lib/utils/config/definitions.js -->
 
-#### `auth-type`
-
-* Default: "legacy"
-* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
-* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
-  a future version of npm in favor of web-based login.
-
-What authentication strategy to use with `adduser`/`login`.
-
-Pass `webauthn` to use a web-based login.
-
-<!-- automatically generated, do not edit manually -->
-<!-- see lib/utils/config/definitions.js -->
-
 #### `cache-max`
 
 * Default: Infinity

lib/utils/config/definitions.js

@@ -3,6 +3,7 @@ module.exports = definitions
 
 const Definition = require('./definition.js')
 
+const log = require('../log-shim')
 const { version: npmVersion } = require('../../../package.json')
 const ciDetect = require('@npmcli/ci-detect')
 const ciName = ciDetect()
@@ -239,12 +240,24 @@ define('audit-level', {
 define('auth-type', {
   default: 'legacy',
   type: ['legacy', 'webauthn', 'sso', 'saml', 'oauth'],
+  // deprecation in description rather than field, because not every value
+  // is deprecated
   description: `
+    NOTE: auth-type values "sso", "saml", and "oauth" will be removed in a future version.
+    
     What authentication strategy to use with \`login\`.
 
     Pass \`webauthn\` to use a web-based login.
   `,
-  flatten,
+  flatten (key, obj, flatOptions) {
+    flatOptions.authType = obj[key]
+    if (obj[key] === 'sso') {
+      // no need to deprecate saml/oauth here, as sso-type will be set by these in
+      // lib/auth/ and is deprecated already
+      log.warn('config',
+        '--auth-type=sso is will be removed in a future version.')
+    }
+  },
 })
 
 define('before', {

tap-snapshots/test/lib/commands/adduser.js.test.cjs

@@ -0,0 +1,17 @@
+/* IMPORTANT
+ * This snapshot file is auto-generated, but designed for humans.
+ * It should be checked into source control and tracked carefully.
+ * Re-generate by setting TAP_SNAPSHOT=1 and running tests.
+ * Make sure to inspect the output below.  Do not ignore changes!
+ */
+'use strict'
+exports[`test/lib/commands/adduser.js TAP auth-type sso warning > warning 1`] = `
+Object {
+  "warn": Array [
+    Array [
+      "config",
+      "--auth-type=sso is will be removed in a future version.",
+    ],
+  ],
+}
+`

tap-snapshots/test/lib/utils/config/definitions.js.test.cjs

@@ -254,10 +254,11 @@ exports[`test/lib/utils/config/definitions.js TAP > config description for auth-
 
 * Default: "legacy"
 * Type: "legacy", "webauthn", "sso", "saml", or "oauth"
-* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
-  a future version of npm in favor of web-based login.
 
-What authentication strategy to use with \`adduser\`/\`login\`.
+NOTE: auth-type values "sso", "saml", and "oauth" will be removed in a
+future version.
+
+What authentication strategy to use with \`login\`.
 
 Pass \`webauthn\` to use a web-based login.
 `

tap-snapshots/test/lib/utils/config/describe-all.js.test.cjs

@@ -88,6 +88,21 @@ exit code.
 <!-- automatically generated, do not edit manually -->
 <!-- see lib/utils/config/definitions.js -->
 
+#### \`auth-type\`
+
+* Default: "legacy"
+* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
+
+NOTE: auth-type values "sso", "saml", and "oauth" will be removed in a
+future version.
+
+What authentication strategy to use with \`login\`.
+
+Pass \`webauthn\` to use a web-based login.
+
+<!-- automatically generated, do not edit manually -->
+<!-- see lib/utils/config/definitions.js -->
+
 #### \`before\`
 
 * Default: null
@@ -1778,20 +1793,6 @@ When set to \`dev\` or \`development\`, this is an alias for \`--include=dev\`.
 <!-- automatically generated, do not edit manually -->
 <!-- see lib/utils/config/definitions.js -->
 
-#### \`auth-type\`
-
-* Default: "legacy"
-* Type: "legacy", "webauthn", "sso", "saml", or "oauth"
-* DEPRECATED: The SSO/SAML/OAuth methods are deprecated and will be removed in
-  a future version of npm in favor of web-based login.
-
-What authentication strategy to use with \`adduser\`/\`login\`.
-
-Pass \`webauthn\` to use a web-based login.
-
-<!-- automatically generated, do not edit manually -->
-<!-- see lib/utils/config/definitions.js -->
-
 #### \`cache-max\`
 
 * Default: Infinity

test/lib/commands/adduser.js

@@ -75,6 +75,15 @@ t.test('bad auth type', async t => {
   })
 })
 
+t.test('auth-type sso warning', async t => {
+  const { logs } = await loadMockNpm(t, {
+    config: {
+      'auth-type': 'sso',
+    },
+  })
+  t.matchSnapshot({ warn: logs.warn }, 'warning')
+})
+
 t.test('scoped login', async t => {
   const stdin = new stream.PassThrough()
   stdin.write('test-user\n')