2 var path = require('path')
3 var mocha = require('mocha')
4 var assert = require('assert')
5 var requireUncached = require('require-uncached')
7 var npmRcPath = path.join(__dirname, '..', '.npmrc')
8 var afterEach = mocha.afterEach
9 var describe = mocha.describe
12 var base64 = require('../base64')
13 var decodeBase64 = base64.decodeBase64
14 var encodeBase64 = base64.encodeBase64
16 /* eslint max-nested-callbacks: ["error", 4] */
18 describe('auth-token', function () {
19 afterEach(function (done) {
20 fs.unlink(npmRcPath, function () {
25 it('should read global if no local is found', function () {
26 var getAuthToken = requireUncached('../index')
30 it('should return undefined if no auth token is given for registry', function (done) {
31 fs.writeFile(npmRcPath, 'registry=http://registry.npmjs.eu/', function (err) {
32 var getAuthToken = requireUncached('../index')
34 assert(!getAuthToken())
39 describe('legacy auth token', function () {
40 it('should return auth token if it is defined in the legacy way via the `_auth` key', function (done) {
43 'registry=http://registry.foobar.eu/'
46 fs.writeFile(npmRcPath, content, function (err) {
47 var getAuthToken = requireUncached('../index')
49 assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Basic'})
54 it('should return legacy auth token defined by reference to an environment variable (with curly braces)', function (done) {
55 var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__'
57 '_auth=${' + environmentVariable + '}',
58 'registry=http://registry.foobar.eu/'
61 process.env[environmentVariable] = 'foobar'
63 fs.writeFile(npmRcPath, content, function (err) {
64 var getAuthToken = requireUncached('../index')
66 assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Basic'})
67 delete process.env[environmentVariable]
72 it('should return legacy auth token defined by reference to an environment variable (without curly braces)', function (done) {
73 var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__'
75 '_auth=$' + environmentVariable,
76 'registry=http://registry.foobar.eu/'
79 process.env[environmentVariable] = 'foobar'
81 fs.writeFile(npmRcPath, content, function (err) {
82 var getAuthToken = requireUncached('../index')
84 assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Basic'})
85 delete process.env[environmentVariable]
91 describe('bearer token', function () {
92 it('should return auth token if registry is defined', function (done) {
94 'registry=http://registry.foobar.eu/',
95 '//registry.foobar.eu/:_authToken=foobar', ''
98 fs.writeFile(npmRcPath, content, function (err) {
99 var getAuthToken = requireUncached('../index')
101 assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Bearer'})
106 it('should use npmrc passed in', function (done) {
108 'registry=http://registry.foobar.eu/',
109 '//registry.foobar.eu/:_authToken=foobar', ''
112 fs.writeFile(npmRcPath, content, function (err) {
113 var getAuthToken = requireUncached('../index')
116 'registry': 'http://registry.foobar.eu/',
117 '//registry.foobar.eu/:_authToken': 'qar'
119 assert.deepEqual(getAuthToken({npmrc: npmrc}), {token: 'qar', type: 'Bearer'})
124 it('should return auth token if registry url has port specified', function (done) {
126 'registry=http://localhost:8770/',
127 // before the patch this token was selected.
128 '//localhost/:_authToken=ohno',
129 '//localhost:8770/:_authToken=beepboop', ''
132 fs.writeFile(npmRcPath, content, function (err) {
133 var getAuthToken = requireUncached('../index')
135 assert.deepEqual(getAuthToken(), {token: 'beepboop', type: 'Bearer'})
140 it('should return auth token defined by reference to an environment variable (with curly braces)', function (done) {
141 var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__'
143 'registry=http://registry.foobar.cc/',
144 '//registry.foobar.cc/:_authToken=${' + environmentVariable + '}', ''
146 process.env[environmentVariable] = 'foobar'
148 fs.writeFile(npmRcPath, content, function (err) {
149 var getAuthToken = requireUncached('../index')
151 assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Bearer'})
152 delete process.env[environmentVariable]
157 it('should return auth token defined by reference to an environment variable (without curly braces)', function (done) {
158 var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__'
160 'registry=http://registry.foobar.cc/',
161 '//registry.foobar.cc/:_authToken=$' + environmentVariable, ''
163 process.env[environmentVariable] = 'foobar'
165 fs.writeFile(npmRcPath, content, function (err) {
166 var getAuthToken = requireUncached('../index')
168 assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Bearer'})
169 delete process.env[environmentVariable]
174 it('should try with and without a slash at the end of registry url', function (done) {
176 'registry=http://registry.foobar.eu',
177 '//registry.foobar.eu:_authToken=barbaz', ''
180 fs.writeFile(npmRcPath, content, function (err) {
181 var getAuthToken = requireUncached('../index')
183 assert.deepEqual(getAuthToken(), {token: 'barbaz', type: 'Bearer'})
188 it('should fetch for the registry given (if defined)', function (done) {
190 '//registry.foobar.eu:_authToken=barbaz',
191 '//registry.blah.foo:_authToken=whatev',
192 '//registry.last.thing:_authToken=yep', ''
195 fs.writeFile(npmRcPath, content, function (err) {
196 var getAuthToken = requireUncached('../index')
198 assert.deepEqual(getAuthToken('//registry.blah.foo'), {token: 'whatev', type: 'Bearer'})
203 it('recursively finds registries for deep url if option is set', function (done, undef) {
204 var opts = {recursive: true}
206 '//registry.blah.com/foo:_authToken=whatev',
207 '//registry.blah.org/foo/bar:_authToken=recurseExactlyOneLevel',
208 '//registry.blah.edu/foo/bar/baz:_authToken=recurseNoLevel',
209 '//registry.blah.eu:_authToken=yep', ''
212 fs.writeFile(npmRcPath, content, function (err) {
213 var getAuthToken = requireUncached('../index')
215 assert.deepEqual(getAuthToken('https://registry.blah.edu/foo/bar/baz', opts), {token: 'recurseNoLevel', type: 'Bearer'})
216 assert.deepEqual(getAuthToken('https://registry.blah.org/foo/bar/baz', opts), {token: 'recurseExactlyOneLevel', type: 'Bearer'})
217 assert.deepEqual(getAuthToken('https://registry.blah.com/foo/bar/baz', opts), {token: 'whatev', type: 'Bearer'})
218 assert.deepEqual(getAuthToken('http://registry.blah.eu/what/ever', opts), {token: 'yep', type: 'Bearer'})
219 assert.deepEqual(getAuthToken('http://registry.blah.eu//what/ever', opts), undefined, 'does not hang')
220 assert.equal(getAuthToken('//some.registry', opts), undef)
225 it('should try both with and without trailing slash', function (done) {
226 fs.writeFile(npmRcPath, '//registry.blah.com:_authToken=whatev', function (err) {
227 var getAuthToken = requireUncached('../index')
229 assert.deepEqual(getAuthToken('https://registry.blah.com'), {token: 'whatev', type: 'Bearer'})
234 it('should prefer bearer token over basic token', function (done) {
236 'registry=http://registry.foobar.eu/',
237 'registry=http://registry.foobar.eu/',
238 '//registry.foobar.eu/:_authToken=bearerToken',
239 '//registry.foobar.eu/:_password=' + encodeBase64('foobar'),
240 '//registry.foobar.eu/:username=foobar', ''
243 fs.writeFile(npmRcPath, content, function (err) {
244 var getAuthToken = requireUncached('../index')
246 assert.deepEqual(getAuthToken('//registry.foobar.eu'), {token: 'bearerToken', type: 'Bearer'})
251 it('"nerf darts" registry urls', function (done, undef) {
252 fs.writeFile(npmRcPath, '//contoso.pkgs.visualstudio.com/_packaging/MyFeed/npm/:_authToken=heider', function (err) {
253 var getAuthToken = requireUncached('../index')
256 getAuthToken('https://contoso.pkgs.visualstudio.com/_packaging/MyFeed/npm/registry'),
257 {token: 'heider', type: 'Bearer'}
264 describe('basic token', function () {
265 it('should return undefined if password or username are missing', function (done, undef) {
267 'registry=http://registry.foobar.eu/',
268 '//registry.foobar.eu/:_password=' + encodeBase64('foobar'),
269 '//registry.foobar.com/:username=foobar', ''
272 fs.writeFile(npmRcPath, content, function (err) {
273 var getAuthToken = requireUncached('../index')
275 assert.equal(getAuthToken('//registry.foobar.eu'), undef)
276 assert.equal(getAuthToken('//registry.foobar.com'), undef)
281 it('should return basic token if username and password are defined', function (done) {
283 'registry=http://registry.foobar.eu/',
284 '//registry.foobar.eu/:_password=' + encodeBase64('foobar'),
285 '//registry.foobar.eu/:username=foobar', ''
288 fs.writeFile(npmRcPath, content, function (err) {
289 var getAuthToken = requireUncached('../index')
291 var token = getAuthToken()
292 assert.deepEqual(token, {
293 token: 'Zm9vYmFyOmZvb2Jhcg==',
298 assert.equal(decodeBase64(token.token), 'foobar:foobar')
303 it('should return basic token if registry url has port specified', function (done) {
305 'registry=http://localhost:8770/',
306 // before the patch this token was selected.
307 '//localhost/:_authToken=ohno',
308 '//localhost:8770/:_password=' + encodeBase64('foobar'),
309 '//localhost:8770/:username=foobar', ''
312 fs.writeFile(npmRcPath, content, function (err) {
313 var getAuthToken = requireUncached('../index')
315 var token = getAuthToken()
316 assert.deepEqual(token, {
317 token: 'Zm9vYmFyOmZvb2Jhcg==',
322 assert.equal(decodeBase64(token.token), 'foobar:foobar')
327 it('should return password defined by reference to an environment variable (with curly braces)', function (done) {
328 var environmentVariable = '__REGISTRY_PASSWORD__'
330 'registry=http://registry.foobar.cc/',
331 '//registry.foobar.cc/:username=username',
332 '//registry.foobar.cc/:_password=${' + environmentVariable + '}', ''
334 process.env[environmentVariable] = encodeBase64('password')
336 fs.writeFile(npmRcPath, content, function (err) {
337 var getAuthToken = requireUncached('../index')
339 var token = getAuthToken()
340 assert.deepEqual(token, {
342 username: 'username',
343 password: 'password',
344 token: 'dXNlcm5hbWU6cGFzc3dvcmQ='
346 assert.equal(decodeBase64(token.token), 'username:password')
347 delete process.env[environmentVariable]
352 it('should return password defined by reference to an environment variable (without curly braces)', function (done) {
353 var environmentVariable = '__REGISTRY_PASSWORD__'
355 'registry=http://registry.foobar.cc/',
356 '//registry.foobar.cc/:username=username',
357 '//registry.foobar.cc/:_password=$' + environmentVariable, ''
359 process.env[environmentVariable] = encodeBase64('password')
361 fs.writeFile(npmRcPath, content, function (err) {
362 var getAuthToken = requireUncached('../index')
364 var token = getAuthToken()
365 assert.deepEqual(token, {
367 username: 'username',
368 password: 'password',
369 token: 'dXNlcm5hbWU6cGFzc3dvcmQ='
371 assert.equal(decodeBase64(token.token), 'username:password')
372 delete process.env[environmentVariable]
377 it('should try with and without a slash at the end of registry url', function (done) {
379 'registry=http://registry.foobar.eu',
380 '//registry.foobar.eu:_password=' + encodeBase64('barbay'),
381 '//registry.foobar.eu:username=barbaz', ''
384 fs.writeFile(npmRcPath, content, function (err) {
385 var getAuthToken = requireUncached('../index')
387 var token = getAuthToken()
388 assert.deepEqual(token, {
389 token: 'YmFyYmF6OmJhcmJheQ==',
394 assert.equal(decodeBase64(token.token), 'barbaz:barbay')
399 it('should fetch for the registry given (if defined)', function (done) {
401 '//registry.foobar.eu:_authToken=barbaz',
402 '//registry.blah.foo:_password=' + encodeBase64('barbay'),
403 '//registry.blah.foo:username=barbaz',
404 '//registry.last.thing:_authToken=yep', ''
407 fs.writeFile(npmRcPath, content, function (err) {
408 var getAuthToken = requireUncached('../index')
410 var token = getAuthToken('//registry.blah.foo')
411 assert.deepEqual(token, {
412 token: 'YmFyYmF6OmJhcmJheQ==',
417 assert.equal(decodeBase64(token.token), 'barbaz:barbay')
422 it('recursively finds registries for deep url if option is set', function (done, undef) {
423 var opts = {recursive: true}
425 '//registry.blah.com/foo:_password=' + encodeBase64('barbay'),
426 '//registry.blah.com/foo:username=barbaz',
427 '//registry.blah.eu:username=barbaz',
428 '//registry.blah.eu:_password=' + encodeBase64('foobaz'), ''
431 fs.writeFile(npmRcPath, content, function (err) {
432 var getAuthToken = requireUncached('../index')
434 var token = getAuthToken('https://registry.blah.com/foo/bar/baz', opts)
435 assert.deepEqual(token, {
436 token: 'YmFyYmF6OmJhcmJheQ==',
441 assert.equal(decodeBase64(token.token), 'barbaz:barbay')
442 token = getAuthToken('https://registry.blah.eu/foo/bar/baz', opts)
443 assert.deepEqual(token, {
444 token: 'YmFyYmF6OmZvb2Jheg==',
449 assert.equal(decodeBase64(token.token), 'barbaz:foobaz')
450 assert.equal(getAuthToken('//some.registry', opts), undef)