370 lines
13 KiB
370 lines
13 KiB
![]() |
var fs = require('fs')
var path = require('path')
var mocha = require('mocha')
var assert = require('assert')
var requireUncached = require('require-uncached')
var npmRcPath = path.join(__dirname, '..', '.npmrc')
var afterEach = mocha.afterEach
var describe = mocha.describe
var it = mocha.it
var base64 = require('../base64')
var decodeBase64 = base64.decodeBase64
var encodeBase64 = base64.encodeBase64
/* eslint max-nested-callbacks: ["error", 4] */
describe('auth-token', function () {
afterEach(function (done) {
fs.unlink(npmRcPath, function () {
it('should read global if no local is found', function () {
var getAuthToken = requireUncached('../index')
it('should return undefined if no auth token is given for registry', function (done) {
fs.writeFile(npmRcPath, 'registry=http://registry.npmjs.eu/', function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
describe('legacy auth token', function () {
it('should return auth token if it is defined in the legacy way via the `_auth` key', function (done) {
var content = [
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Basic'})
describe('bearer token', function () {
it('should return auth token if registry is defined', function (done) {
var content = [
'//registry.foobar.eu/:_authToken=foobar', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Bearer'})
it('should use npmrc passed in', function (done) {
var content = [
'//registry.foobar.eu/:_authToken=foobar', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
const npmrc = {
'registry': 'http://registry.foobar.eu/',
'//registry.foobar.eu/:_authToken': 'qar'
assert.deepEqual(getAuthToken({npmrc: npmrc}), {token: 'qar', type: 'Bearer'})
it('should return auth token if registry url has port specified', function (done) {
var content = [
// before the patch this token was selected.
'//localhost:8770/:_authToken=beepboop', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken(), {token: 'beepboop', type: 'Bearer'})
it('should return auth token defined by reference to an environment variable (with curly braces)', function (done) {
var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__'
var content = [
'//registry.foobar.cc/:_authToken=${' + environmentVariable + '}', ''
process.env[environmentVariable] = 'foobar'
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Bearer'})
delete process.env[environmentVariable]
it('should return auth token defined by reference to an environment variable (without curly braces)', function (done) {
var environmentVariable = '__REGISTRY_AUTH_TOKEN_NPM_TOKEN__'
var content = [
'//registry.foobar.cc/:_authToken=$' + environmentVariable, ''
process.env[environmentVariable] = 'foobar'
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken(), {token: 'foobar', type: 'Bearer'})
delete process.env[environmentVariable]
it('should try with and without a slash at the end of registry url', function (done) {
var content = [
'//registry.foobar.eu:_authToken=barbaz', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken(), {token: 'barbaz', type: 'Bearer'})
it('should fetch for the registry given (if defined)', function (done) {
var content = [
'//registry.last.thing:_authToken=yep', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken('//registry.blah.foo'), {token: 'whatev', type: 'Bearer'})
it('recursively finds registries for deep url if option is set', function (done, undef) {
var opts = {recursive: true}
var content = [
'//registry.blah.eu:_authToken=yep', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken('https://registry.blah.edu/foo/bar/baz', opts), {token: 'recurseNoLevel', type: 'Bearer'})
assert.deepEqual(getAuthToken('https://registry.blah.org/foo/bar/baz', opts), {token: 'recurseExactlyOneLevel', type: 'Bearer'})
assert.deepEqual(getAuthToken('https://registry.blah.com/foo/bar/baz', opts), {token: 'whatev', type: 'Bearer'})
assert.deepEqual(getAuthToken('http://registry.blah.eu/what/ever', opts), {token: 'yep', type: 'Bearer'})
assert.deepEqual(getAuthToken('http://registry.blah.eu//what/ever', opts), undefined, 'does not hang')
assert.equal(getAuthToken('//some.registry', opts), undef)
it('should try both with and without trailing slash', function (done) {
fs.writeFile(npmRcPath, '//registry.blah.com:_authToken=whatev', function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken('https://registry.blah.com'), {token: 'whatev', type: 'Bearer'})
it('should prefer bearer token over basic token', function (done) {
var content = [
'//registry.foobar.eu/:_password=' + encodeBase64('foobar'),
'//registry.foobar.eu/:username=foobar', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.deepEqual(getAuthToken('//registry.foobar.eu'), {token: 'bearerToken', type: 'Bearer'})
it('"nerf darts" registry urls', function (done, undef) {
fs.writeFile(npmRcPath, '//contoso.pkgs.visualstudio.com/_packaging/MyFeed/npm/:_authToken=heider', function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
{token: 'heider', type: 'Bearer'}
describe('basic token', function () {
it('should return undefined if password or username are missing', function (done, undef) {
var content = [
'//registry.foobar.eu/:_password=' + encodeBase64('foobar'),
'//registry.foobar.com/:username=foobar', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
assert.equal(getAuthToken('//registry.foobar.eu'), undef)
assert.equal(getAuthToken('//registry.foobar.com'), undef)
it('should return basic token if username and password are defined', function (done) {
var content = [
'//registry.foobar.eu/:_password=' + encodeBase64('foobar'),
'//registry.foobar.eu/:username=foobar', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
var token = getAuthToken()
assert.deepEqual(token, {
token: 'Zm9vYmFyOmZvb2Jhcg==',
type: 'Basic',
username: 'foobar',
password: 'foobar'
assert.equal(decodeBase64(token.token), 'foobar:foobar')
it('should return basic token if registry url has port specified', function (done) {
var content = [
// before the patch this token was selected.
'//localhost:8770/:_password=' + encodeBase64('foobar'),
'//localhost:8770/:username=foobar', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
var token = getAuthToken()
assert.deepEqual(token, {
token: 'Zm9vYmFyOmZvb2Jhcg==',
type: 'Basic',
username: 'foobar',
password: 'foobar'
assert.equal(decodeBase64(token.token), 'foobar:foobar')
it('should try with and without a slash at the end of registry url', function (done) {
var content = [
'//registry.foobar.eu:_password=' + encodeBase64('barbay'),
'//registry.foobar.eu:username=barbaz', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
var token = getAuthToken()
assert.deepEqual(token, {
token: 'YmFyYmF6OmJhcmJheQ==',
type: 'Basic',
password: 'barbay',
username: 'barbaz'
assert.equal(decodeBase64(token.token), 'barbaz:barbay')
it('should fetch for the registry given (if defined)', function (done) {
var content = [
'//registry.blah.foo:_password=' + encodeBase64('barbay'),
'//registry.last.thing:_authToken=yep', ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
var token = getAuthToken('//registry.blah.foo')
assert.deepEqual(token, {
token: 'YmFyYmF6OmJhcmJheQ==',
type: 'Basic',
password: 'barbay',
username: 'barbaz'
assert.equal(decodeBase64(token.token), 'barbaz:barbay')
it('recursively finds registries for deep url if option is set', function (done, undef) {
var opts = {recursive: true}
var content = [
'//registry.blah.com/foo:_password=' + encodeBase64('barbay'),
'//registry.blah.eu:_password=' + encodeBase64('foobaz'), ''
fs.writeFile(npmRcPath, content, function (err) {
var getAuthToken = requireUncached('../index')
assert(!err, err)
var token = getAuthToken('https://registry.blah.com/foo/bar/baz', opts)
assert.deepEqual(token, {
token: 'YmFyYmF6OmJhcmJheQ==',
type: 'Basic',
password: 'barbay',
username: 'barbaz'
assert.equal(decodeBase64(token.token), 'barbaz:barbay')
token = getAuthToken('https://registry.blah.eu/foo/bar/baz', opts)
assert.deepEqual(token, {
token: 'YmFyYmF6OmZvb2Jheg==',
type: 'Basic',
password: 'foobaz',
username: 'barbaz'
assert.equal(decodeBase64(token.token), 'barbaz:foobaz')
assert.equal(getAuthToken('//some.registry', opts), undef)