119 lines
3.1 KiB
JavaScript
119 lines
3.1 KiB
JavaScript
|
var url = require('url')
|
||
|
var base64 = require('./base64')
|
||
|
|
||
|
var decodeBase64 = base64.decodeBase64
|
||
|
var encodeBase64 = base64.encodeBase64
|
||
|
|
||
|
var tokenKey = ':_authToken'
|
||
|
var userKey = ':username'
|
||
|
var passwordKey = ':_password'
|
||
|
|
||
|
module.exports = function () {
|
||
|
var checkUrl
|
||
|
var options
|
||
|
if (arguments.length >= 2) {
|
||
|
checkUrl = arguments[0]
|
||
|
options = arguments[1]
|
||
|
} else if (typeof arguments[0] === 'string') {
|
||
|
checkUrl = arguments[0]
|
||
|
} else {
|
||
|
options = arguments[0]
|
||
|
}
|
||
|
options = options || {}
|
||
|
options.npmrc = options.npmrc || require('rc')('npm', {registry: 'https://registry.npmjs.org/'})
|
||
|
checkUrl = checkUrl || options.npmrc.registry
|
||
|
return getRegistryAuthInfo(checkUrl, options) || getLegacyAuthInfo(options.npmrc)
|
||
|
}
|
||
|
|
||
|
function getRegistryAuthInfo (checkUrl, options) {
|
||
|
var parsed = url.parse(checkUrl, false, true)
|
||
|
var pathname
|
||
|
|
||
|
while (pathname !== '/' && parsed.pathname !== pathname) {
|
||
|
pathname = parsed.pathname || '/'
|
||
|
|
||
|
var regUrl = '//' + parsed.host + pathname.replace(/\/$/, '')
|
||
|
var authInfo = getAuthInfoForUrl(regUrl, options.npmrc)
|
||
|
if (authInfo) {
|
||
|
return authInfo
|
||
|
}
|
||
|
|
||
|
// break if not recursive
|
||
|
if (!options.recursive) {
|
||
|
return /\/$/.test(checkUrl)
|
||
|
? undefined
|
||
|
: getRegistryAuthInfo(url.resolve(checkUrl, '.'), options)
|
||
|
}
|
||
|
|
||
|
parsed.pathname = url.resolve(normalizePath(pathname), '..') || '/'
|
||
|
}
|
||
|
|
||
|
return undefined
|
||
|
}
|
||
|
|
||
|
function getLegacyAuthInfo (npmrc) {
|
||
|
if (npmrc._auth) {
|
||
|
return {token: npmrc._auth, type: 'Basic'}
|
||
|
}
|
||
|
return undefined
|
||
|
}
|
||
|
|
||
|
function normalizePath (path) {
|
||
|
return path[path.length - 1] === '/' ? path : path + '/'
|
||
|
}
|
||
|
|
||
|
function getAuthInfoForUrl (regUrl, npmrc) {
|
||
|
// try to get bearer token
|
||
|
var bearerAuth = getBearerToken(npmrc[regUrl + tokenKey] || npmrc[regUrl + '/' + tokenKey])
|
||
|
if (bearerAuth) {
|
||
|
return bearerAuth
|
||
|
}
|
||
|
|
||
|
// try to get basic token
|
||
|
var username = npmrc[regUrl + userKey] || npmrc[regUrl + '/' + userKey]
|
||
|
var password = npmrc[regUrl + passwordKey] || npmrc[regUrl + '/' + passwordKey]
|
||
|
var basicAuth = getTokenForUsernameAndPassword(username, password)
|
||
|
if (basicAuth) {
|
||
|
return basicAuth
|
||
|
}
|
||
|
|
||
|
return undefined
|
||
|
}
|
||
|
|
||
|
function getBearerToken (tok) {
|
||
|
if (!tok) {
|
||
|
return undefined
|
||
|
}
|
||
|
|
||
|
// check if bearer token
|
||
|
var token = tok.replace(/^\$\{?([^}]*)\}?$/, function (fullMatch, envVar) {
|
||
|
return process.env[envVar]
|
||
|
})
|
||
|
|
||
|
return {token: token, type: 'Bearer'}
|
||
|
}
|
||
|
|
||
|
function getTokenForUsernameAndPassword (username, password) {
|
||
|
if (!username || !password) {
|
||
|
return undefined
|
||
|
}
|
||
|
|
||
|
// passwords are base64 encoded, so we need to decode it
|
||
|
// See https://github.com/npm/npm/blob/v3.10.6/lib/config/set-credentials-by-uri.js#L26
|
||
|
var pass = decodeBase64(password.replace(/^\$\{?([^}]*)\}?$/, function (fullMatch, envVar) {
|
||
|
return process.env[envVar]
|
||
|
}))
|
||
|
|
||
|
// a basic auth token is base64 encoded 'username:password'
|
||
|
// See https://github.com/npm/npm/blob/v3.10.6/lib/config/get-credentials-by-uri.js#L70
|
||
|
var token = encodeBase64(username + ':' + pass)
|
||
|
|
||
|
// we found a basicToken token so let's exit the loop
|
||
|
return {
|
||
|
token: token,
|
||
|
type: 'Basic',
|
||
|
password: pass,
|
||
|
username: username
|
||
|
}
|
||
|
}
|