From 08f6a64063f2ff75690241da402ba954e371dd79 Mon Sep 17 00:00:00 2001 From: "Juan Picado @jotadeveloper" Date: Mon, 14 May 2018 20:08:49 +0200 Subject: [PATCH] fix: avoid issues with missing token #693 also refactor other parts as string and constants --- src/lib/up-storage.js | 40 ++++++++++++++++++++--------- test/functional/uplink.auth.spec.js | 4 +-- test/unit/up-storage.spec.js | 4 +-- 3 files changed, 32 insertions(+), 16 deletions(-) diff --git a/src/lib/up-storage.js b/src/lib/up-storage.js index a318067f5..9cad3acff 100644 --- a/src/lib/up-storage.js +++ b/src/lib/up-storage.js @@ -38,6 +38,10 @@ const setConfig = (config, key, def) => { return _.isNil(config[key]) === false ? config[key] : def; }; +export const TOKEN_BASIC = 'basic'; +export const TOKEN_BEARER = 'bearer'; +export const DEFAULT_REGISTRY = 'https://registry.npmjs.org/'; + /** * Implements Storage interface * (same for storage.js, local-storage.js, up-storage.js) @@ -266,33 +270,45 @@ class ProxyStorage implements IProxy { * @private */ _setAuth(headers: any) { - const auth = this.config.auth; + const {auth} = this.config; - if (typeof auth === 'undefined' || headers['authorization']) { + if (_.isNil(auth) || headers['authorization']) { return headers; } - if (!_.isObject(this.config.auth)) { + // $FlowFixMe + if (_.isObject(auth) === false && _.isObject(auth.token) === false) { this._throwErrorAuth('Auth invalid'); } // get NPM_TOKEN http://blog.npmjs.org/post/118393368555/deploying-with-npm-private-modules // or get other variable export in env - let token: any = process.env.NPM_TOKEN; + // https://github.com/verdaccio/verdaccio/releases/tag/v2.5.0 + let token: any; + const tokenConf: any = auth; - if (auth.token) { - token = auth.token; - } else if (auth.token_env ) { + if (_.isNil(tokenConf.token) === false && _.isString(tokenConf.token)) { + token = tokenConf.token; + } else if (_.isNil(tokenConf.token_env) === false) { // $FlowFixMe - token = process.env[auth.token_env]; + if (_.isString(tokenConf.token_env)) { + token = process.env[tokenConf.token_env]; + } else if (_.isBoolean(tokenConf.token_env) && tokenConf.token_env) { + token = process.env.NPM_TOKEN; + } else { + this.logger.error('token is required' ); + this._throwErrorAuth('token is required'); + } + } else { + token = process.env.NPM_TOKEN; } if (_.isNil(token)) { - this._throwErrorAuth('Token is required'); + this._throwErrorAuth('token is required'); } // define type Auth allow basic and bearer - const type = auth.type; + const type = tokenConf.type || TOKEN_BASIC; this._setHeaderAuthorization(headers, type, token); return headers; @@ -315,8 +331,8 @@ class ProxyStorage implements IProxy { * @param {string} token * @private */ - _setHeaderAuthorization(headers: any, type: string, token: string) { - if (type !== 'bearer' && type !== 'basic') { + _setHeaderAuthorization(headers: any, type: string, token: any) { + if (type !== TOKEN_BEARER && type !== TOKEN_BASIC) { this._throwErrorAuth(`Auth type '${type}' not allowed`); } diff --git a/test/functional/uplink.auth.spec.js b/test/functional/uplink.auth.spec.js index 07967af0b..e3986c44d 100644 --- a/test/functional/uplink.auth.spec.js +++ b/test/functional/uplink.auth.spec.js @@ -1,9 +1,9 @@ import assert from 'assert'; -import ProxyStorage from '../../src/lib/up-storage'; +import ProxyStorage, {DEFAULT_REGISTRY} from '../../src/lib/up-storage'; function createUplink(config) { const defaultConfig = { - url: 'https://registry.npmjs.org/' + url: DEFAULT_REGISTRY }; let mergeConfig = Object.assign({}, defaultConfig, config); return new ProxyStorage(mergeConfig, {}); diff --git a/test/unit/up-storage.spec.js b/test/unit/up-storage.spec.js index 8df37d4eb..388fcf184 100644 --- a/test/unit/up-storage.spec.js +++ b/test/unit/up-storage.spec.js @@ -1,6 +1,6 @@ // @flow import _ from 'lodash'; -import ProxyStorage from '../../src/lib/up-storage'; +import ProxyStorage, {DEFAULT_REGISTRY} from '../../src/lib/up-storage'; import AppConfig from '../../src/lib/config'; // $FlowFixMe import configExample from './partials/config'; @@ -15,7 +15,7 @@ describe('UpStorge', () => { jest.setTimeout(10000); const uplinkDefault = { - url: 'https://registry.npmjs.org/' + url: DEFAULT_REGISTRY }; const generateProxy = (config: UpLinkConf = uplinkDefault) => { const appConfig: Config = new AppConfig(configExample);