forked from npm/config
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: detect registry-scoped certfile and keyfile options
RFC: npm/rfcs#591 See also: npm/npm-registry-fetch#125 By itself this change doesn't do much, but it enables us to resolve npm/cli#4765 and surface these options anywhere else they may be needed.
- Loading branch information
Showing
3 changed files
with
99 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -125,6 +125,72 @@ exports[`test/index.js TAP credentials management nerfed_lcAuthToken > other reg | |
Object {} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtls > default registry 1`] = ` | ||
Object { | ||
"certfile": "/path/to/cert", | ||
"keyfile": "/path/to/key", | ||
} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtls > default registry after set 1`] = ` | ||
Object { | ||
"certfile": "/path/to/cert", | ||
"keyfile": "/path/to/key", | ||
} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtls > other registry 1`] = ` | ||
Object {} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtlsAuthToken > default registry 1`] = ` | ||
Object { | ||
"certfile": "/path/to/cert", | ||
"keyfile": "/path/to/key", | ||
"token": "0bad1de4", | ||
} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtlsAuthToken > default registry after set 1`] = ` | ||
Object { | ||
"certfile": "/path/to/cert", | ||
"keyfile": "/path/to/key", | ||
"token": "0bad1de4", | ||
} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtlsAuthToken > other registry 1`] = ` | ||
Object {} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtlsUserPass > default registry 1`] = ` | ||
Object { | ||
"auth": "aGVsbG86d29ybGQ=", | ||
"certfile": "/path/to/cert", | ||
"email": "[email protected]", | ||
"keyfile": "/path/to/key", | ||
"password": "world", | ||
"username": "hello", | ||
} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtlsUserPass > default registry after set 1`] = ` | ||
Object { | ||
"auth": "aGVsbG86d29ybGQ=", | ||
"certfile": "/path/to/cert", | ||
"email": "[email protected]", | ||
"keyfile": "/path/to/key", | ||
"password": "world", | ||
"username": "hello", | ||
} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_mtlsUserPass > other registry 1`] = ` | ||
Object { | ||
"email": "[email protected]", | ||
} | ||
` | ||
|
||
exports[`test/index.js TAP credentials management nerfed_userpass > default registry 1`] = ` | ||
Object { | ||
"auth": "aGVsbG86d29ybGQ=", | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -625,6 +625,20 @@ t.test('credentials management', async t => { | |
nerfed_auth: { // note: does not load, because we don't do _auth per reg | ||
'.npmrc': `//registry.example/:_auth = ${Buffer.from('hello:world').toString('base64')}`, | ||
}, | ||
nerfed_mtls: { '.npmrc': `//registry.example/:certfile = /path/to/cert | ||
//registry.example/:keyfile = /path/to/key`, | ||
}, | ||
nerfed_mtlsAuthToken: { '.npmrc': `//registry.example/:_authToken = 0bad1de4 | ||
//registry.example/:certfile = /path/to/cert | ||
//registry.example/:keyfile = /path/to/key`, | ||
}, | ||
nerfed_mtlsUserPass: { '.npmrc': `//registry.example/:username = hello | ||
//registry.example/:_password = ${Buffer.from('world').toString('base64')} | ||
//registry.example/:email = [email protected] | ||
//registry.example/:always-auth = "false" | ||
//registry.example/:certfile = /path/to/cert | ||
//registry.example/:keyfile = /path/to/key`, | ||
}, | ||
def_userpass: { | ||
'.npmrc': `username = hello | ||
_password = ${Buffer.from('world').toString('base64')} | ||
|
@@ -712,14 +726,14 @@ always-auth = true`, | |
} | ||
|
||
// need both or none of user/pass | ||
if (!d.token && (!d.username || !d.password)) { | ||
if (!d.token && (!d.username || !d.password) && (!d.certfile || !d.keyfile)) { | ||
t.throws(() => c.setCredentialsByURI(defReg, d)) | ||
} else { | ||
c.setCredentialsByURI(defReg, d) | ||
t.matchSnapshot(c.getCredentialsByURI(defReg), 'default registry after set') | ||
} | ||
|
||
if (!o.token && (!o.username || !o.password)) { | ||
if (!o.token && (!o.username || !o.password) && (!o.certfile || !o.keyfile)) { | ||
t.throws(() => c.setCredentialsByURI(otherReg, o), {}, { otherReg, o }) | ||
} else { | ||
c.setCredentialsByURI(otherReg, o) | ||
|