Add lint check for client ID in samples.

gulpfile.js

@@ -1,9 +1,19 @@
-const gulp = require('gulp');
 const concat = require('gulp-concat');
-const expose = require('gulp-expose');
+const contains = require('gulp-contains');
 const del = require('del');
-const rename = require("gulp-rename");
 const eslint = require('gulp-eslint');
+const expose = require('gulp-expose');
+const gulp = require('gulp');
+const rename = require("gulp-rename");
+
+// Regex that looks for a populated client ID in the code. This is used to
+// catch cases where the client ID is accidentally committed in a sample.
+const CLIENT_ID_REGEX = /CLIENT_ID\s*=\s*'[^.']/;
+
+// String which if it appears in the source code bypasses the client ID check.
+// This is to allow samples that use a publicly-available demo client ID to
+// not trigger the error.
+const CLIENT_ID_BYPASS = '@credentialsOK';
 
 gulp.task('clean', async function() {
   return del([
@@ -22,5 +32,14 @@ gulp.task('lint', () => {
   return gulp.src(['src/*.js', 'samples/*.gs', 'test/**/*.js', '!node_modules/**'])
       .pipe(eslint())
       .pipe(eslint.format())
-      .pipe(eslint.failAfterError());
+      .pipe(eslint.failAfterError())
+      .pipe(contains({
+        search: CLIENT_ID_REGEX,
+        onFound: (string, file, cb) => {
+          if (file.contents.toString().includes(CLIENT_ID_BYPASS)) {
+            return false;
+          }
+          return cb(`Client ID found in file: "${file.relative}"`);
+        }
+      }));
 });

package.json

@@ -24,6 +24,7 @@
     "gulp": "^4.0.2",
     "gulp-clean": "^0.4.0",
     "gulp-concat": "^2.6.1",
+    "gulp-contains": "^1.2.0",
     "gulp-eslint": "^4.0.2",
     "gulp-expose": "0.0.7",
     "gulp-rename": "^1.4.0",

samples/IdentityServer4.gs

@@ -8,6 +8,7 @@
  */
 
 // Test credentials for the Demo API.
+// @credentialsOK
 var CLIENT_ID = 'server.code';
 var CLIENT_SECRET = 'secret';