Browse files

use per-registry bearer tokens if available

  • Loading branch information...
1 parent 6ecc311 commit 4a1fc6f898a854ba1fbe8d4bcabe4e8c5e23f11d @othiym23 othiym23 committed Jun 13, 2014
Showing with 88 additions and 12 deletions.
  1. +14 −4 lib/publish.js
  2. +13 −7 lib/request.js
  3. +1 −0 package.json
  4. +9 −1 test/get-basic.js
  5. +51 −0 test/publish-scoped.js
View
18 lib/publish.js
@@ -5,6 +5,11 @@ var url = require("url")
, semver = require("semver")
, crypto = require("crypto")
, fs = require("fs")
+ , fixNameField = require("normalize-package-data/lib/fixer.js").fixNameField
+
+function escaped(name) {
+ return name.replace("/", "%2f")
+}
function publish (uri, data, tarball, cb) {
var email = this.conf.get('email')
@@ -17,8 +22,12 @@ function publish (uri, data, tarball, cb) {
return cb(er)
}
- if (data.name !== encodeURIComponent(data.name))
- return cb(new Error('invalid name: must be url-safe'))
+ try {
+ fixNameField(data, true)
+ }
+ catch (er) {
+ return cb(er)
+ }
var ver = semver.clean(data.version)
if (!ver)
@@ -75,7 +84,7 @@ function putFirst (registry, data, tarbuffer, stat, username, email, cb) {
length: stat.size
};
- var fixed = url.resolve(registry, data.name)
+ var fixed = url.resolve(registry, escaped(data.name))
this.request("PUT", fixed, { body : root }, function (er, parsed, json, res) {
var r409 = "must supply latest _rev to update existing package"
var r409b = "Document update conflict."
@@ -143,7 +152,8 @@ function putNext(registry, newVersion, root, current, cb) {
var maint = JSON.parse(JSON.stringify(root.maintainers))
root.versions[newVersion].maintainers = maint
- this.request("PUT", url.resolve(registry, root.name), { body : current }, cb)
+ var uri = url.resolve(registry, escaped(root.name))
+ this.request("PUT", uri, { body : current }, cb)
}
function conflictError (pkgid, version) {
View
20 lib/request.js
@@ -84,7 +84,7 @@ function regRequest (method, uri, options, cb_) {
if (p.match(/^org.couchdb.user/)) {
return p.replace(/\//g, encodeURIComponent("/"))
}
- return encodeURIComponent(p)
+ return p
}).join("/")
if (q) where += "?" + q
this.log.verbose("url resolving", [registry, where])
@@ -99,13 +99,14 @@ function regRequest (method, uri, options, cb_) {
if (authRequired && !auth) {
var un = this.conf.get('username')
var pw = this.conf.get('_password')
- if (un && pw)
- auth = new Buffer(un + ':' + pw).toString('base64')
- }
- if (authRequired && !auth) {
- return cb(new Error(
- "This request requires auth credentials. Run `npm login` and repeat the request."))
+ if (!(un && pw)) {
+ return cb(new Error(
+ "This request requires auth credentials. Run `npm login` and repeat the request."
+ ))
+ }
+
+ auth = new Buffer(un + ':' + pw).toString('base64')
}
if (auth && authRequired) {
@@ -187,6 +188,11 @@ function makeRequest (method, remote, where, what, etag, nofollow, cb_) {
headers["user-agent"] = this.conf.get('user-agent') ||
'node/' + process.version
+ var tokenKey = remote + ":_authToken"
+ this.log.silly("tokenKey", tokenKey)
+ var authToken = this.conf.get(tokenKey)
+ if (authToken) headers.authorization = "Bearer " + authToken
+
var p = this.conf.get('proxy')
var sp = this.conf.get('https-proxy') || p
opts.proxy = remote.protocol === "https:" ? sp : p
View
1 package.json
@@ -14,6 +14,7 @@
"chownr": "0",
"graceful-fs": "^3.0.0",
"mkdirp": "~0.3.3",
+ "normalize-package-data": "git://github.com/npm/normalize-package-data#othiym23/scoped",
"npm-cache-filename": "^1.0.0",
"request": "2 >=2.25.0",
"retry": "0.6.0",
View
10 test/get-basic.js
@@ -16,12 +16,20 @@ tap.test("basic request", function (t) {
res.json(usroot)
})
- t.plan(2)
+ server.expect("/@bigco%2funderscore", function (req, res) {
+ res.json(usroot)
+ })
+
+ t.plan(3)
client.get("http://localhost:1337/underscore/1.3.3", null, function (er, data) {
t.deepEqual(data, us)
})
client.get("http://localhost:1337/underscore", null, function (er, data) {
t.deepEqual(data, usroot)
})
+
+ client.get("http://localhost:1337/@bigco%2funderscore", null, function (er, data) {
+ t.deepEqual(data, usroot)
+ })
})
View
51 test/publish-scoped.js
@@ -0,0 +1,51 @@
+var tap = require("tap")
+var crypto = require("crypto")
+var fs = require("fs")
+
+var server = require("./lib/server.js")
+var common = require("./lib/common.js")
+var client = common.freshClient({
+ username: "username",
+ password: "password",
+ email: "i@izs.me",
+ _auth: new Buffer("username:password").toString("base64"),
+ "always-auth": true
+})
+
+
+tap.test("publish", function (t) {
+ server.expect("/@npm%2fnpm-registry-client", function (req, res) {
+ t.equal(req.method, "PUT")
+ var b = ""
+ req.setEncoding("utf8")
+ req.on("data", function (d) {
+ b += d
+ })
+
+ req.on("end", function () {
+ var o = JSON.parse(b)
+ t.equal(o._id, "@npm/npm-registry-client")
+ t.equal(o["dist-tags"].latest, pkg.version)
+ t.has(o.versions[pkg.version], pkg)
+ t.same(o.maintainers, [ { name: "username", email: "i@izs.me" } ])
+ t.same(o.maintainers, o.versions[pkg.version].maintainers)
+ var att = o._attachments[ pkg.name + "-" + pkg.version + ".tgz" ]
+ t.same(att.data, pd)
+ var hash = crypto.createHash("sha1").update(pd, "base64").digest("hex")
+ t.equal(o.versions[pkg.version].dist.shasum, hash)
+ res.statusCode = 201
+ res.json({created:true})
+ })
+ })
+
+ // not really a tarball, but doesn't matter
+ var tarball = require.resolve("../package.json")
+ var pd = fs.readFileSync(tarball, "base64")
+ var pkg = require("../package.json")
+ pkg.name = '@npm/npm-registry-client'
+ client.publish("http://localhost:1337/", pkg, tarball, function (er, data) {
+ if (er) throw er
+ t.deepEqual(data, { created: true })
+ t.end()
+ })
+})

0 comments on commit 4a1fc6f

Please sign in to comment.