refactor(util): move GitHub token related utils to proper place (#23869)

renovatebot · Aug 15, 2023 · 58748ab · 58748ab
1 parent a1f79bc
commit 58748ab
Show file tree

Hide file tree

Showing 5 changed files with 333 additions and 353 deletions.
diff --git a/lib/modules/manager/composer/artifacts.ts b/lib/modules/manager/composer/artifacts.ts
@@ -6,6 +6,10 @@ import {
   TEMPORARY_ERROR,
 } from '../../../constants/error-messages';
 import { logger } from '../../../logger';
+import {
+  findGithubToken,
+  takePersonalAccessTokenIfPossible,
+} from '../../../util/check-token';
 import { exec } from '../../../util/exec';
 import type { ExecOptions, ToolConstraint } from '../../../util/exec/types';
 import {
@@ -27,12 +31,10 @@ import { Lockfile, PackageFile } from './schema';
 import type { AuthJson } from './types';
 import {
   extractConstraints,
-  findGithubToken,
   getComposerArguments,
   getPhpConstraint,
   isArtifactAuthEnabled,
   requireComposerDependencyInstallation,
-  takePersonalAccessTokenIfPossible,
 } from './utils';
 
 function getAuthJson(): string | null {

diff --git a/lib/modules/manager/composer/utils.spec.ts b/lib/modules/manager/composer/utils.spec.ts
@@ -1,16 +1,10 @@
 import { GlobalConfig } from '../../../config/global';
 import * as hostRules from '../../../util/host-rules';
-import { GitTagsDatasource } from '../../datasource/git-tags';
 import { Lockfile, PackageFile } from './schema';
 import {
   extractConstraints,
-  findGithubToken,
   getComposerArguments,
-  isGithubFineGrainedPersonalAccessToken,
-  isGithubPersonalAccessToken,
-  isGithubServerToServerToken,
   requireComposerDependencyInstallation,
-  takePersonalAccessTokenIfPossible,
 } from './utils';
 
 jest.mock('../../datasource');
@@ -304,197 +298,4 @@ describe('modules/manager/composer/utils', () => {
       expect(requireComposerDependencyInstallation(lockfile)).toBeFalse();
     });
   });
-
-  describe('findGithubToken', () => {
-    it('returns the token string when hostRule match search with a valid personal access token', () => {
-      const TOKEN_STRING = 'ghp_TOKEN';
-      hostRules.add({
-        hostType: GitTagsDatasource.id,
-        matchHost: 'github.com',
-        token: TOKEN_STRING,
-      });
-
-      const foundHostRule = hostRules.find({
-        hostType: GitTagsDatasource.id,
-        url: 'https://github.com',
-      });
-
-      expect(findGithubToken(foundHostRule)).toEqual(TOKEN_STRING);
-    });
-
-    it('returns undefined when no token is defined', () => {
-      hostRules.add({
-        hostType: GitTagsDatasource.id,
-        matchHost: 'github.com',
-      });
-
-      const foundHostRule = hostRules.find({
-        hostType: GitTagsDatasource.id,
-        url: 'https://github.com',
-      });
-      expect(findGithubToken(foundHostRule)).toBeUndefined();
-    });
-
-    it('remove x-access-token token prefix', () => {
-      const TOKEN_STRING_WITH_PREFIX = 'x-access-token:ghp_TOKEN';
-      const TOKEN_STRING = 'ghp_TOKEN';
-      hostRules.add({
-        hostType: GitTagsDatasource.id,
-        matchHost: 'github.com',
-        token: TOKEN_STRING_WITH_PREFIX,
-      });
-
-      const foundHostRule = hostRules.find({
-        hostType: GitTagsDatasource.id,
-        url: 'https://github.com',
-      });
-      expect(findGithubToken(foundHostRule)).toEqual(TOKEN_STRING);
-    });
-  });
-
-  describe('isGithubPersonalAccessToken', () => {
-    it('returns true when string is a github personnal access token', () => {
-      expect(isGithubPersonalAccessToken('ghp_XXXXXX')).toBeTrue();
-    });
-
-    it('returns false when string is a github application token', () => {
-      expect(isGithubPersonalAccessToken('ghs_XXXXXX')).toBeFalse();
-    });
-
-    it('returns false when string is a github fine grained personal access token', () => {
-      expect(isGithubPersonalAccessToken('github_pat_XXXXXX')).toBeFalse();
-    });
-
-    it('returns false when string is not a token at all', () => {
-      expect(isGithubPersonalAccessToken('XXXXXX')).toBeFalse();
-    });
-  });
-
-  describe('isGithubServerToServerToken', () => {
-    it('returns true when string is a github server to server token', () => {
-      expect(isGithubServerToServerToken('ghs_XXXXXX')).toBeTrue();
-    });
-
-    it('returns false when string is a github personal access token token', () => {
-      expect(isGithubServerToServerToken('ghp_XXXXXX')).toBeFalse();
-    });
-
-    it('returns false when string is a github fine grained personal access token', () => {
-      expect(isGithubPersonalAccessToken('github_pat_XXXXXX')).toBeFalse();
-    });
-
-    it('returns false when string is not a token at all', () => {
-      expect(isGithubServerToServerToken('XXXXXX')).toBeFalse();
-    });
-  });
-
-  describe('isGithubFineGrainedPersonalAccessToken', () => {
-    it('returns true when string is a github fine grained personal access token', () => {
-      expect(
-        isGithubFineGrainedPersonalAccessToken('github_pat_XXXXXX')
-      ).toBeTrue();
-    });
-
-    it('returns false when string is a github personnal access token', () => {
-      expect(isGithubFineGrainedPersonalAccessToken('ghp_XXXXXX')).toBeFalse();
-    });
-
-    it('returns false when string is a github application token', () => {
-      expect(isGithubFineGrainedPersonalAccessToken('ghs_XXXXXX')).toBeFalse();
-    });
-
-    it('returns false when string is not a token at all', () => {
-      expect(isGithubFineGrainedPersonalAccessToken('XXXXXX')).toBeFalse();
-    });
-  });
-
-  describe('takePersonalAccessTokenIfPossible', () => {
-    it('returns undefined when both token are undefined', () => {
-      const githubToken = undefined;
-      const gitTagsGithubToken = undefined;
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toBeUndefined();
-    });
-
-    it('returns gitTagsToken when both token are PAT', () => {
-      const githubToken = 'ghp_github';
-      const gitTagsGithubToken = 'ghp_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(gitTagsGithubToken);
-    });
-
-    it('returns githubToken is PAT and gitTagsGithubToken is not a PAT', () => {
-      const githubToken = 'ghp_github';
-      const gitTagsGithubToken = 'ghs_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(githubToken);
-    });
-
-    it('returns gitTagsToken when both token are set but not PAT', () => {
-      const githubToken = 'ghs_github';
-      const gitTagsGithubToken = 'ghs_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(gitTagsGithubToken);
-    });
-
-    it('returns gitTagsToken when gitTagsToken not PAT and gitTagsGithubToken is not set', () => {
-      const githubToken = undefined;
-      const gitTagsGithubToken = 'ghs_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(gitTagsGithubToken);
-    });
-
-    it('returns githubToken when githubToken not PAT and gitTagsGithubToken is not set', () => {
-      const githubToken = 'ghs_gitTags';
-      const gitTagsGithubToken = undefined;
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(githubToken);
-    });
-
-    it('take personal assess token over fine grained token', () => {
-      const githubToken = 'ghp_github';
-      const gitTagsGithubToken = 'github_pat_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(githubToken);
-    });
-
-    it('take fine grained token over server to server token', () => {
-      const githubToken = 'github_pat_github';
-      const gitTagsGithubToken = 'ghs_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(githubToken);
-    });
-
-    it('take git-tags fine grained token', () => {
-      const githubToken = undefined;
-      const gitTagsGithubToken = 'github_pat_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(gitTagsGithubToken);
-    });
-
-    it('take git-tags unknown token type when no other token is set', () => {
-      const githubToken = undefined;
-      const gitTagsGithubToken = 'unknownTokenType_gitTags';
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(gitTagsGithubToken);
-    });
-
-    it('take github unknown token type when no other token is set', () => {
-      const githubToken = 'unknownTokenType';
-      const gitTagsGithubToken = undefined;
-      expect(
-        takePersonalAccessTokenIfPossible(githubToken, gitTagsGithubToken)
-      ).toEqual(githubToken);
-    });
-  });
 });
diff --git a/lib/modules/manager/composer/utils.ts b/lib/modules/manager/composer/utils.ts
@@ -112,71 +112,6 @@ export function extractConstraints(
   return res;
 }
 
-export function findGithubToken(
-  searchResult: HostRuleSearchResult
-): string | undefined {
-  return searchResult?.token?.replace('x-access-token:', '');
-}
-
-export function isGithubPersonalAccessToken(token: string): boolean {
-  return token.startsWith('ghp_');
-}
-
-export function isGithubServerToServerToken(token: string): boolean {
-  return token.startsWith('ghs_');
-}
-
-export function isGithubFineGrainedPersonalAccessToken(token: string): boolean {
-  return token.startsWith('github_pat_');
-}
-
-export function takePersonalAccessTokenIfPossible(
-  githubToken: string | undefined,
-  gitTagsGithubToken: string | undefined
-): string | undefined {
-  if (gitTagsGithubToken && isGithubPersonalAccessToken(gitTagsGithubToken)) {
-    logger.debug('Using GitHub Personal Access Token (git-tags)');
-    return gitTagsGithubToken;
-  }
-
-  if (githubToken && isGithubPersonalAccessToken(githubToken)) {
-    logger.debug('Using GitHub Personal Access Token');
-    return githubToken;
-  }
-
-  if (
-    gitTagsGithubToken &&
-    isGithubFineGrainedPersonalAccessToken(gitTagsGithubToken)
-  ) {
-    logger.debug('Using GitHub Fine-grained Personal Access Token (git-tags)');
-    return gitTagsGithubToken;
-  }
-
-  if (githubToken && isGithubFineGrainedPersonalAccessToken(githubToken)) {
-    logger.debug('Using GitHub Fine-grained Personal Access Token');
-    return githubToken;
-  }
-
-  if (gitTagsGithubToken) {
-    if (isGithubServerToServerToken(gitTagsGithubToken)) {
-      logger.debug('Using GitHub Server-to-Server token (git-tags)');
-    } else {
-      logger.debug('Using unknown GitHub token type (git-tags)');
-    }
-    return gitTagsGithubToken;
-  }
-
-  if (githubToken) {
-    if (isGithubServerToServerToken(githubToken)) {
-      logger.debug('Using GitHub Server-to-Server token');
-    } else {
-      logger.debug('Using unknown GitHub token type');
-    }
-  }
-
-  return githubToken;
-}
-
 export function isArtifactAuthEnabled(rule: HostRuleSearchResult): boolean {
   return !rule.artifactAuth || rule.artifactAuth.includes('composer');
 }