-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
auth.test.js
186 lines (160 loc) Β· 5.81 KB
/
auth.test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
const {
fs: {writeFile},
tests: {getPackageArchivePath, getPackageHttpArchivePath, getPackageDirectoryPath},
} = require('pkg-tests-core');
const AUTH_TOKEN = `686159dc-64b3-413e-a244-2de2b8d1c36f`;
const AUTH_IDENT = `dXNlcm5hbWU6YSB2ZXJ5IHNlY3VyZSBwYXNzd29yZA==`; // username:a very secure password
const INVALID_AUTH_TOKEN = `a24cb960-e6a5-45fc-b9ab-0f9fe0aaae57`;
const INVALID_AUTH_IDENT = `dXNlcm5hbWU6bm90IHRoZSByaWdodCBwYXNzd29yZA==`; // username:not the right password
describe(`Auth tests`, () => {
test(
`it should fail to install unscoped packages which require authentication if no authentication is configured`,
makeTemporaryEnv(
{
dependencies: {[`private-package`]: `1.0.0`},
},
async ({path, run, source}) => {
// Rejected by 401 error from registry so no validation on the error message
await expect(run(`install`)).rejects.toThrow();
},
),
);
test(
`it should fail to install scoped packages which require authentication if no authentication is configured`,
makeTemporaryEnv(
{
dependencies: {[`@private/package`]: `1.0.0`},
},
async ({path, run, source}) => {
// Rejected by 401 error from registry so no validation on the error message
await expect(run(`install`)).rejects.toThrow();
},
),
);
test(
`it should fail to install packages which if npmAlwaysAuth is set to true without auth present`,
makeTemporaryEnv(
{
dependencies: {[`no-deps`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAlwaysAuth: true\n`);
await expect(run(`install`)).rejects.toThrowError(/No authentication configured for request/);
},
),
);
test(
`it should fail to install unscoped packages which require authentication if an authentication token is configured but always-auth is false`,
makeTemporaryEnv(
{
dependencies: {[`private-package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthToken: "${AUTH_TOKEN}"\n`);
// Rejected by 401 error from registry so no validation on the error message
await expect(run(`install`)).rejects.toThrow();
},
),
);
test(
`it should install scoped packages which require authentication if an authentication token is configured`,
makeTemporaryEnv(
{
dependencies: {[`@private/package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthToken: "${AUTH_TOKEN}"\n`);
await run(`install`);
await expect(source(`require('@private/package')`)).resolves.toMatchObject({
name: `@private/package`,
version: `1.0.0`,
});
},
),
);
test(
`it should install unscoped packages which require authentication if npmAlwaysAuth is set to true and an authentication token is present`,
makeTemporaryEnv(
{
dependencies: {[`private-package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthToken: "${AUTH_TOKEN}"\nnpmAlwaysAuth: true\n`);
await run(`install`);
await expect(source(`require('private-package')`)).resolves.toMatchObject({
name: `private-package`,
version: `1.0.0`,
});
},
),
);
test(
`it should fail to install unscoped packages which require authentication if an authentication ident is configured but always-auth is false`,
makeTemporaryEnv(
{
dependencies: {[`private-package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthIdent: "${AUTH_IDENT}"\n`);
// Rejected by 401 error from registry so no validation on the error message
await expect(run(`install`)).rejects.toThrow();
},
),
);
test(
`it should install scoped packages which require authentication if an authentication ident is configured`,
makeTemporaryEnv(
{
dependencies: {[`@private/package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthIdent: "${AUTH_IDENT}"\n`);
await run(`install`);
await expect(source(`require('@private/package')`)).resolves.toMatchObject({
name: `@private/package`,
version: `1.0.0`,
});
},
),
);
test(
`it should install unscoped packages which require authentication if npmAlwaysAuth is set to true and an authentication ident is present`,
makeTemporaryEnv(
{
dependencies: {[`private-package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthIdent: "${AUTH_IDENT}"\nnpmAlwaysAuth: true\n`);
await run(`install`);
await expect(source(`require('private-package')`)).resolves.toMatchObject({
name: `private-package`,
version: `1.0.0`,
});
},
),
);
test(
`it should fail when an invalid authenticaation token is used`,
makeTemporaryEnv(
{
dependencies: {[`private-package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthToken: "${INVALID_AUTH_TOKEN}"\nnpmAlwaysAuth: true\n`);
await expect(run(`install`)).rejects.toThrow();
},
),
);
test(
`it should fail when an invalid authentication ident is used`,
makeTemporaryEnv(
{
dependencies: {[`private-package`]: `1.0.0`},
},
async ({path, run, source}) => {
await writeFile(`${path}/.yarnrc.yml`, `npmAuthIdent: "${INVALID_AUTH_IDENT}"\nnpmAlwaysAuth: true\n`);
await expect(run(`install`)).rejects.toThrow();
},
),
);
});