From 383285ecd5292bf9a825e05904955b937de84cc9 Mon Sep 17 00:00:00 2001 From: Minteck Date: Sat, 4 Jun 2022 08:51:01 +0200 Subject: Initial commit --- node_modules/registry-auth-token/CHANGELOG.md | 134 +++++++++++++++++++++ node_modules/registry-auth-token/LICENSE | 21 ++++ node_modules/registry-auth-token/README.md | 65 +++++++++++ node_modules/registry-auth-token/base64.js | 12 ++ node_modules/registry-auth-token/index.js | 142 +++++++++++++++++++++++ node_modules/registry-auth-token/package.json | 48 ++++++++ node_modules/registry-auth-token/registry-url.js | 5 + 7 files changed, 427 insertions(+) create mode 100644 node_modules/registry-auth-token/CHANGELOG.md create mode 100644 node_modules/registry-auth-token/LICENSE create mode 100644 node_modules/registry-auth-token/README.md create mode 100644 node_modules/registry-auth-token/base64.js create mode 100644 node_modules/registry-auth-token/index.js create mode 100644 node_modules/registry-auth-token/package.json create mode 100644 node_modules/registry-auth-token/registry-url.js (limited to 'node_modules/registry-auth-token') diff --git a/node_modules/registry-auth-token/CHANGELOG.md b/node_modules/registry-auth-token/CHANGELOG.md new file mode 100644 index 0000000..e96f146 --- /dev/null +++ b/node_modules/registry-auth-token/CHANGELOG.md @@ -0,0 +1,134 @@ +# Change Log + +All notable changes will be documented in this file. + +## [4.2.0] - 2020-07-13 + +### Changes + +- Add support for `NPM_CONFIG_USERCONFIG` environment variable (Ben Sorohan) + +## [4.1.0] - 2020-01-17 + +### Changes + +- Add support for legacy auth token on the registry url (Gustav Blomér) + +## [4.0.0] - 2019-06-17 + +### BREAKING + +- Minimum node.js version requirement is now v6 + +### Changes + +- Upgraded dependencies (Espen Hovlandsdal) + +## [3.4.0] - 2019-03-20 + +### Changes + +- Enabled legacy auth token to be read from environment variable (Martin Flodin) + +## [3.3.2] - 2018-01-26 + +### Changes + +- Support password with ENV variable tokens (Nowell Strite) + +## [3.3.1] - 2017-05-02 + +### Fixes + +- Auth legacy token is basic auth (Hutson Betts) + +## [3.3.0] - 2017-04-24 + +### Changes + +- Support legacy auth token config key (Zoltan Kochan) +- Use safe-buffer module for backwards-compatible base64 encoding/decoding (Espen Hovlandsdal) +- Change to standard.js coding style (Espen Hovlandsdal) + +## [3.2.0] - 2017-04-20 + +### Changes + +- Allow passing parsed npmrc from outside (Zoltan Kochan) + +## [3.1.2] - 2017-04-07 + +### Changes + +- Avoid infinite loop on invalid URL (Zoltan Kochan) + +## [3.1.1] - 2017-04-06 + +### Changes + +- Nerf-dart URLs even if recursive is set to false (Espen Hovlandsdal) + +## [3.1.0] - 2016-10-19 + +### Changes + +- Return the password and username for Basic authorization (Zoltan Kochan) + +## [3.0.1] - 2016-08-07 + +### Changes + +- Fix recursion bug (Lukas Eipert) +- Implement alternative base64 encoding/decoding implementation for Node 6 (Lukas Eipert) + +## [3.0.0] - 2016-08-04 + +### Added + +- Support for Basic Authentication (username/password) (Lukas Eipert) + +### Changes + +- The result format of the output changed from a simple string to an object which contains the token type + +```js + // before: returns 'tokenString' + // after: returns {token: 'tokenString', type: 'Bearer'} + getAuthToken() +``` + +## [2.1.1] - 2016-07-10 + +### Changes + +- Fix infinite loop when recursively resolving registry URLs on Windows (Espen Hovlandsdal) + +## [2.1.0] - 2016-07-07 + +### Added + +- Add feature to find configured registry URL for a scope (Espen Hovlandsdal) + +## [2.0.0] - 2016-06-17 + +### Changes + +- Fix tokens defined by reference to environment variables (Dan MacTough) + +## [1.1.1] - 2016-04-26 + +### Changes + +- Fix for registries with port number in URL (Ryan Day) + +[1.1.1]: https://github.com/rexxars/registry-auth-token/compare/a5b4fe2f5ff982110eb8a813ba1b3b3c5d851af1...v1.1.1 +[2.0.0]: https://github.com/rexxars/registry-auth-token/compare/v1.1.1...v2.0.0 +[2.1.0]: https://github.com/rexxars/registry-auth-token/compare/v2.0.0...v2.1.0 +[2.1.1]: https://github.com/rexxars/registry-auth-token/compare/v2.1.0...v2.1.1 +[3.0.0]: https://github.com/rexxars/registry-auth-token/compare/v2.1.1...v3.0.0 +[3.0.1]: https://github.com/rexxars/registry-auth-token/compare/v3.0.0...v3.0.1 +[3.1.0]: https://github.com/rexxars/registry-auth-token/compare/v3.0.1...v3.1.0 +[3.1.1]: https://github.com/rexxars/registry-auth-token/compare/v3.1.0...v3.1.1 +[3.1.2]: https://github.com/rexxars/registry-auth-token/compare/v3.1.1...v3.1.2 +[3.2.0]: https://github.com/rexxars/registry-auth-token/compare/v3.1.2...v3.2.0 +[3.3.0]: https://github.com/rexxars/registry-auth-token/compare/v3.2.0...v3.3.0 diff --git a/node_modules/registry-auth-token/LICENSE b/node_modules/registry-auth-token/LICENSE new file mode 100644 index 0000000..0de12e3 --- /dev/null +++ b/node_modules/registry-auth-token/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2016 Espen Hovlandsdal + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/node_modules/registry-auth-token/README.md b/node_modules/registry-auth-token/README.md new file mode 100644 index 0000000..084dc0a --- /dev/null +++ b/node_modules/registry-auth-token/README.md @@ -0,0 +1,65 @@ +# registry-auth-token + +[![npm version](http://img.shields.io/npm/v/registry-auth-token.svg?style=flat-square)](http://browsenpm.org/package/registry-auth-token)[![Build Status](http://img.shields.io/travis/rexxars/registry-auth-token/main.svg?style=flat-square)](https://travis-ci.org/rexxars/registry-auth-token) + +Get the auth token set for an npm registry from `.npmrc`. Also allows fetching the configured registry URL for a given npm scope. + +## Installing + +``` +npm install --save registry-auth-token +``` + +## Usage + +Returns an object containing `token` and `type`, or `undefined` if no token can be found. `type` can be either `Bearer` or `Basic`. + +```js +var getAuthToken = require('registry-auth-token') +var getRegistryUrl = require('registry-auth-token/registry-url') + +// Get auth token and type for default `registry` set in `.npmrc` +console.log(getAuthToken()) // {token: 'someToken', type: 'Bearer'} + +// Get auth token for a specific registry URL +console.log(getAuthToken('//registry.foo.bar')) + +// Find the registry auth token for a given URL (with deep path): +// If registry is at `//some.host/registry` +// URL passed is `//some.host/registry/deep/path` +// Will find token the closest matching path; `//some.host/registry` +console.log(getAuthToken('//some.host/registry/deep/path', {recursive: true})) + +// Find the configured registry url for scope `@foobar`. +// Falls back to the global registry if not defined. +console.log(getRegistryUrl('@foobar')) + +// Use the npm config that is passed in +console.log(getRegistryUrl('http://registry.foobar.eu/', { + npmrc: { + 'registry': 'http://registry.foobar.eu/', + '//registry.foobar.eu/:_authToken': 'qar' + } +})) +``` + +## Return value + +```js +// If auth info can be found: +{token: 'someToken', type: 'Bearer'} + +// Or: +{token: 'someOtherToken', type: 'Basic'} + +// Or, if nothing is found: +undefined +``` + +## Security + +Please be careful when using this. Leaking your auth token is dangerous. + +## License + +MIT-licensed. See LICENSE. diff --git a/node_modules/registry-auth-token/base64.js b/node_modules/registry-auth-token/base64.js new file mode 100644 index 0000000..ff0f6cb --- /dev/null +++ b/node_modules/registry-auth-token/base64.js @@ -0,0 +1,12 @@ +function decodeBase64 (base64) { + return Buffer.from(base64, 'base64').toString('utf8') +} + +function encodeBase64 (string) { + return Buffer.from(string, 'utf8').toString('base64') +} + +module.exports = { + decodeBase64: decodeBase64, + encodeBase64: encodeBase64 +} diff --git a/node_modules/registry-auth-token/index.js b/node_modules/registry-auth-token/index.js new file mode 100644 index 0000000..28eedfd --- /dev/null +++ b/node_modules/registry-auth-token/index.js @@ -0,0 +1,142 @@ +var url = require('url') +var base64 = require('./base64') + +var decodeBase64 = base64.decodeBase64 +var encodeBase64 = base64.encodeBase64 + +var tokenKey = ':_authToken' +var legacyTokenKey = ':_auth' +var userKey = ':username' +var passwordKey = ':_password' + +module.exports = function () { + var checkUrl + var options + if (arguments.length >= 2) { + checkUrl = arguments[0] + options = arguments[1] + } else if (typeof arguments[0] === 'string') { + checkUrl = arguments[0] + } else { + options = arguments[0] + } + options = options || {} + options.npmrc = options.npmrc || require('rc')('npm', { registry: 'https://registry.npmjs.org/' }, { + config: process.env.npm_config_userconfig || process.env.NPM_CONFIG_USERCONFIG + }) + checkUrl = checkUrl || options.npmrc.registry + return getRegistryAuthInfo(checkUrl, options) || getLegacyAuthInfo(options.npmrc) +} + +function getRegistryAuthInfo (checkUrl, options) { + var parsed = url.parse(checkUrl, false, true) + var pathname + + while (pathname !== '/' && parsed.pathname !== pathname) { + pathname = parsed.pathname || '/' + + var regUrl = '//' + parsed.host + pathname.replace(/\/$/, '') + var authInfo = getAuthInfoForUrl(regUrl, options.npmrc) + if (authInfo) { + return authInfo + } + + // break if not recursive + if (!options.recursive) { + return /\/$/.test(checkUrl) + ? undefined + : getRegistryAuthInfo(url.resolve(checkUrl, '.'), options) + } + + parsed.pathname = url.resolve(normalizePath(pathname), '..') || '/' + } + + return undefined +} + +function getLegacyAuthInfo (npmrc) { + if (!npmrc._auth) { + return undefined + } + + var token = replaceEnvironmentVariable(npmrc._auth) + + return { token: token, type: 'Basic' } +} + +function normalizePath (path) { + return path[path.length - 1] === '/' ? path : path + '/' +} + +function getAuthInfoForUrl (regUrl, npmrc) { + // try to get bearer token + var bearerAuth = getBearerToken(npmrc[regUrl + tokenKey] || npmrc[regUrl + '/' + tokenKey]) + if (bearerAuth) { + return bearerAuth + } + + // try to get basic token + var username = npmrc[regUrl + userKey] || npmrc[regUrl + '/' + userKey] + var password = npmrc[regUrl + passwordKey] || npmrc[regUrl + '/' + passwordKey] + var basicAuth = getTokenForUsernameAndPassword(username, password) + if (basicAuth) { + return basicAuth + } + + var basicAuthWithToken = getLegacyAuthToken(npmrc[regUrl + legacyTokenKey] || npmrc[regUrl + '/' + legacyTokenKey]) + if (basicAuthWithToken) { + return basicAuthWithToken + } + + return undefined +} + +function replaceEnvironmentVariable (token) { + return token.replace(/^\$\{?([^}]*)\}?$/, function (fullMatch, envVar) { + return process.env[envVar] + }) +} + +function getBearerToken (tok) { + if (!tok) { + return undefined + } + + // check if bearer token is set as environment variable + var token = replaceEnvironmentVariable(tok) + + return { token: token, type: 'Bearer' } +} + +function getTokenForUsernameAndPassword (username, password) { + if (!username || !password) { + return undefined + } + + // passwords are base64 encoded, so we need to decode it + // See https://github.com/npm/npm/blob/v3.10.6/lib/config/set-credentials-by-uri.js#L26 + var pass = decodeBase64(replaceEnvironmentVariable(password)) + + // a basic auth token is base64 encoded 'username:password' + // See https://github.com/npm/npm/blob/v3.10.6/lib/config/get-credentials-by-uri.js#L70 + var token = encodeBase64(username + ':' + pass) + + // we found a basicToken token so let's exit the loop + return { + token: token, + type: 'Basic', + password: pass, + username: username + } +} + +function getLegacyAuthToken (tok) { + if (!tok) { + return undefined + } + + // check if legacy auth token is set as environment variable + var token = replaceEnvironmentVariable(tok) + + return { token: token, type: 'Basic' } +} diff --git a/node_modules/registry-auth-token/package.json b/node_modules/registry-auth-token/package.json new file mode 100644 index 0000000..45f979a --- /dev/null +++ b/node_modules/registry-auth-token/package.json @@ -0,0 +1,48 @@ +{ + "name": "registry-auth-token", + "version": "4.2.1", + "description": "Get the auth token set for an npm registry (if any)", + "main": "index.js", + "scripts": { + "test": "mocha", + "posttest": "standard", + "coverage": "istanbul cover _mocha" + }, + "repository": { + "type": "git", + "url": "git+ssh://git@github.com/rexxars/registry-auth-token.git" + }, + "engines": { + "node": ">=6.0.0" + }, + "keywords": [ + "npm", + "conf", + "config", + "npmconf", + "registry", + "auth", + "token", + "authtoken" + ], + "author": "Espen Hovlandsdal ", + "license": "MIT", + "bugs": { + "url": "https://github.com/rexxars/registry-auth-token/issues" + }, + "homepage": "https://github.com/rexxars/registry-auth-token#readme", + "dependencies": { + "rc": "^1.2.8" + }, + "devDependencies": { + "istanbul": "^0.4.2", + "mocha": "^6.1.4", + "require-uncached": "^1.0.2", + "standard": "^12.0.1" + }, + "standard": { + "ignore": [ + "coverage/**" + ] + } +} diff --git a/node_modules/registry-auth-token/registry-url.js b/node_modules/registry-auth-token/registry-url.js new file mode 100644 index 0000000..b4532d6 --- /dev/null +++ b/node_modules/registry-auth-token/registry-url.js @@ -0,0 +1,5 @@ +module.exports = function (scope, npmrc) { + var rc = npmrc || require('rc')('npm', { registry: 'https://registry.npmjs.org/' }) + var url = rc[scope + ':registry'] || rc.registry + return url.slice(-1) === '/' ? url : url + '/' +} -- cgit