wip

Author: wraithgar

lib/commands/token.js

@@ -1,9 +1,18 @@
 const { log, output, META } = require('proc-log')
-const { listTokens, createGatToken, removeToken } = require('npm-profile')
+const fetch = require('npm-registry-fetch')
 const { otplease } = require('../utils/auth.js')
 const readUserInfo = require('../utils/read-user-info.js')
 const BaseCommand = require('../base-cmd.js')
 
+async function paginate(href, opts, items = []) {
+  while (href) {
+    const result = await fetch.json(href, opts)
+    items = items.concat(result.objects)
+    href = result.urls.next
+  }
+  return items
+}
+
 class Token extends BaseCommand {
   static description = 'Manage your authentication tokens'
   static name = 'token'
@@ -63,7 +72,7 @@ class Token extends BaseCommand {
     const json = this.npm.config.get('json')
     const parseable = this.npm.config.get('parseable')
     log.info('token', 'getting list')
-    const tokens = await listTokens(this.npm.flatOptions)
+    const tokens = await paginate('/-/npm/v1/tokens', this.npm.flatOptions)
     if (json) {
       output.buffer(tokens)
       return
@@ -104,10 +113,9 @@ class Token extends BaseCommand {
     const json = this.npm.config.get('json')
     const parseable = this.npm.config.get('parseable')
     const toRemove = []
-    const opts = { ...this.npm.flatOptions }
     log.info('token', `removing ${toRemove.length} tokens`)
-    const tokens = await listTokens(opts)
-    args.forEach(id => {
+    const tokens = await paginate('/-/npm/v1/tokens', this.npm.flatOptions)
+    for (const id of args) {
       const matches = tokens.filter(token => token.key.indexOf(id) === 0)
       if (matches.length === 1) {
         toRemove.push(matches[0].key)
@@ -123,12 +131,16 @@ class Token extends BaseCommand {
 
         toRemove.push(id)
       }
-    })
-    await Promise.all(
-      toRemove.map(key => {
-        return otplease(this.npm, opts, c => removeToken(key, c))
-      })
-    )
+    }
+    for (const tokenKey of toRemove) {
+      await otplease(this.npm, this.npm.flatOptions, opts =>
+        fetch(`/-/npm/v1/tokens/token/${tokenKey}`, {
+          ...opts,
+          method: 'DELETE',
+          ignoreBody: true,
+        })
+      )
+    }
     if (json) {
       output.buffer(toRemove)
     } else if (parseable) {
@@ -204,10 +216,12 @@ class Token extends BaseCommand {
     }
 
     log.info('token', 'creating')
-    const result = await otplease(
-      this.npm,
-      { ...this.npm.flatOptions },
-      c => createGatToken(tokenData, c)
+    const result = await otplease(this.npm, this.npm.flatOptions, opts =>
+      fetch.json('/-/npm/v1/tokens', {
+        ...opts,
+        method: 'POST',
+        body: tokenData,
+      })
     )
     delete result.key
     delete result.updated

mock-registry/lib/index.js

@@ -442,7 +442,7 @@ class MockRegistry {
   }
 
   getTokens (tokens) {
-    return this.nock.get('/-/npm/v1/tokens')
+    return this.nock.get(this.fullPath('/-/npm/v1/tokens'))
       .reply(200, {
         objects: tokens,
         urls: {},
@@ -451,19 +451,26 @@ class MockRegistry {
       })
   }
 
-  createToken ({ password, readonly = false, cidr = [] }) {
-    return this.nock.post('/-/npm/v1/tokens', {
-      password,
-      readonly,
-      cidr_whitelist: cidr,
-    }).reply(200, {
-      key: 'n3wk3y',
-      token: 'n3wt0k3n',
-      created: new Date(),
-      updated: new Date(),
-      readonly,
-      cidr_whitelist: cidr,
-    })
+  // The server has rules for what resultData correlates with what tokenData but we don't need to be 100% in sync with that, we just need to be able to pass all of the possible tokenData attributes, and be able to accept all of the possible resultData attributes
+  createToken (tokenData, resultData = {}) {
+    return this.nock.post(this.fullPath('/-/npm/v1/tokens'), tokenData)
+      .reply(201, {
+        id: `0xdeadbeef`,
+        key: 'n3wk3y',
+        token: 'n3wt0k3n',
+        created: new Date(),
+        updated: new Date(),
+        access: 'read-only',
+        name: tokenData.name,
+        password: tokenData.password,
+        ...resultData
+      })
+  }
+
+  revokeToken (token) {
+    return this.nock.delete(
+      this.fullPath(`/-/npm/v1/tokens/token/${token}`)
+    ).reply(200)
   }
 
   async package ({ manifest, times = 1, query, tarballs }) {