node/deps/npm/test/tap/legacy-no-auth-leak.js

'use strict'
var test = require('tap').test
var common = require('../common-tap.js')
var path = require('path')
var basepath = path.resolve(__dirname, path.basename(__filename, '.js'))
var Tacks = require('tacks')
var File = Tacks.File
var Dir = Tacks.Dir

var fixture = new Tacks(
  Dir({
    README: File(
      'just an npm test\n'
    ),
    'package.json': File({
      name: 'npm-test-no-auth-leak',
      version: '0.0.0',
      scripts: {
        test: 'node test.js'
      }
    }),
    '.npmrc': File(
      'auth=abc',
      'authCrypt=def',
      'password=xyz',
      '//registry.npmjs.org/:_authToken=nopenope'
    ),
    'test.js': File(
      'var authTokenKeys = Object.keys(process.env)\n' +
      '  .filter(function (key) { return /authToken/.test(key) })\n' +
      'console.log(JSON.stringify({\n' +
      '  password: process.env.npm_config__password || null,\n' +
      '  auth: process.env.npm_config__auth || null,\n' +
      '  authCrypt: process.env.npm_config__authCrypt || null ,\n' +
      '  authToken: authTokenKeys && process.env[authTokenKeys[0]] || null\n' +
      '}))'
    )
  })
)

test('setup', function (t) {
  setup()
  t.done()
})

test('no-auth-leak', function (t) {
  common.npm(['test'], {cwd: basepath}, function (err, code, stdout, stderr) {
    if (err) throw err
    t.is(code, 0, 'test ran ok')
    if (stderr) console.log(stderr)
    var matchResult = /^[^{]*(\{(?:.|\n)*\})[^}]*$/
    t.like(stdout, matchResult, 'got results with a JSON chunk in them')
    var stripped = stdout.replace(matchResult, '$1')
    var result = JSON.parse(stripped)
    t.is(result.password, null, 'password')
    t.is(result.auth, null, 'auth')
    t.is(result.authCrypt, null, 'authCrypt')
    t.is(result.authToken, null, 'authToken')
    t.end()
  })
})

test('cleanup', function (t) {
  cleanup()
  t.done()
})

function setup () {
  cleanup()
  fixture.create(basepath)
}

function cleanup () {
  fixture.remove(basepath)
}