setup-node/node_modules/@octokit/rest/plugins/authentication/before-request.js

module.exports = authenticationBeforeRequest

const btoa = require('btoa-lite')

const withAuthorizationPrefix = require('./with-authorization-prefix')

function authenticationBeforeRequest (state, options) {
  if (typeof state.auth === 'string') {
    options.headers['authorization'] = withAuthorizationPrefix(state.auth)

    // https://developer.github.com/v3/previews/#integrations
    if (/^bearer /i.test(state.auth) && !/machine-man/.test(options.headers['accept'])) {
      const acceptHeaders = options.headers['accept'].split(',')
        .concat('application/vnd.github.machine-man-preview+json')
      options.headers['accept'] = acceptHeaders.filter(Boolean).join(',')
    }

    return
  }

  if (state.auth.username) {
    const hash = btoa(`${state.auth.username}:${state.auth.password}`)
    options.headers['authorization'] = `Basic ${hash}`
    if (state.otp) {
      options.headers['x-github-otp'] = state.otp
    }
    return
  }

  if (state.auth.clientId) {
    // There is a special case for OAuth applications, when `clientId` and `clientSecret` is passed as
    // Basic Authorization instead of query parameters. The only routes where that applies share the same
    // URL though: `/applications/:client_id/tokens/:access_token`.
    //
    //  1. [Check an authorization](https://developer.github.com/v3/oauth_authorizations/#check-an-authorization)
    //  2. [Reset an authorization](https://developer.github.com/v3/oauth_authorizations/#reset-an-authorization)
    //  3. [Revoke an authorization for an application](https://developer.github.com/v3/oauth_authorizations/#revoke-an-authorization-for-an-application)
    //
    // We identify by checking the URL. It must merge both "/applications/:client_id/tokens/:access_token"
    // as well as "/applications/123/tokens/token456"
    if (/\/applications\/:?[\w_]+\/tokens\/:?[\w_]+($|\?)/.test(options.url)) {
      const hash = btoa(`${state.auth.clientId}:${state.auth.clientSecret}`)
      options.headers['authorization'] = `Basic ${hash}`
      return
    }

    options.url += options.url.indexOf('?') === -1 ? '?' : '&'
    options.url += `client_id=${state.auth.clientId}&client_secret=${state.auth.clientSecret}`
    return
  }

  return Promise.resolve()

    .then(() => {
      return state.auth()
    })

    .then((authorization) => {
      options.headers['authorization'] = withAuthorizationPrefix(authorization)
    })
}
Add auth support (#21) * Updates * Update * Update * Update * Update * Yarn sometimes prefers npmrc, so use same token * Description * Update readme * Feedback * Add type * new toolkit and scoped registries * npmrc in RUNNER_TEMP * Dont always auth * Try exporting blank token * Get auth working for now pending runner changes * Fix string interpolation for auth token. * Don't export both userconfigs * Update authutil.js * Add single quotes for authString * Fix the registry string. * Use userconfig and append trailing slash * Keep in root of repo * Try just adding auth token * Remove auth token * Try changes again * Add tests * Npm and GPR samples * Add types 2019-08-06 18:26:04 -04:00			`module.exports = authenticationBeforeRequest`

			`const btoa = require('btoa-lite')`

			`const withAuthorizationPrefix = require('./with-authorization-prefix')`

			`function authenticationBeforeRequest (state, options) {`
			`if (typeof state.auth === 'string') {`
			`options.headers['authorization'] = withAuthorizationPrefix(state.auth)`

			`// https://developer.github.com/v3/previews/#integrations`
			`if (/^bearer /i.test(state.auth) && !/machine-man/.test(options.headers['accept'])) {`
			`const acceptHeaders = options.headers['accept'].split(',')`
			`.concat('application/vnd.github.machine-man-preview+json')`
			`options.headers['accept'] = acceptHeaders.filter(Boolean).join(',')`
			`}`

			`return`
			`}`

			`if (state.auth.username) {`
			const hash = btoa(`${state.auth.username}:${state.auth.password}`)
			options.headers['authorization'] = `Basic ${hash}`
			`if (state.otp) {`
			`options.headers['x-github-otp'] = state.otp`
			`}`
			`return`
			`}`

			`if (state.auth.clientId) {`
			// There is a special case for OAuth applications, when `clientId` and `clientSecret` is passed as
			`// Basic Authorization instead of query parameters. The only routes where that applies share the same`
			// URL though: `/applications/:client_id/tokens/:access_token`.
			`//`
			`// 1. [Check an authorization](https://developer.github.com/v3/oauth_authorizations/#check-an-authorization)`
			`// 2. [Reset an authorization](https://developer.github.com/v3/oauth_authorizations/#reset-an-authorization)`
			`// 3. [Revoke an authorization for an application](https://developer.github.com/v3/oauth_authorizations/#revoke-an-authorization-for-an-application)`
			`//`
			`// We identify by checking the URL. It must merge both "/applications/:client_id/tokens/:access_token"`
			`// as well as "/applications/123/tokens/token456"`
			`if (/\/applications\/:?[\w_]+\/tokens\/:?[\w_]+($\|\?)/.test(options.url)) {`
			const hash = btoa(`${state.auth.clientId}:${state.auth.clientSecret}`)
			options.headers['authorization'] = `Basic ${hash}`
			`return`
			`}`

			`options.url += options.url.indexOf('?') === -1 ? '?' : '&'`
			options.url += `client_id=${state.auth.clientId}&client_secret=${state.auth.clientSecret}`
			`return`
			`}`

			`return Promise.resolve()`

			`.then(() => {`
			`return state.auth()`
			`})`

			`.then((authorization) => {`
			`options.headers['authorization'] = withAuthorizationPrefix(authorization)`
			`})`
			`}`