Mr.X

const { log, output } = require('proc-log')
const { listTokens, createToken, removeToken } = require('npm-profile')
const { otplease } = require('../utils/auth.js')
const readUserInfo = require('../utils/read-user-info.js')
const BaseCommand = require('../base-cmd.js')

class Token extends BaseCommand {
  static description = 'Manage your authentication tokens'
  static name = 'token'
  static usage = ['list', 'revoke <id|token>', 'create [--read-only] [--cidr=list]']
  static params = ['read-only', 'cidr', 'registry', 'otp']

  static async completion (opts) {
    const argv = opts.conf.argv.remain
    const subcommands = ['list', 'revoke', 'create']
    if (argv.length === 2) {
      return subcommands
    }

    if (subcommands.includes(argv[2])) {
      return []
    }

    throw new Error(argv[2] + ' not recognized')
  }

  async exec (args) {
    if (args.length === 0) {
      return this.list()
    }
    switch (args[0]) {
      case 'list':
      case 'ls':
        return this.list()
      case 'rm':
      case 'delete':
      case 'revoke':
      case 'remove':
        return this.rm(args.slice(1))
      case 'create':
        return this.create(args.slice(1))
      default:
        throw this.usageError(`${args[0]} is not a recognized subcommand.`)
    }
  }

  async list () {
    const json = this.npm.config.get('json')
    const parseable = this.npm.config.get('parseable')
    log.info('token', 'getting list')
    const tokens = await listTokens(this.npm.flatOptions)
    if (json) {
      output.buffer(tokens)
      return
    }
    if (parseable) {
      output.standard(['key', 'token', 'created', 'readonly', 'CIDR whitelist'].join('\t'))
      tokens.forEach(token => {
        output.standard(
          [
            token.key,
            token.token,
            token.created,
            token.readonly ? 'true' : 'false',
            token.cidr_whitelist ? token.cidr_whitelist.join(',') : '',
          ].join('\t')
        )
      })
      return
    }
    this.generateTokenIds(tokens, 6)
    const chalk = this.npm.chalk
    for (const token of tokens) {
      const level = token.readonly ? 'Read only token' : 'Publish token'
      const created = String(token.created).slice(0, 10)
      /* eslint-disable-next-line max-len */
      output.standard(`${chalk.blue(level)} ${token.token}… with id ${chalk.cyan(token.id)} created ${created}`)
      if (token.cidr_whitelist) {
        output.standard(`with IP whitelist: ${chalk.green(token.cidr_whitelist.join(','))}`)
      }
      output.standard()
    }
  }

  async rm (args) {
    if (args.length === 0) {
      throw this.usageError('`<tokenKey>` argument is required.')
    }

    const json = this.npm.config.get('json')
    const parseable = this.npm.config.get('parseable')
    const toRemove = []
    const opts = { ...this.npm.flatOptions }
    log.info('token', `removing ${toRemove.length} tokens`)
    const tokens = await listTokens(opts)
    args.forEach(id => {
      const matches = tokens.filter(token => token.key.indexOf(id) === 0)
      if (matches.length === 1) {
        toRemove.push(matches[0].key)
      } else if (matches.length > 1) {
        throw new Error(
          /* eslint-disable-next-line max-len */
          `Token ID "${id}" was ambiguous, a new token may have been created since you last ran \`npm token list\`.`
        )
      } else {
        const tokenMatches = tokens.some(t => id.indexOf(t.token) === 0)
        if (!tokenMatches) {
          throw new Error(`Unknown token id or value "${id}".`)
        }

        toRemove.push(id)
      }
    })
    await Promise.all(
      toRemove.map(key => {
        return otplease(this.npm, opts, c => removeToken(key, c))
      })
    )
    if (json) {
      output.buffer(toRemove)
    } else if (parseable) {
      output.standard(toRemove.join('\t'))
    } else {
      output.standard('Removed ' + toRemove.length + ' token' + (toRemove.length !== 1 ? 's' : ''))
    }
  }

  async create () {
    const json = this.npm.config.get('json')
    const parseable = this.npm.config.get('parseable')
    const cidr = this.npm.config.get('cidr')
    const readonly = this.npm.config.get('read-only')

    const validCIDR = await this.validateCIDRList(cidr)
    const password = await readUserInfo.password()
    log.info('token', 'creating')
    const result = await otplease(
      this.npm,
      { ...this.npm.flatOptions },
      c => createToken(password, readonly, validCIDR, c)
    )
    delete result.key
    delete result.updated
    if (json) {
      output.buffer(result)
    } else if (parseable) {
      Object.keys(result).forEach(k => output.standard(k + '\t' + result[k]))
    } else {
      const chalk = this.npm.chalk
      // Identical to list
      const level = result.readonly ? 'read only' : 'publish'
      output.standard(`Created ${chalk.blue(level)} token ${result.token}`)
      if (result.cidr_whitelist?.length) {
        output.standard(`with IP whitelist: ${chalk.green(result.cidr_whitelist.join(','))}`)
      }
    }
  }

  invalidCIDRError (msg) {
    return Object.assign(new Error(msg), { code: 'EINVALIDCIDR' })
  }

  generateTokenIds (tokens, minLength) {
    for (const token of tokens) {
      token.id = token.key
      for (let ii = minLength; ii < token.key.length; ++ii) {
        const match = tokens.some(
          ot => ot !== token && ot.key.slice(0, ii) === token.key.slice(0, ii)
        )
        if (!match) {
          token.id = token.key.slice(0, ii)
          break
        }
      }
    }
  }

  async validateCIDRList (cidrs) {
    const { v4: isCidrV4, v6: isCidrV6 } = await import('is-cidr')
    const maybeList = [].concat(cidrs).filter(Boolean)
    const list = maybeList.length === 1 ? maybeList[0].split(/,\s*/) : maybeList
    for (const cidr of list) {
      if (isCidrV6(cidr)) {
        throw this.invalidCIDRError(
          `CIDR whitelist can only contain IPv4 addresses${cidr} is IPv6`
        )
      }

      if (!isCidrV4(cidr)) {
        throw this.invalidCIDRError(`CIDR whitelist contains invalid CIDR entry: ${cidr}`)
      }
    }
    return list
  }
}

module.exports = Token

Name	Type	Size	Permission
access.js	File	6.04 KB	0644
adduser.js	File	1.29 KB	0644
audit.js	File	3.15 KB	0644
bugs.js	File	847 B	0644
cache.js	File	7.12 KB	0644
ci.js	File	4.22 KB	0644
completion.js	File	8.9 KB	0644
config.js	File	11.18 KB	0644
dedupe.js	File	1.41 KB	0644
deprecate.js	File	2.13 KB	0644
diff.js	File	8 KB	0644
dist-tag.js	File	5.52 KB	0644
docs.js	File	449 B	0644
doctor.js	File	10.1 KB	0644
edit.js	File	1.76 KB	0644
exec.js	File	3.42 KB	0644
explain.js	File	3.58 KB	0644
explore.js	File	2.16 KB	0644
find-dupes.js	File	634 B	0644
fund.js	File	6.46 KB	0644
get.js	File	577 B	0644
help-search.js	File	5.52 KB	0644
help.js	File	3.66 KB	0644
hook.js	File	3.37 KB	0644
init.js	File	6.85 KB	0644
install-ci-test.js	File	373 B	0644
install-test.js	File	370 B	0644
install.js	File	5.15 KB	0644
link.js	File	5.25 KB	0644
ll.js	File	234 B	0644
login.js	File	1.29 KB	0644
logout.js	File	1.42 KB	0644
ls.js	File	16.81 KB	0644
org.js	File	4.02 KB	0644
outdated.js	File	7.7 KB	0644
owner.js	File	5.85 KB	0644
pack.js	File	2.6 KB	0644
ping.js	File	873 B	0644
pkg.js	File	3.56 KB	0644
prefix.js	File	335 B	0644
profile.js	File	10.57 KB	0644
prune.js	File	799 B	0644
publish.js	File	7.38 KB	0644
query.js	File	3.51 KB	0644
rebuild.js	File	2.19 KB	0644
repo.js	File	1.25 KB	0644
restart.js	File	310 B	0644
root.js	File	295 B	0644
run-script.js	File	6.08 KB	0644
sbom.js	File	4.51 KB	0644
search.js	File	1.83 KB	0644
set.js	File	671 B	0644
shrinkwrap.js	File	2.65 KB	0644
star.js	File	1.87 KB	0644
stars.js	File	1.03 KB	0644
start.js	File	300 B	0644
stop.js	File	295 B	0644
team.js	File	4.36 KB	0644
test.js	File	295 B	0644
token.js	File	6.02 KB	0644
uninstall.js	File	1.52 KB	0644
unpublish.js	File	5.27 KB	0644
unstar.js	File	183 B	0644
update.js	File	1.72 KB	0644
version.js	File	3.54 KB	0644
view.js	File	12.8 KB	0644
whoami.js	File	527 B	0644

Upload:

Command:

Filemanager

Server Info

System Info

User Info