module.exports = authenticationBeforeRequest; const btoa = require("btoa-lite"); const withAuthorizationPrefix = require("./with-authorization-prefix"); function authenticationBeforeRequest(state, options) { if (typeof state.auth === "string") { options.headers.authorization = withAuthorizationPrefix(state.auth); return; } if (state.auth.username) { const hash = btoa(`${state.auth.username}:${state.auth.password}`); options.headers.authorization = `Basic ${hash}`; if (state.otp) { options.headers["x-github-otp"] = state.otp; } return; } if (state.auth.clientId) { // There is a special case for OAuth applications, when `clientId` and `clientSecret` is passed as // Basic Authorization instead of query parameters. The only routes where that applies share the same // URL though: `/applications/:client_id/tokens/:access_token`. // // 1. [Check an authorization](https://developer.github.com/v3/oauth_authorizations/#check-an-authorization) // 2. [Reset an authorization](https://developer.github.com/v3/oauth_authorizations/#reset-an-authorization) // 3. [Revoke an authorization for an application](https://developer.github.com/v3/oauth_authorizations/#revoke-an-authorization-for-an-application) // // We identify by checking the URL. It must merge both "/applications/:client_id/tokens/:access_token" // as well as "/applications/123/tokens/token456" if (/\/applications\/:?[\w_]+\/tokens\/:?[\w_]+($|\?)/.test(options.url)) { const hash = btoa(`${state.auth.clientId}:${state.auth.clientSecret}`); options.headers.authorization = `Basic ${hash}`; return; } options.url += options.url.indexOf("?") === -1 ? "?" : "&"; options.url += `client_id=${state.auth.clientId}&client_secret=${state.auth.clientSecret}`; return; } return Promise.resolve() .then(() => { return state.auth(); }) .then(authorization => { options.headers.authorization = withAuthorizationPrefix(authorization); }); }