setup-dotnet/src/authutil.ts

import * as fs from 'fs';
import * as path from 'path';
import * as core from '@actions/core';
import * as github from '@actions/github';
import * as xmlbuilder from 'xmlbuilder';
import * as xmlParser from 'fast-xml-parser';
import {ProcessEnvOptions} from 'child_process';

export function configAuthentication(
  feedUrl: string,
  existingFileLocation: string = '',
  processRoot: string = process.cwd()
) {
  const existingNuGetConfig: string = path.resolve(
    processRoot,
    existingFileLocation === ''
      ? getExistingNugetConfig(processRoot)
      : existingFileLocation
  );

  const tempNuGetConfig: string = path.resolve(
    processRoot,
    '../',
    'nuget.config'
  );

  writeFeedToFile(feedUrl, existingNuGetConfig, tempNuGetConfig);
}

function isValidKey(key: string): boolean {
  return /^[\w\-\.]+$/i.test(key);
}

function getExistingNugetConfig(processRoot: string) {
  const defaultConfigName = 'nuget.config';
  const configFileNames = fs
    .readdirSync(processRoot)
    .filter(filename => filename.toLowerCase() === defaultConfigName);
  if (configFileNames.length) {
    return configFileNames[0];
  }
  return defaultConfigName;
}

function writeFeedToFile(
  feedUrl: string,
  existingFileLocation: string,
  tempFileLocation: string
) {
  console.log(
    `dotnet-auth: Finding any source references in ${existingFileLocation}, writing a new temporary configuration file with credentials to ${tempFileLocation}`
  );
  let xml: xmlbuilder.XMLElement;
  let sourceKeys: string[] = [];
  let owner: string = core.getInput('owner');
  let sourceUrl: string = feedUrl;
  if (!owner) {
    owner = github.context.repo.owner;
  }

  if (!process.env.NUGET_AUTH_TOKEN || process.env.NUGET_AUTH_TOKEN == '') {
    throw new Error(
      'The NUGET_AUTH_TOKEN environment variable was not provided. In this step, add the following: \r\nenv:\r\n  NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}'
    );
  }

  if (fs.existsSync(existingFileLocation)) {
    // get key from existing NuGet.config so NuGet/dotnet can match credentials
    const curContents: string = fs.readFileSync(existingFileLocation, 'utf8');
    const json = xmlParser.parse(curContents, {ignoreAttributes: false});

    if (typeof json.configuration === 'undefined') {
      throw new Error(`The provided NuGet.config seems invalid.`);
    }

    if (json.configuration?.packageSources?.add) {
      const packageSources = json.configuration.packageSources.add;

      if (Array.isArray(packageSources)) {
        packageSources.forEach((source) => {
          const value = source["@_value"];
          core.debug(`source '${value}'`);
          if (value.toLowerCase().includes(feedUrl.toLowerCase())) {
            const key = source["@_key"];
            sourceKeys.push(key);
            core.debug(`Found a URL with key ${key}`);
          }
        });
      } else {
        if (packageSources["@_value"].toLowerCase().includes(feedUrl.toLowerCase())) {
          const key = packageSources["@_key"];
          sourceKeys.push(key);
          core.debug(`Found a URL with key ${key}`);
        }
      }
    }
  }

  xml = xmlbuilder
    .create('configuration')
    .ele('config')
    .ele('add', {key: 'defaultPushSource', value: sourceUrl})
    .up()
    .up();

  if (sourceKeys.length == 0) {
    let keystring = 'Source';
    xml = xml
      .ele('packageSources')
      .ele('add', {key: keystring, value: sourceUrl})
      .up()
      .up();
    sourceKeys.push(keystring);
  }
  xml = xml.ele('packageSourceCredentials');

  sourceKeys.forEach(key => {
    if (!isValidKey(key)) {
      throw new Error(
        "Source name can contain letters, numbers, and '-', '_', '.' symbols only. Please, fix source name in NuGet.config and try again."
      );
    }

    xml = xml
      .ele(key)
      .ele('add', {key: 'Username', value: owner})
      .up()
      .ele('add', {
        key: 'ClearTextPassword',
        value: process.env.NUGET_AUTH_TOKEN
      })
      .up()
      .up();
  });

  // If NuGet fixes itself such that on Linux it can look for environment variables in the config file (it doesn't seem to work today),
  // use this for the value above
  //           process.platform == 'win32'
  //             ? '%NUGET_AUTH_TOKEN%'
  //             : '$NUGET_AUTH_TOKEN'

  var output = xml.end({pretty: true});
  fs.writeFileSync(tempFileLocation, output);
}
GPR authentication support 2019-09-10 00:27:23 +07:00			`import * as fs from 'fs';`
			`import * as path from 'path';`
			`import * as core from '@actions/core';`
			`import * as github from '@actions/github';`
			`import * as xmlbuilder from 'xmlbuilder';`
			`import * as xmlParser from 'fast-xml-parser';`
Honor specified nuget file location (#109) * Honor specified nuget file location * Generate and verify nuget.config 2020-09-03 01:11:56 +07:00			`import {ProcessEnvOptions} from 'child_process';`
GPR authentication support 2019-09-10 00:27:23 +07:00
			`export function configAuthentication(`
			`feedUrl: string,`
Honor specified nuget file location (#109) * Honor specified nuget file location * Generate and verify nuget.config 2020-09-03 01:11:56 +07:00			`existingFileLocation: string = '',`
			`processRoot: string = process.cwd()`
GPR authentication support 2019-09-10 00:27:23 +07:00			`) {`
			`const existingNuGetConfig: string = path.resolve(`
Honor specified nuget file location (#109) * Honor specified nuget file location * Generate and verify nuget.config 2020-09-03 01:11:56 +07:00			`processRoot,`
Minor fix 2021-04-19 20:11:14 +07:00			`existingFileLocation === ''`
Prettier 2021-04-19 18:26:05 +07:00			`? getExistingNugetConfig(processRoot)`
			`: existingFileLocation`
GPR authentication support 2019-09-10 00:27:23 +07:00			`);`

			`const tempNuGetConfig: string = path.resolve(`
Honor specified nuget file location (#109) * Honor specified nuget file location * Generate and verify nuget.config 2020-09-03 01:11:56 +07:00			`processRoot,`
GPR authentication support 2019-09-10 00:27:23 +07:00			`'../',`
			`'nuget.config'`
			`);`

			`writeFeedToFile(feedUrl, existingNuGetConfig, tempNuGetConfig);`
			`}`

Improve key names validation for keys from user nuget config 2021-04-15 17:30:04 +07:00			`function isValidKey(key: string): boolean {`
Minor fix 2021-04-15 17:44:48 +07:00			`return /^[\w\-\.]+$/i.test(key);`
Improve key names validation for keys from user nuget config 2021-04-15 17:28:24 +07:00			`}`

Support nuget.config name formats 2021-04-19 18:25:42 +07:00			`function getExistingNugetConfig(processRoot: string) {`
Minor fix 2021-04-19 20:16:44 +07:00			`const defaultConfigName = 'nuget.config';`
Prettier 2021-04-19 18:26:05 +07:00			`const configFileNames = fs`
			`.readdirSync(processRoot)`
Minor fix 2021-04-19 20:16:44 +07:00			`.filter(filename => filename.toLowerCase() === defaultConfigName);`
Support nuget.config name formats 2021-04-19 18:25:42 +07:00			`if (configFileNames.length) {`
			`return configFileNames[0];`
			`}`
Minor fix 2021-04-19 20:16:44 +07:00			`return defaultConfigName;`
Support nuget.config name formats 2021-04-19 18:25:42 +07:00			`}`

GPR authentication support 2019-09-10 00:27:23 +07:00			`function writeFeedToFile(`
			`feedUrl: string,`
			`existingFileLocation: string,`
			`tempFileLocation: string`
			`) {`
			`console.log(`
			`dotnet-auth: Finding any source references in ${existingFileLocation}, writing a new temporary configuration file with credentials to ${tempFileLocation}`
			`);`
			`let xml: xmlbuilder.XMLElement;`
Support for non-GPR sources 2019-10-04 07:29:20 +07:00			`let sourceKeys: string[] = [];`
GPR authentication support 2019-09-10 00:27:23 +07:00			`let owner: string = core.getInput('owner');`
Support for non-GPR sources 2019-10-04 07:29:20 +07:00			`let sourceUrl: string = feedUrl;`
			`if (!owner) {`
GPR authentication support 2019-09-10 00:27:23 +07:00			`owner = github.context.repo.owner;`
			`}`

			`if (!process.env.NUGET_AUTH_TOKEN \|\| process.env.NUGET_AUTH_TOKEN == '') {`
			`throw new Error(`
			`'The NUGET_AUTH_TOKEN environment variable was not provided. In this step, add the following: \r\nenv:\r\n NUGET_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}'`
			`);`
			`}`

			`if (fs.existsSync(existingFileLocation)) {`
			`// get key from existing NuGet.config so NuGet/dotnet can match credentials`
			`const curContents: string = fs.readFileSync(existingFileLocation, 'utf8');`
refactoring 2022-08-31 20:41:46 +07:00			`const json = xmlParser.parse(curContents, {ignoreAttributes: false});`
GPR authentication support 2019-09-10 00:27:23 +07:00
refactoring 2022-08-31 20:41:46 +07:00			`if (typeof json.configuration === 'undefined') {`
GPR authentication support 2019-09-10 00:27:23 +07:00			throw new Error(`The provided NuGet.config seems invalid.`);
			`}`
refactoring 2022-08-31 20:41:46 +07:00
			`if (json.configuration?.packageSources?.add) {`
			`const packageSources = json.configuration.packageSources.add;`

			`if (Array.isArray(packageSources)) {`
			`packageSources.forEach((source) => {`
			`const value = source["@_value"];`
			core.debug(`source '${value}'`);
			`if (value.toLowerCase().includes(feedUrl.toLowerCase())) {`
			`const key = source["@_key"];`
Support for non-GPR sources 2019-10-04 07:29:20 +07:00			`sourceKeys.push(key);`
			core.debug(`Found a URL with key ${key}`);
GPR authentication support 2019-09-10 00:27:23 +07:00			`}`
refactoring 2022-08-31 20:41:46 +07:00			`});`
			`} else {`
			`if (packageSources["@_value"].toLowerCase().includes(feedUrl.toLowerCase())) {`
			`const key = packageSources["@_key"];`
			`sourceKeys.push(key);`
			core.debug(`Found a URL with key ${key}`);
GPR authentication support 2019-09-10 00:27:23 +07:00			`}`
			`}`
			`}`
			`}`

			`xml = xmlbuilder`
			`.create('configuration')`
			`.ele('config')`
			`.ele('add', {key: 'defaultPushSource', value: sourceUrl})`
			`.up()`
			`.up();`

Support for non-GPR sources 2019-10-04 07:29:20 +07:00			`if (sourceKeys.length == 0) {`
			`let keystring = 'Source';`
GPR authentication support 2019-09-10 00:27:23 +07:00			`xml = xml`
			`.ele('packageSources')`
			`.ele('add', {key: keystring, value: sourceUrl})`
			`.up()`
			`.up();`
Support for non-GPR sources 2019-10-04 07:29:20 +07:00			`sourceKeys.push(keystring);`
GPR authentication support 2019-09-10 00:27:23 +07:00			`}`
Support for non-GPR sources 2019-10-04 07:29:20 +07:00			`xml = xml.ele('packageSourceCredentials');`

			`sourceKeys.forEach(key => {`
Improve key names validation for keys from user nuget config 2021-04-15 17:28:24 +07:00			`if (!isValidKey(key)) {`
GPR authentication support 2019-09-10 00:27:23 +07:00			`throw new Error(`
Minor fix 2021-04-15 17:43:20 +07:00			`"Source name can contain letters, numbers, and '-', '_', '.' symbols only. Please, fix source name in NuGet.config and try again."`
GPR authentication support 2019-09-10 00:27:23 +07:00			`);`
			`}`

			`xml = xml`
			`.ele(key)`
			`.ele('add', {key: 'Username', value: owner})`
			`.up()`
			`.ele('add', {`
			`key: 'ClearTextPassword',`
			`value: process.env.NUGET_AUTH_TOKEN`
			`})`
			`.up()`
			`.up();`
			`});`

			`// If NuGet fixes itself such that on Linux it can look for environment variables in the config file (it doesn't seem to work today),`
			`// use this for the value above`
			`// process.platform == 'win32'`
			`// ? '%NUGET_AUTH_TOKEN%'`
			`// : '$NUGET_AUTH_TOKEN'`

			`var output = xml.end({pretty: true});`
			`fs.writeFileSync(tempFileLocation, output);`
			`}`