fixes tests

Author: reggi

lib/commands/profile.js

@@ -249,7 +249,7 @@ class Profile extends BaseCommand {
     log.info('profile', 'Determine if tfa is pending')
     const userInfo = await get(conf)
 
-    if (!userInfo.tfa.pending && userInfo.tfa.mode === mode) {
+    if (!userInfo?.tfa?.pending && userInfo?.tfa?.mode === mode) {
       output.standard('Two factor authentication is already enabled and set to ' + mode)
       return
     }
@@ -312,7 +312,9 @@ class Profile extends BaseCommand {
     }
 
     log.info('profile', 'Setting two-factor authentication to ' + mode)
-    const challenge = await otplease(this.npm, conf, c => set(info, c))
+    const challenge = await otplease(this.npm, conf, async c => {
+      return await set(info, c)
+    })
 
     if (challenge.tfa && challenge.tfa.mode) {
       output.standard('Two factor authentication mode changed to: ' + mode)

lib/utils/auth.js

@@ -10,7 +10,6 @@ const otplease = async (npm, opts, fn) => {
     if (!process.stdin.isTTY || !process.stdout.isTTY) {
       throw err
     }
-
     // web otp
     if (err.code === 'EOTP' && err.body?.authUrl && err.body?.doneUrl) {
       const { token: otp } = await webAuthOpener(

test/lib/commands/profile.js

@@ -1,18 +1,25 @@
+const { inspect } = require('node:util')
 const t = require('tap')
 const mockNpm = require('../../fixtures/mock-npm')
+const tmock = require('../../fixtures/tmock')
 
-const mockProfile = async (t, { npmProfile, readUserInfo, qrcode, config, ...opts } = {}) => {
+const mockProfile = async (t, {
+  npmProfile, readUserInfo, qrcode, config, isTTY, ...opts } = {}) => {
+  const mockReadUserInfo = {
+    '{LIB}/utils/read-user-info.js': readUserInfo || {
+      async password () {},
+      async otp () {},
+    },
+  }
   const mocks = {
     'npm-profile': npmProfile || {
       async get () {},
       async set () {},
       async createToken () {},
     },
     'qrcode-terminal': qrcode || { generate: (url, cb) => cb() },
-    '{LIB}/utils/read-user-info.js': readUserInfo || {
-      async password () {},
-      async otp () {},
-    },
+    ...mockReadUserInfo,
+    '{LIB}/utils/auth.js': tmock(t, '{LIB}/utils/auth.js', mockReadUserInfo),
   }
 
   const mock = await mockNpm(t, {
@@ -22,6 +29,10 @@ const mockProfile = async (t, { npmProfile, readUserInfo, qrcode, config, ...opt
       color: false,
       ...config,
     },
+    globals: {
+      'process.stdin.isTTY': isTTY,
+      'process.stdout.isTTY': isTTY,
+    },
     mocks: {
       ...mocks,
       ...opts.mocks,
@@ -516,6 +527,12 @@ t.test('enable-2fa', async t => {
         t.match(pass, 'bar', 'should use password for basic auth')
         return {}
       },
+      async get () {
+        return {
+          userProfile,
+          tfa: null,
+        }
+      },
     }
 
     const { npm, profile } = await mockProfile(t, {
@@ -543,6 +560,12 @@ t.test('enable-2fa', async t => {
       async createToken () {
         return {}
       },
+      async get () {
+        return {
+          ...userProfile,
+          tfa: null,
+        }
+      },
     }
 
     const { npm, profile } = await mockProfile(t, {
@@ -577,7 +600,9 @@ t.test('enable-2fa', async t => {
   })
 
   t.test('from basic auth, asks for otp', async t => {
-    t.plan(9)
+    t.plan(10)
+
+    let setCallCount = 0
 
     const npmProfile = {
       async createToken (pass) {
@@ -588,18 +613,36 @@ t.test('enable-2fa', async t => {
         return userProfile
       },
       async set (newProfile) {
-        t.match(
-          newProfile,
-          {
+        setCallCount++
+        if (setCallCount === 1) {
+          t.match(
+            newProfile,
+            {
+              tfa: {
+                mode: 'auth-only',
+              },
+            },
+            'should set tfa mode on first call'
+          )
+          const err = new Error('One-time password required')
+          err.code = 'EOTP'
+          throw err
+        } else if (setCallCount === 2) {
+          t.match(
+            newProfile,
+            {
+              tfa: {
+                mode: 'auth-only',
+              },
+            },
+            'should set tfa mode'
+          )
+          return {
+            ...userProfile,
             tfa: {
               mode: 'auth-only',
             },
-          },
-          'should set tfa mode'
-        )
-        return {
-          ...userProfile,
-          tfa: null,
+          }
         }
       },
     }
@@ -612,14 +655,15 @@ t.test('enable-2fa', async t => {
       async otp (label) {
         t.equal(
           label,
-          'Enter one-time password: ',
+          'This operation requires a one-time password.\nEnter OTP:',
           'should ask for otp confirmation'
         )
         return '123456'
       },
     }
 
     const { npm, profile, result } = await mockProfile(t, {
+      isTTY: true,
       npmProfile,
       readUserInfo,
     })
@@ -817,12 +861,12 @@ t.test('enable-2fa', async t => {
 
     t.equal(
       result(),
-      'Two factor authentication mode changed to: auth-and-writes',
+      'Two factor authentication is already enabled and set to auth-and-writes',
       'should output success msg'
     )
   })
 
-  t.test('missing tfa from user profile', async t => {
+  t.test('errors when tfa is return null (not otpauth URL) and tfa is not setup already (with auth-only)', async t => {
     const npmProfile = {
       async get () {
         return {
@@ -847,7 +891,7 @@ t.test('enable-2fa', async t => {
       },
     }
 
-    const { npm, profile, result } = await mockProfile(t, {
+    const { npm, profile } = await mockProfile(t, {
       npmProfile,
       readUserInfo,
     })
@@ -856,16 +900,15 @@ t.test('enable-2fa', async t => {
       return { token: 'token' }
     }
 
-    await profile.exec(['enable-2fa', 'auth-only'])
-
-    t.equal(
-      result(),
-      'Two factor authentication mode changed to: auth-only',
-      'should output success msg'
-    )
+    await t.rejects(async () => {
+      await profile.exec(['enable-2fa', 'auth-only'])
+    }, new Error(
+      'Unknown error enabling two-factor authentication. Expected otpauth URL' +
+        ', got: ' + inspect(null)
+    ))
   })
 
-  t.test('defaults to auth-and-writes permission if no mode specified', async t => {
+  t.test('errors when tfa is return null (not otpauth URL) and tfa is not setup already', async t => {
     const npmProfile = {
       async get () {
         return {
@@ -890,7 +933,7 @@ t.test('enable-2fa', async t => {
       },
     }
 
-    const { npm, profile, result } = await mockProfile(t, {
+    const { npm, profile } = await mockProfile(t, {
       npmProfile,
       readUserInfo,
     })
@@ -899,12 +942,12 @@ t.test('enable-2fa', async t => {
       return { token: 'token' }
     }
 
-    await profile.exec(['enable-2fa'])
-    t.equal(
-      result(),
-      'Two factor authentication mode changed to: auth-and-writes',
-      'should enable 2fa with auth-and-writes permission'
-    )
+    await t.rejects(async () => {
+      await profile.exec(['enable-2fa'])
+    }, new Error(
+      'Unknown error enabling two-factor authentication. Expected otpauth URL' +
+        ', got: ' + inspect(null)
+    ))
   })
 })
 
@@ -929,23 +972,33 @@ t.test('disable-2fa', async t => {
   })
 
   t.test('requests otp', async t => {
-    const npmProfile = t => ({
-      async get () {
-        return userProfile
-      },
-      async set (newProfile) {
-        t.same(
-          newProfile,
-          {
-            tfa: {
-              password: 'password1234',
-              mode: 'disable',
-            },
-          },
-          'should send the new info for setting in profile'
-        )
-      },
-    })
+    const OTP_ERROR = Object.assign(new Error('One-time password required'), { code: 'EOTP' })
+
+    const npmProfile = (t) => {
+      let setCallCount = 0
+      return {
+        async get () {
+          return userProfile
+        },
+        async set (newProfile) {
+          setCallCount++
+          if (setCallCount === 1) {
+            throw OTP_ERROR
+          } else if (setCallCount === 2) {
+            t.same(
+              newProfile,
+              {
+                tfa: {
+                  password: 'password1234',
+                  mode: 'disable',
+                },
+              },
+              'should send the new info for setting in profile'
+            )
+          }
+        },
+      }
+    }
 
     const readUserInfo = t => ({
       async password () {
@@ -955,7 +1008,7 @@ t.test('disable-2fa', async t => {
       async otp (label) {
         t.equal(
           label,
-          'Enter one-time password: ',
+          'This operation requires a one-time password.\nEnter OTP:',
           'should ask for otp confirmation'
         )
         return '1234'
@@ -968,6 +1021,7 @@ t.test('disable-2fa', async t => {
       const { profile, result } = await mockProfile(t, {
         npmProfile: npmProfile(t),
         readUserInfo: readUserInfo(t),
+        isTTY: true,
       })
 
       await profile.exec(['disable-2fa'])
@@ -983,6 +1037,7 @@ t.test('disable-2fa', async t => {
         npmProfile: npmProfile(t),
         readUserInfo: readUserInfo(t),
         config,
+        isTTY: true,
       })
 
       await profile.exec(['disable-2fa'])
@@ -999,6 +1054,7 @@ t.test('disable-2fa', async t => {
         npmProfile: npmProfile(t),
         readUserInfo: readUserInfo(t),
         config,
+        isTTY: true,
       })
 
       await profile.exec(['disable-2fa'])