diff --git a/README.md b/README.md index cc021e652a6..26f0fc215b7 100644 --- a/README.md +++ b/README.md @@ -530,6 +530,17 @@ NVM_IOJS_ORG_MIRROR=https://iojs.org/dist nvm install iojs-v1.0.3 `nvm use` will not, by default, create a "current" symlink. Set `$NVM_SYMLINK_CURRENT` to "true" to enable this behavior, which is sometimes useful for IDEs. Note that using `nvm` in multiple shell tabs with this environment variable enabled can cause race conditions. +#### Pass Authorization header to mirror +To pass an Authorization header through to the mirror url, set `$NVM_AUTH_HEADER` + +```sh +export NVM_NODEJS_ORG_MIRROR=https://nodejs.org/dist +export NVM_AUTH_HEADER="Bearer secret-token" +nvm install node + +NVM_NODEJS_ORG_MIRROR=https://nodejs.org/dist NVM_AUTH_HEADER="Bearer secret-token" nvm install 4.2 +``` + ### .nvmrc You can create a `.nvmrc` file containing a node version number (or any other string that `nvm` understands; see `nvm --help` for details) in the project root directory (or any parent directory). diff --git a/nvm.sh b/nvm.sh index 6dc779eb2c2..39f8705c712 100644 --- a/nvm.sh +++ b/nvm.sh @@ -116,12 +116,20 @@ nvm_get_latest() { } nvm_download() { - local CURL_COMPRESSED_FLAG if nvm_has "curl"; then + local CURL_COMPRESSED_FLAG="" + local CURL_HEADER_FLAG="" + + if [ -n "$NVM_AUTH_HEADER" ]; then + sanitized_header=$(nvm_sanitize_auth_header "$NVM_AUTH_HEADER") + CURL_HEADER_FLAG="--header \"Authorization: $sanitized_header\"" + fi + if nvm_curl_use_compression; then - CURL_COMPRESSED_FLAG="--compressed" + CURL_COMPRESSED_FLAG="--compressed" fi - curl --fail ${CURL_COMPRESSED_FLAG:-} -q "$@" + + eval "curl -q --fail ${CURL_COMPRESSED_FLAG:-} ${CURL_HEADER_FLAG:-} $@" elif nvm_has "wget"; then # Emulate curl with wget ARGS=$(nvm_echo "$@" | command sed -e 's/--progress-bar /--progress=bar /' \ @@ -133,11 +141,20 @@ nvm_download() { -e 's/-sS /-nv /' \ -e 's/-o /-O /' \ -e 's/-C - /-c /') + + if [ -n "$NVM_AUTH_HEADER" ]; then + ARGS="$ARGS --header \"$NVM_AUTH_HEADER\"" + fi # shellcheck disable=SC2086 eval wget $ARGS fi } +nvm_sanitize_auth_header() { + # Remove potentially dangerous characters + echo "$1" | sed 's/[^a-zA-Z0-9:;_. -]//g' +} + nvm_has_system_node() { [ "$(nvm deactivate >/dev/null 2>&1 && command -v node)" != '' ] } @@ -4357,7 +4374,7 @@ nvm() { nvm_sanitize_path nvm_has_colors nvm_process_parameters \ nvm_node_version_has_solaris_binary nvm_iojs_version_has_solaris_binary \ nvm_curl_libz_support nvm_command_info nvm_is_zsh nvm_stdout_is_terminal \ - nvm_npmrc_bad_news_bears \ + nvm_npmrc_bad_news_bears nvm_sanitize_auth_header \ nvm_get_colors nvm_set_colors nvm_print_color_code nvm_wrap_with_color_code nvm_format_help_message_colors \ nvm_echo_with_colors nvm_err_with_colors \ nvm_get_artifact_compression nvm_install_binary_extract nvm_extract_tarball \ diff --git a/test/fast/Unit tests/nvm_download b/test/fast/Unit tests/nvm_download index 3afd76cc2df..201b59c0d9e 100644 --- a/test/fast/Unit tests/nvm_download +++ b/test/fast/Unit tests/nvm_download @@ -1,7 +1,8 @@ #!/bin/sh cleanup () { - unset -f die cleanup + unset -f die cleanup NVM_AUTH_HEADER + docker stop httpbin && docker rm httpbin } die () { echo "$@" ; cleanup ; exit 1; } @@ -15,4 +16,12 @@ nvm_download "https://raw.githubusercontent.com/nvm-sh/nvm/HEAD/install.sh" >/de # nvm_download should fail to download wrong_install.sh ! nvm_download "https://raw.githubusercontent.com/nvm-sh/nvm/HEAD/wrong_install.sh" >/dev/null || die "nvm_download should fail to download no existing file" +# nvm_download should pass when calling with auth header +docker pull kennethreitz/httpbin && docker run -d --name httpbin -p 80:80 kennethreitz/httpbin +sleep 1 # wait for httpbin to start +NVM_AUTH_HEADER="Bearer test-token" +nvm_download "http://127.0.0.1/bearer" > /dev/null || die "nvm_download unable to send auth header" +unset NVM_AUTH_HEADER +docker stop httpbin && docker rm httpbin + cleanup