2023-03-09 09:13:15 -08:00
|
|
|
import type {
|
|
|
|
IExecuteFunctions,
|
|
|
|
ILoadOptionsFunctions,
|
|
|
|
IDataObject,
|
|
|
|
IHookFunctions,
|
|
|
|
JsonObject,
|
2024-02-14 07:29:09 -08:00
|
|
|
IHttpRequestMethods,
|
|
|
|
IRequestOptions,
|
2023-03-09 09:13:15 -08:00
|
|
|
} from 'n8n-workflow';
|
2023-01-27 03:22:44 -08:00
|
|
|
import { NodeApiError } from 'n8n-workflow';
|
2022-10-07 06:48:45 -07:00
|
|
|
|
2023-06-16 07:26:35 -07:00
|
|
|
import get from 'lodash/get';
|
2022-10-07 06:48:45 -07:00
|
|
|
|
|
|
|
import * as nacl_factory from 'js-nacl';
|
|
|
|
|
|
|
|
export async function venafiApiRequest(
|
2023-08-16 06:52:41 -07:00
|
|
|
this: IExecuteFunctions | ILoadOptionsFunctions | IHookFunctions,
|
2024-02-14 07:29:09 -08:00
|
|
|
method: IHttpRequestMethods,
|
2022-10-07 06:48:45 -07:00
|
|
|
resource: string,
|
|
|
|
body = {},
|
|
|
|
qs: IDataObject = {},
|
|
|
|
uri?: string,
|
|
|
|
option: IDataObject = {},
|
|
|
|
): Promise<any> {
|
2022-12-02 03:53:59 -08:00
|
|
|
const operation = this.getNodeParameter('operation', 0);
|
2023-11-11 07:35:56 -08:00
|
|
|
const credentials = await this.getCredentials('venafiTlsProtectCloudApi');
|
|
|
|
|
|
|
|
const region = credentials.region ?? 'cloud';
|
2022-10-07 06:48:45 -07:00
|
|
|
|
2024-02-14 07:29:09 -08:00
|
|
|
const options: IRequestOptions = {
|
2022-10-07 06:48:45 -07:00
|
|
|
headers: {
|
|
|
|
Accept: 'application/json',
|
|
|
|
'content-type': 'application/json',
|
|
|
|
},
|
|
|
|
method,
|
|
|
|
body,
|
|
|
|
qs,
|
2023-11-11 07:35:56 -08:00
|
|
|
uri: `https://api.venafi.${region}${resource}`,
|
2022-10-07 06:48:45 -07:00
|
|
|
json: true,
|
|
|
|
};
|
|
|
|
|
|
|
|
if (Object.keys(option).length) {
|
|
|
|
Object.assign(options, option);
|
|
|
|
}
|
|
|
|
|
|
|
|
// For cert download we don't need any headers
|
|
|
|
// If we remove for everything the key fetch fails
|
|
|
|
if (operation === 'download') {
|
|
|
|
// We need content-type for keystore
|
|
|
|
if (!resource.endsWith('keystore')) {
|
2022-12-02 12:54:28 -08:00
|
|
|
delete options.headers!.Accept;
|
|
|
|
delete options.headers!['content-type'];
|
2022-10-07 06:48:45 -07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
if (Object.keys(body).length === 0) {
|
|
|
|
delete options.body;
|
|
|
|
}
|
2022-12-23 10:09:52 -08:00
|
|
|
return await this.helpers.requestWithAuthentication.call(
|
|
|
|
this,
|
|
|
|
'venafiTlsProtectCloudApi',
|
|
|
|
options,
|
|
|
|
);
|
2022-10-07 06:48:45 -07:00
|
|
|
} catch (error) {
|
|
|
|
throw new NodeApiError(this.getNode(), error as JsonObject);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
export async function venafiApiRequestAllItems(
|
|
|
|
this: IExecuteFunctions | ILoadOptionsFunctions,
|
|
|
|
propertyName: string,
|
2024-02-14 07:29:09 -08:00
|
|
|
method: IHttpRequestMethods,
|
2022-10-07 06:48:45 -07:00
|
|
|
endpoint: string,
|
2022-12-02 06:25:21 -08:00
|
|
|
|
2023-02-27 19:39:43 -08:00
|
|
|
body: IDataObject = {},
|
2022-10-07 06:48:45 -07:00
|
|
|
query: IDataObject = {},
|
2023-02-27 19:39:43 -08:00
|
|
|
) {
|
2022-10-07 06:48:45 -07:00
|
|
|
const returnData: IDataObject[] = [];
|
|
|
|
|
|
|
|
let responseData;
|
|
|
|
|
|
|
|
do {
|
|
|
|
responseData = await venafiApiRequest.call(this, method, endpoint, body, query);
|
|
|
|
endpoint = get(responseData, '_links[0].Next');
|
2023-02-27 19:39:43 -08:00
|
|
|
returnData.push.apply(returnData, responseData[propertyName] as IDataObject[]);
|
2022-12-02 12:54:28 -08:00
|
|
|
} while (responseData._links?.[0].Next);
|
2022-10-07 06:48:45 -07:00
|
|
|
|
|
|
|
return returnData;
|
|
|
|
}
|
|
|
|
|
|
|
|
export async function encryptPassphrase(
|
|
|
|
this: IExecuteFunctions | ILoadOptionsFunctions,
|
|
|
|
certificateId: string,
|
|
|
|
passphrase: string,
|
|
|
|
storePassphrase: string,
|
|
|
|
) {
|
|
|
|
let dekHash = '';
|
|
|
|
const dekResponse = await venafiApiRequest.call(
|
|
|
|
this,
|
|
|
|
'GET',
|
|
|
|
`/outagedetection/v1/certificates/${certificateId}`,
|
|
|
|
);
|
|
|
|
|
|
|
|
if (dekResponse.dekHash) {
|
|
|
|
dekHash = dekResponse.dekHash;
|
|
|
|
}
|
|
|
|
|
|
|
|
let pubKey = '';
|
|
|
|
const pubKeyResponse = await venafiApiRequest.call(
|
|
|
|
this,
|
|
|
|
'GET',
|
|
|
|
`/v1/edgeencryptionkeys/${dekHash}`,
|
|
|
|
);
|
|
|
|
|
|
|
|
if (pubKeyResponse.key) {
|
|
|
|
pubKey = pubKeyResponse.key;
|
|
|
|
}
|
|
|
|
|
|
|
|
let encryptedKeyPass = '';
|
|
|
|
let encryptedKeyStorePass = '';
|
|
|
|
|
2022-12-02 12:54:28 -08:00
|
|
|
const promise = async () => {
|
2024-01-17 07:08:50 -08:00
|
|
|
return await new Promise((resolve, reject) => {
|
2022-10-07 06:48:45 -07:00
|
|
|
nacl_factory.instantiate((nacl: any) => {
|
|
|
|
try {
|
|
|
|
const passphraseUTF8 = nacl.encode_utf8(passphrase) as string;
|
|
|
|
const keyPassBuffer = nacl.crypto_box_seal(passphraseUTF8, Buffer.from(pubKey, 'base64'));
|
2023-02-27 19:39:43 -08:00
|
|
|
encryptedKeyPass = Buffer.from(keyPassBuffer as Buffer).toString('base64');
|
2022-10-07 06:48:45 -07:00
|
|
|
|
|
|
|
const storePassphraseUTF8 = nacl.encode_utf8(storePassphrase) as string;
|
|
|
|
const keyStorePassBuffer = nacl.crypto_box_seal(
|
|
|
|
storePassphraseUTF8,
|
|
|
|
Buffer.from(pubKey, 'base64'),
|
|
|
|
);
|
2023-02-27 19:39:43 -08:00
|
|
|
encryptedKeyStorePass = Buffer.from(keyStorePassBuffer as Buffer).toString('base64');
|
2022-10-07 06:48:45 -07:00
|
|
|
|
|
|
|
return resolve([encryptedKeyPass, encryptedKeyStorePass]);
|
|
|
|
} catch (error) {
|
|
|
|
return reject(error);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
});
|
|
|
|
};
|
2024-01-17 07:08:50 -08:00
|
|
|
return await promise();
|
2022-10-07 06:48:45 -07:00
|
|
|
}
|