n8n/packages/core/src/Credentials.ts

import { Container } from 'typedi';
import type { ICredentialDataDecryptedObject, ICredentialsEncrypted } from 'n8n-workflow';
import { ICredentials, jsonParse } from 'n8n-workflow';
import { Cipher } from './Cipher';

export class Credentials extends ICredentials {
	private readonly cipher = Container.get(Cipher);

	/**
	 * Returns if the given nodeType has access to data
	 */
	hasNodeAccess(nodeType: string): boolean {
		for (const accessData of this.nodesAccess) {
			if (accessData.nodeType === nodeType) {
				return true;
			}
		}

		return false;
	}

	/**
	 * Sets new credential object
	 */
	setData(data: ICredentialDataDecryptedObject): void {
		this.data = this.cipher.encrypt(data);
	}

	/**
	 * Returns the decrypted credential object
	 */
	getData(nodeType?: string): ICredentialDataDecryptedObject {
		if (nodeType && !this.hasNodeAccess(nodeType)) {
			throw new Error(
				`The node of type "${nodeType}" does not have access to credentials "${this.name}" of type "${this.type}".`,
			);
		}

		if (this.data === undefined) {
			throw new Error('No data is set so nothing can be returned.');
		}

		const decryptedData = this.cipher.decrypt(this.data);

		try {
			return jsonParse(decryptedData);
		} catch (e) {
			throw new Error(
				'Credentials could not be decrypted. The likely reason is that a different "encryptionKey" was used to encrypt the data.',
			);
		}
	}

	/**
	 * Returns the encrypted credentials to be saved
	 */
	getDataToSave(): ICredentialsEncrypted {
		if (this.data === undefined) {
			throw new Error('No credentials were set to save.');
		}

		return {
			id: this.id,
			name: this.name,
			type: this.type,
			data: this.data,
			nodesAccess: this.nodesAccess,
		};
	}
}
refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`import { Container } from 'typedi';`
			`import type { ICredentialDataDecryptedObject, ICredentialsEncrypted } from 'n8n-workflow';`
			`import { ICredentials, jsonParse } from 'n8n-workflow';`
			`import { Cipher } from './Cipher';`
Initial commit to release 2019-06-23 03:35:23 -07:00
:zap: Make it possible to set credentials to fixed values 2020-01-25 23:48:38 -08:00			`export class Credentials extends ICredentials {`
refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`private readonly cipher = Container.get(Cipher);`

Initial commit to release 2019-06-23 03:35:23 -07:00			`/**`
			`* Returns if the given nodeType has access to data`
			`*/`
			`hasNodeAccess(nodeType: string): boolean {`
			`for (const accessData of this.nodesAccess) {`
			`if (accessData.nodeType === nodeType) {`
			`return true;`
			`}`
			`}`

			`return false;`
			`}`

			`/**`
			`* Sets new credential object`
			`*/`
refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`setData(data: ICredentialDataDecryptedObject): void {`
			`this.data = this.cipher.encrypt(data);`
Initial commit to release 2019-06-23 03:35:23 -07:00			`}`

			`/**`
			`* Returns the decrypted credential object`
			`*/`
refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`getData(nodeType?: string): ICredentialDataDecryptedObject {`
Initial commit to release 2019-06-23 03:35:23 -07:00			`if (nodeType && !this.hasNodeAccess(nodeType)) {`
			`throw new Error(`
			`The node of type "${nodeType}" does not have access to credentials "${this.name}" of type "${this.type}".`,
			`);`
			`}`

			`if (this.data === undefined) {`
			`throw new Error('No data is set so nothing can be returned.');`
			`}`

refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`const decryptedData = this.cipher.decrypt(this.data);`
Initial commit to release 2019-06-23 03:35:23 -07:00
			`try {`
refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`return jsonParse(decryptedData);`
Initial commit to release 2019-06-23 03:35:23 -07:00			`} catch (e) {`
:zap: Small tweaks to error and toast messages (#2142) Removed instances of "got" - aimed to make very small changes that arn't very stylistic/ opinionated just basic native english tweaks 2021-08-27 08:25:54 -07:00			`throw new Error(`
			`'Credentials could not be decrypted. The likely reason is that a different "encryptionKey" was used to encrypt the data.',`
			`);`
Initial commit to release 2019-06-23 03:35:23 -07:00			`}`
			`}`

			`/**`
			`* Returns the encrypted credentials to be saved`
			`*/`
			`getDataToSave(): ICredentialsEncrypted {`
			`if (this.data === undefined) {`
refactor: Lint for no unneeded backticks (#5057) (no-changelog) * :sparkles: Create rule `no-unneeded-backticks` * :shirt: Enable rule * :zap: Run rule on `cli` * :zap: Run rule on `core` * :zap: Run rule on `workflow` * :zap: Rule rule on `design-system` * :zap: Run rule on `node-dev` * :zap: Run rule on `editor-ui` * :zap: Run rule on `nodes-base` 2022-12-29 03:20:43 -08:00			`throw new Error('No credentials were set to save.');`
Initial commit to release 2019-06-23 03:35:23 -07:00			`}`

			`return {`
:zap: Change credentials structure (#2139) * :sparkles: change FE to handle new object type * 🚸 improve UX of handling invalid credentials * 🚧 WIP * :art: fix typescript issues * 🐘 add migrations for all supported dbs * ✏️ add description to migrations * :zap: add credential update on import * :zap: resolve after merge issues * :shirt: fix lint issues * :zap: check credentials on workflow create/update * update interface * :shirt: fix ts issues * :zap: adaption to new credentials UI * :bug: intialize cache on BE for credentials check * :bug: fix undefined oldCredentials * :bug: fix deleting credential * :bug: fix check for undefined keys * :bug: fix disabling edit in execution * :art: just show credential name on execution view * ✏️ remove TODO * :zap: implement review suggestions * :zap: add cache to getCredentialsByType * ⏪ use getter instead of cache * ✏️ fix variable name typo * 🐘 include waiting nodes to migrations * :bug: fix reverting migrations command * :zap: update typeorm command * :sparkles: create db:revert command * 👕 fix lint error Co-authored-by: Mutasem <mutdmour@gmail.com> 2021-10-13 15:21:00 -07:00			`id: this.id,`
Initial commit to release 2019-06-23 03:35:23 -07:00			`name: this.name,`
			`type: this.type,`
			`data: this.data,`
			`nodesAccess: this.nodesAccess,`
			`};`
			`}`
			`}`