mirror of
https://github.com/n8n-io/n8n.git
synced 2024-12-24 20:24:05 -08:00
⚡ Parse single-line private key for Google service account (#2132)
* ⚡ Parse single-line private key * ✏️ Update description and placeholder * ⚡ Some improvements Co-authored-by: Jan Oberhauser <janober@users.noreply.github.com> Co-authored-by: Jan Oberhauser <jan.oberhauser@gmail.com>
This commit is contained in:
parent
231c760ef5
commit
26eac80d49
|
@ -17,18 +17,18 @@ export class GoogleApi implements ICredentialType {
|
|||
default: '',
|
||||
description: 'The Google Service account similar to user-808@project.iam.gserviceaccount.com.',
|
||||
required: true,
|
||||
|
||||
},
|
||||
{
|
||||
displayName: 'Private Key',
|
||||
name: 'privateKey',
|
||||
type: 'string',
|
||||
default: '',
|
||||
description: 'Use the multiline editor. Make sure there are exactly 3 lines.<br />-----BEGIN PRIVATE KEY-----<br />KEY IN A SINGLE LINE<br />-----END PRIVATE KEY-----',
|
||||
placeholder: '-----BEGIN PRIVATE KEY-----\nXIYEvQIBADANBg<...>0IhA7TMoGYPQc=\n-----END PRIVATE KEY-----\n',
|
||||
description: 'Enter the private key located in the JSON file downloaded from Google Cloud Console',
|
||||
required: true,
|
||||
},
|
||||
{
|
||||
displayName: ' Impersonate a User',
|
||||
displayName: 'Impersonate a User',
|
||||
name: 'inpersonate',
|
||||
type: 'boolean',
|
||||
default: false,
|
||||
|
|
|
@ -16,6 +16,13 @@ import * as moment from 'moment-timezone';
|
|||
|
||||
import * as jwt from 'jsonwebtoken';
|
||||
|
||||
interface IGoogleAuthCredentials {
|
||||
delegatedEmail?: string;
|
||||
email: string;
|
||||
inpersonate: boolean;
|
||||
privateKey: string;
|
||||
}
|
||||
|
||||
export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, method: string, resource: string, body: any = {}, qs: IDataObject = {}, uri?: string, headers: IDataObject = {}): Promise<any> { // tslint:disable-line:no-any
|
||||
const authenticationMethod = this.getNodeParameter('authentication', 0, 'serviceAccount') as string;
|
||||
const options: OptionsWithUri = {
|
||||
|
@ -37,13 +44,16 @@ export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleF
|
|||
}
|
||||
|
||||
if (authenticationMethod === 'serviceAccount') {
|
||||
const credentials = await this.getCredentials('googleApi');
|
||||
const credentials = await this.getCredentials('googleApi') as {
|
||||
email: string;
|
||||
privateKey: string;
|
||||
};
|
||||
|
||||
if (credentials === undefined) {
|
||||
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
|
||||
}
|
||||
|
||||
const { access_token } = await getAccessToken.call(this, credentials as IDataObject);
|
||||
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
|
||||
|
||||
options.headers!.Authorization = `Bearer ${access_token}`;
|
||||
//@ts-ignore
|
||||
|
@ -78,7 +88,7 @@ export async function googleApiRequestAllItems(this: IExecuteFunctions | ILoadOp
|
|||
return returnData;
|
||||
}
|
||||
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, credentials: IDataObject): Promise<IDataObject> {
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, credentials: IGoogleAuthCredentials): Promise<IDataObject> {
|
||||
//https://developers.google.com/identity/protocols/oauth2/service-account#httprest
|
||||
|
||||
const scopes = [
|
||||
|
@ -87,7 +97,8 @@ function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoa
|
|||
|
||||
const now = moment().unix();
|
||||
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n');
|
||||
credentials.email = credentials.email.trim();
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
|
||||
|
||||
const signature = jwt.sign(
|
||||
{
|
||||
|
|
|
@ -17,6 +17,13 @@ import * as moment from 'moment-timezone';
|
|||
|
||||
import * as jwt from 'jsonwebtoken';
|
||||
|
||||
interface IGoogleAuthCredentials {
|
||||
delegatedEmail?: string;
|
||||
email: string;
|
||||
inpersonate: boolean;
|
||||
privateKey: string;
|
||||
}
|
||||
|
||||
export async function googleApiRequest(
|
||||
this: IExecuteFunctions | ILoadOptionsFunctions,
|
||||
method: string,
|
||||
|
@ -50,7 +57,7 @@ export async function googleApiRequest(
|
|||
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
|
||||
}
|
||||
|
||||
const { access_token } = await getAccessToken.call(this, credentials as IDataObject);
|
||||
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
|
||||
|
||||
options.headers!.Authorization = `Bearer ${access_token}`;
|
||||
return await this.helpers.request!(options);
|
||||
|
@ -84,7 +91,7 @@ export async function googleApiRequestAllItems(this: IExecuteFunctions | ILoadOp
|
|||
return returnData;
|
||||
}
|
||||
|
||||
function getAccessToken(this: IExecuteFunctions | ILoadOptionsFunctions, credentials: IDataObject): Promise<IDataObject> {
|
||||
function getAccessToken(this: IExecuteFunctions | ILoadOptionsFunctions, credentials: IGoogleAuthCredentials): Promise<IDataObject> {
|
||||
//https://developers.google.com/identity/protocols/oauth2/service-account#httprest
|
||||
|
||||
const scopes = [
|
||||
|
@ -95,7 +102,8 @@ function getAccessToken(this: IExecuteFunctions | ILoadOptionsFunctions, credent
|
|||
|
||||
const now = moment().unix();
|
||||
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n');
|
||||
credentials.email = credentials.email.trim();
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
|
||||
|
||||
const signature = jwt.sign(
|
||||
{
|
||||
|
|
|
@ -19,6 +19,13 @@ import * as moment from 'moment-timezone';
|
|||
|
||||
import * as jwt from 'jsonwebtoken';
|
||||
|
||||
interface IGoogleAuthCredentials {
|
||||
delegatedEmail?: string;
|
||||
email: string;
|
||||
inpersonate: boolean;
|
||||
privateKey: string;
|
||||
}
|
||||
|
||||
export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions | IPollFunctions, method: string, resource: string, body: any = {}, qs: IDataObject = {}, uri?: string, option: IDataObject = {}): Promise<any> { // tslint:disable-line:no-any
|
||||
const authenticationMethod = this.getNodeParameter('authentication', 0, 'serviceAccount') as string;
|
||||
|
||||
|
@ -47,7 +54,7 @@ export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleF
|
|||
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
|
||||
}
|
||||
|
||||
const { access_token } = await getAccessToken.call(this, credentials as IDataObject);
|
||||
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
|
||||
|
||||
options.headers!.Authorization = `Bearer ${access_token}`;
|
||||
return await this.helpers.request!(options);
|
||||
|
@ -83,7 +90,7 @@ export async function googleApiRequestAllItems(this: IExecuteFunctions | ILoadOp
|
|||
return returnData;
|
||||
}
|
||||
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions | IPollFunctions, credentials: IDataObject): Promise<IDataObject> {
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions | IPollFunctions, credentials: IGoogleAuthCredentials): Promise<IDataObject> {
|
||||
//https://developers.google.com/identity/protocols/oauth2/service-account#httprest
|
||||
|
||||
const scopes = [
|
||||
|
@ -94,7 +101,8 @@ function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoa
|
|||
|
||||
const now = moment().unix();
|
||||
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n');
|
||||
credentials.email = credentials.email.trim();
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
|
||||
|
||||
const signature = jwt.sign(
|
||||
{
|
||||
|
|
|
@ -3,7 +3,6 @@ import {
|
|||
} from 'request';
|
||||
|
||||
import {
|
||||
ParsedMail,
|
||||
simpleParser,
|
||||
} from 'mailparser';
|
||||
|
||||
|
@ -29,6 +28,13 @@ import * as moment from 'moment-timezone';
|
|||
|
||||
import * as jwt from 'jsonwebtoken';
|
||||
|
||||
interface IGoogleAuthCredentials {
|
||||
delegatedEmail?: string;
|
||||
email: string;
|
||||
inpersonate: boolean;
|
||||
privateKey: string;
|
||||
}
|
||||
|
||||
const mailComposer = require('nodemailer/lib/mail-composer');
|
||||
|
||||
export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, method: string,
|
||||
|
@ -63,7 +69,7 @@ export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleF
|
|||
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
|
||||
}
|
||||
|
||||
const { access_token } = await getAccessToken.call(this, credentials as IDataObject);
|
||||
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
|
||||
|
||||
options.headers!.Authorization = `Bearer ${access_token}`;
|
||||
//@ts-ignore
|
||||
|
@ -202,7 +208,7 @@ export function extractEmail(s: string) {
|
|||
return data.substring(0, data.length - 1);
|
||||
}
|
||||
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, credentials: IDataObject): Promise<IDataObject> {
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, credentials: IGoogleAuthCredentials): Promise<IDataObject> {
|
||||
//https://developers.google.com/identity/protocols/oauth2/service-account#httprest
|
||||
|
||||
const scopes = [
|
||||
|
@ -216,7 +222,8 @@ function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoa
|
|||
|
||||
const now = moment().unix();
|
||||
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n');
|
||||
credentials.email = credentials.email.trim();
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
|
||||
|
||||
const signature = jwt.sign(
|
||||
{
|
||||
|
|
|
@ -9,7 +9,6 @@ import {
|
|||
} from 'n8n-core';
|
||||
|
||||
import {
|
||||
ICredentialDataDecryptedObject,
|
||||
ICredentialTestFunctions,
|
||||
IDataObject, NodeApiError, NodeOperationError,
|
||||
} from 'n8n-workflow';
|
||||
|
@ -18,6 +17,13 @@ import * as moment from 'moment-timezone';
|
|||
|
||||
import * as jwt from 'jsonwebtoken';
|
||||
|
||||
export interface IGoogleAuthCredentials {
|
||||
delegatedEmail?: string;
|
||||
email: string;
|
||||
inpersonate: boolean;
|
||||
privateKey: string;
|
||||
}
|
||||
|
||||
export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, method: string, resource: string, body: any = {}, qs: IDataObject = {}, uri?: string, headers: IDataObject = {}): Promise<any> { // tslint:disable-line:no-any
|
||||
const authenticationMethod = this.getNodeParameter('authentication', 0, 'serviceAccount') as string;
|
||||
const options: OptionsWithUri = {
|
||||
|
@ -45,7 +51,7 @@ export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleF
|
|||
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
|
||||
}
|
||||
|
||||
const { access_token } = await getAccessToken.call(this, credentials as ICredentialDataDecryptedObject);
|
||||
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
|
||||
|
||||
options.headers!.Authorization = `Bearer ${access_token}`;
|
||||
//@ts-ignore
|
||||
|
@ -82,7 +88,7 @@ export async function googleApiRequestAllItems(this: IExecuteFunctions | ILoadOp
|
|||
return returnData;
|
||||
}
|
||||
|
||||
export function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions | ICredentialTestFunctions, credentials: ICredentialDataDecryptedObject): Promise<IDataObject> {
|
||||
export function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions | ICredentialTestFunctions, credentials: IGoogleAuthCredentials): Promise<IDataObject> {
|
||||
//https://developers.google.com/identity/protocols/oauth2/service-account#httprest
|
||||
|
||||
const scopes = [
|
||||
|
@ -93,7 +99,8 @@ export function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions
|
|||
|
||||
const now = moment().unix();
|
||||
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n');
|
||||
credentials.email = credentials.email.trim();
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
|
||||
|
||||
const signature = jwt.sign(
|
||||
{
|
||||
|
|
|
@ -29,6 +29,7 @@ import {
|
|||
getAccessToken,
|
||||
googleApiRequest,
|
||||
hexToRgb,
|
||||
IGoogleAuthCredentials,
|
||||
} from './GenericFunctions';
|
||||
|
||||
export class GoogleSheets implements INodeType {
|
||||
|
@ -1018,7 +1019,7 @@ export class GoogleSheets implements INodeType {
|
|||
credentialTest: {
|
||||
async googleApiCredentialTest(this: ICredentialTestFunctions, credential: ICredentialsDecrypted): Promise<NodeCredentialTestResult> {
|
||||
try {
|
||||
const tokenRequest = await getAccessToken.call(this, credential.data!);
|
||||
const tokenRequest = await getAccessToken.call(this, credential.data! as unknown as IGoogleAuthCredentials);
|
||||
if (!tokenRequest.access_token) {
|
||||
return {
|
||||
status: 'Error',
|
||||
|
|
|
@ -11,12 +11,20 @@ import {
|
|||
ICredentialDataDecryptedObject,
|
||||
IDataObject,
|
||||
NodeApiError,
|
||||
NodeOperationError,
|
||||
} from 'n8n-workflow';
|
||||
|
||||
import * as moment from 'moment-timezone';
|
||||
|
||||
import * as jwt from 'jsonwebtoken';
|
||||
|
||||
interface IGoogleAuthCredentials {
|
||||
delegatedEmail?: string;
|
||||
email: string;
|
||||
inpersonate: boolean;
|
||||
privateKey: string;
|
||||
}
|
||||
|
||||
export async function googleApiRequest(
|
||||
this: IExecuteFunctions | ILoadOptionsFunctions,
|
||||
method: string,
|
||||
|
@ -46,8 +54,13 @@ export async function googleApiRequest(
|
|||
|
||||
try {
|
||||
if (authenticationMethod === 'serviceAccount') {
|
||||
const credentials = await this.getCredentials('googleApi') as { access_token: string, email: string, privateKey: string };
|
||||
const { access_token } = await getAccessToken.call(this, credentials);
|
||||
const credentials = await this.getCredentials('googleApi');
|
||||
|
||||
if (credentials === undefined) {
|
||||
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
|
||||
}
|
||||
|
||||
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
|
||||
options.headers.Authorization = `Bearer ${access_token}`;
|
||||
return await this.helpers.request!(options);
|
||||
|
||||
|
@ -65,7 +78,7 @@ export async function googleApiRequest(
|
|||
|
||||
function getAccessToken(
|
||||
this: IExecuteFunctions | ILoadOptionsFunctions,
|
||||
credentials: ICredentialDataDecryptedObject,
|
||||
credentials: IGoogleAuthCredentials,
|
||||
) {
|
||||
// https://developers.google.com/identity/protocols/oauth2/service-account#httprest
|
||||
|
||||
|
@ -76,7 +89,8 @@ function getAccessToken(
|
|||
|
||||
const now = moment().unix();
|
||||
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n');
|
||||
credentials.email = credentials.email.trim();
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
|
||||
|
||||
const signature = jwt.sign(
|
||||
{
|
||||
|
|
|
@ -16,6 +16,13 @@ import * as moment from 'moment-timezone';
|
|||
|
||||
import * as jwt from 'jsonwebtoken';
|
||||
|
||||
interface IGoogleAuthCredentials {
|
||||
delegatedEmail?: string;
|
||||
email: string;
|
||||
inpersonate: boolean;
|
||||
privateKey: string;
|
||||
}
|
||||
|
||||
export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, method: string, resource: string, body: any = {}, qs: IDataObject = {}, uri?: string, headers: IDataObject = {}): Promise<any> { // tslint:disable-line:no-any
|
||||
const authenticationMethod = this.getNodeParameter('authentication', 0, 'serviceAccount') as string;
|
||||
const options: OptionsWithUri = {
|
||||
|
@ -43,7 +50,7 @@ export async function googleApiRequest(this: IExecuteFunctions | IExecuteSingleF
|
|||
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
|
||||
}
|
||||
|
||||
const { access_token } = await getAccessToken.call(this, credentials as IDataObject);
|
||||
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
|
||||
|
||||
options.headers!.Authorization = `Bearer ${access_token}`;
|
||||
//@ts-ignore
|
||||
|
@ -76,7 +83,7 @@ export async function googleApiRequestAllItems(this: IExecuteFunctions | ILoadOp
|
|||
return returnData;
|
||||
}
|
||||
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, credentials: IDataObject): Promise<IDataObject> {
|
||||
function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoadOptionsFunctions, credentials: IGoogleAuthCredentials): Promise<IDataObject> {
|
||||
//https://developers.google.com/identity/protocols/oauth2/service-account#httprest
|
||||
|
||||
const scopes = [
|
||||
|
@ -86,7 +93,8 @@ function getAccessToken(this: IExecuteFunctions | IExecuteSingleFunctions | ILoa
|
|||
|
||||
const now = moment().unix();
|
||||
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n');
|
||||
credentials.email = credentials.email.trim();
|
||||
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
|
||||
|
||||
const signature = jwt.sign(
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue