feat(core) Simplify authentication type (#3578)

* ⚡ Add generic auth type

* ⚡ Remove queryAuth

* ⚡ Remove bearer

* ⚡ Remove headerAuth

* ⚡ Remove basicAuth

* ⚡ Adjust tests

* ⚡ Small improvements

* 👕 Fix lint issue

packages/cli/src/CredentialsHelper.ts

@@ -98,73 +98,41 @@ export class CredentialsHelper extends ICredentialsHelper {
 			if (typeof credentialType.authenticate === 'object') {
 				// Predefined authentication method
 
+				let keyResolved: string;
+				let valueResolved: string;
 				const { authenticate } = credentialType;
 				if (requestOptions.headers === undefined) {
 					requestOptions.headers = {};
 				}
 
-				// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+				if (authenticate.type === 'generic') {
-				if (authenticate.type === 'bearer') {
+					Object.entries(authenticate.properties).forEach(([outerKey, outerValue]) => {
-					const tokenPropertyName: string =
+						Object.entries(outerValue).forEach(([key, value]) => {
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+							keyResolved = this.resolveValue(
-						authenticate.properties.tokenPropertyName ?? 'accessToken';
+								key,
-					requestOptions.headers.Authorization = `Bearer ${
+								{ $credentials: credentials },
-						credentials[tokenPropertyName] as string
+								workflow,
-					}`;
+								node,
-					// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+								defaultTimezone,
-				} else if (authenticate.type === 'basicAuth') {
+							);
-					const userPropertyName: string =
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-						authenticate.properties.userPropertyName ?? 'user';
-					const passwordPropertyName: string =
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-						authenticate.properties.passwordPropertyName ?? 'password';
 
-					requestOptions.auth = {
+							valueResolved = this.resolveValue(
-						username: credentials[userPropertyName] as string,
+								value as string,
-						password: credentials[passwordPropertyName] as string,
+								{ $credentials: credentials },
-					};
+								workflow,
-				} else if (authenticate.type === 'headerAuth') {
+								node,
-					const key = this.resolveValue(
+								defaultTimezone,
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+							);
-						authenticate.properties.name,
-						{ $credentials: credentials },
-						workflow,
-						node,
-						defaultTimezone,
-					);
 
-					const value = this.resolveValue(
+							// @ts-ignore
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+							if (!requestOptions[outerKey]) {
-						authenticate.properties.value,
+								// @ts-ignore
-						{ $credentials: credentials },
+								requestOptions[outerKey] = {};
-						workflow,
+							}
-						node,
+							// @ts-ignore
-						defaultTimezone,
+							requestOptions[outerKey][keyResolved] = valueResolved;
-					);
+						});
-					requestOptions.headers[key] = value;
+					});
-				} else if (authenticate.type === 'queryAuth') {
-					const key = this.resolveValue(
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-						authenticate.properties.key,
-						{ $credentials: credentials },
-						workflow,
-						node,
-						defaultTimezone,
-					);
-
-					const value = this.resolveValue(
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-						authenticate.properties.value,
-						{ $credentials: credentials },
-						workflow,
-						node,
-						defaultTimezone,
-					);
-					if (!requestOptions.qs) {
-						requestOptions.qs = {};
-					}
-					requestOptions.qs[key] = value;
 				}
 			}
 		}

packages/cli/test/unit/CredentialsHelper.test.ts

@@ -1,10 +1,7 @@
 import { CredentialsHelper, CredentialTypes } from '../../src';
 import * as Helpers from './Helpers';
 import {
-	IAuthenticateBasicAuth,
+	IAuthenticateGeneric,
-	IAuthenticateBearer,
-	IAuthenticateHeaderAuth,
-	IAuthenticateQueryAuth,
 	ICredentialDataDecryptedObject,
 	ICredentialType,
 	ICredentialTypeData,
@@ -27,7 +24,7 @@ describe('CredentialsHelper', () => {
 			output: IHttpRequestOptions;
 		}> = [
 			{
-				description: 'built-in basicAuth, default property names',
+				description: 'basicAuth, default property names',
 				input: {
 					credentials: {
 						user: 'user1',
@@ -51,10 +48,15 @@ describe('CredentialsHelper', () => {
 							},
 						];
 
-						authenticate = {
+						authenticate: IAuthenticateGeneric = {
-							type: 'basicAuth',
+							type: 'generic',
-							properties: {},
+							properties: {
-						} as IAuthenticateBasicAuth;
+								auth: {
+									username: '={{$credentials.user}}',
+									password: '={{$credentials.password}}',
+								},
+							},
+						};
 					})(),
 				},
 				output: {
@@ -65,48 +67,67 @@ describe('CredentialsHelper', () => {
 				},
 			},
 			{
-				description: 'built-in basicAuth, custom property names',
+				description: 'headerAuth',
 				input: {
 					credentials: {
-						customUser: 'user2',
+						accessToken: 'test',
-						customPassword: 'password2',
 					},
 					credentialType: new (class TestApi implements ICredentialType {
 						name = 'testApi';
 						displayName = 'Test API';
 						properties: INodeProperties[] = [
 							{
-								displayName: 'User',
+								displayName: 'Access Token',
-								name: 'user',
+								name: 'accessToken',
-								type: 'string',
-								default: '',
-							},
-							{
-								displayName: 'Password',
-								name: 'password',
 								type: 'string',
 								default: '',
 							},
 						];
 
-						authenticate = {
+						authenticate: IAuthenticateGeneric = {
-							type: 'basicAuth',
+							type: 'generic',
 							properties: {
-								userPropertyName: 'customUser',
+								headers: {
-								passwordPropertyName: 'customPassword',
+									Authorization: '=Bearer {{$credentials.accessToken}}',
+								},
 							},
-						} as IAuthenticateBasicAuth;
+						};
 					})(),
 				},
-				output: {
+				output: { url: '', headers: { Authorization: 'Bearer test' }, qs: {} },
-					url: '',
-					headers: {},
-					auth: { username: 'user2', password: 'password2' },
-					qs: {},
-				},
 			},
 			{
-				description: 'built-in headerAuth',
+				description: 'headerAuth, key and value expressions',
+				input: {
+					credentials: {
+						accessToken: 'test',
+					},
+					credentialType: new (class TestApi implements ICredentialType {
+						name = 'testApi';
+						displayName = 'Test API';
+						properties: INodeProperties[] = [
+							{
+								displayName: 'Access Token',
+								name: 'accessToken',
+								type: 'string',
+								default: '',
+							},
+						];
+
+						authenticate: IAuthenticateGeneric = {
+							type: 'generic',
+							properties: {
+								headers: {
+									'={{$credentials.accessToken}}': '=Bearer {{$credentials.accessToken}}',
+								},
+							},
+						};
+					})(),
+				},
+				output: { url: '', headers: { test: 'Bearer test' }, qs: {} },
+			},
+			{
+				description: 'queryAuth',
 				input: {
 					credentials: {
 						accessToken: 'test',
@@ -124,95 +145,13 @@ describe('CredentialsHelper', () => {
 						];
 
 						authenticate = {
-							type: 'headerAuth',
+							type: 'generic',
 							properties: {
-								name: 'Authorization',
+								qs: {
-								value: '=Bearer {{$credentials.accessToken}}',
+									accessToken: '={{$credentials.accessToken}}',
+								},
 							},
-						} as IAuthenticateHeaderAuth;
+						} as IAuthenticateGeneric;
-					})(),
-				},
-				output: { url: '', headers: { Authorization: 'Bearer test' }, qs: {} },
-			},
-			{
-				description: 'built-in bearer, default property name',
-				input: {
-					credentials: {
-						accessToken: 'test',
-					},
-					credentialType: new (class TestApi implements ICredentialType {
-						name = 'testApi';
-						displayName = 'Test API';
-						properties: INodeProperties[] = [
-							{
-								displayName: 'Access Token',
-								name: 'accessToken',
-								type: 'string',
-								default: '',
-							},
-						];
-
-						authenticate = {
-							type: 'bearer',
-							properties: {},
-						} as IAuthenticateBearer;
-					})(),
-				},
-				output: { url: '', headers: { Authorization: 'Bearer test' }, qs: {} },
-			},
-			{
-				description: 'built-in bearer, custom property name',
-				input: {
-					credentials: {
-						myToken: 'test',
-					},
-					credentialType: new (class TestApi implements ICredentialType {
-						name = 'testApi';
-						displayName = 'Test API';
-						properties: INodeProperties[] = [
-							{
-								displayName: 'My Token',
-								name: 'myToken',
-								type: 'string',
-								default: '',
-							},
-						];
-
-						authenticate = {
-							type: 'bearer',
-							properties: {
-								tokenPropertyName: 'myToken',
-							},
-						} as IAuthenticateBearer;
-					})(),
-				},
-				output: { url: '', headers: { Authorization: 'Bearer test' }, qs: {} },
-			},
-			{
-				description: 'built-in queryAuth',
-				input: {
-					credentials: {
-						accessToken: 'test',
-					},
-					credentialType: new (class TestApi implements ICredentialType {
-						name = 'testApi';
-						displayName = 'Test API';
-						properties: INodeProperties[] = [
-							{
-								displayName: 'Access Token',
-								name: 'accessToken',
-								type: 'string',
-								default: '',
-							},
-						];
-
-						authenticate = {
-							type: 'queryAuth',
-							properties: {
-								key: 'accessToken',
-								value: '={{$credentials.accessToken}}',
-							},
-						} as IAuthenticateQueryAuth;
 					})(),
 				},
 				output: { url: '', headers: {}, qs: { accessToken: 'test' } },

packages/nodes-base/credentials/AsanaApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateBearer,
+	IAuthenticateGeneric,
 	ICredentialType,
 	INodeProperties,
 } from 'n8n-workflow';
@@ -17,9 +17,13 @@ export class AsanaApi implements ICredentialType {
 		},
 	];
 
-	authenticate = {
+	authenticate: IAuthenticateGeneric = {
-		type: 'bearer',
+		type: 'generic',
-		properties: {},
+		properties: {
-	} as IAuthenticateBearer;
+			headers: {
+				Authorization: '=Bearer {{$credentials.accessToken}}',
+			},
+		},
+	};
 
 }

packages/nodes-base/credentials/CalApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateQueryAuth,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -24,13 +24,14 @@ export class CalApi implements ICredentialType {
 		},
 	];
 
-	authenticate = {
+	authenticate: IAuthenticateGeneric = {
-		type: 'queryAuth',
+		type: 'generic',
 		properties: {
-			key: 'apiKey',
+			qs: {
-			value: '={{$credentials.apiKey}}',
+				apiKey: '={{$credentials.apiKey}}',
+			},
 		},
-	} as IAuthenticateQueryAuth;
+	};
 
 	test: ICredentialTestRequest = {
 		request: {

packages/nodes-base/credentials/GithubApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateHeaderAuth,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -30,13 +30,16 @@ export class GithubApi implements ICredentialType {
 			default: '',
 		},
 	];
-	authenticate: IAuthenticateHeaderAuth = {
+
-		type: 'headerAuth',
+	authenticate: IAuthenticateGeneric = {
+		type: 'generic',
 		properties: {
-			name: 'Authorization',
+			headers: {
-			value: '=token {{$credentials?.accessToken}}',
+				Authorization: '=token {{$credentials?.accessToken}}',
+			},
 		},
 	};
+
 	test: ICredentialTestRequest = {
 		request: {
 			baseURL: '={{$credentials?.server}}',

packages/nodes-base/credentials/HttpHeaderAuth.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateHeaderAuth,
+	IAuthenticateGeneric,
 	ICredentialType,
 	INodeProperties,
 } from 'n8n-workflow';
@@ -26,11 +26,13 @@ export class HttpHeaderAuth implements ICredentialType {
 			default: '',
 		},
 	];
-	authenticate = {
+
-		type: 'headerAuth',
+	authenticate: IAuthenticateGeneric = {
+		type: 'generic',
 		properties: {
-			name: '={{credentials.name}}',
+			headers: {
-			value: '={{credentials.value}}',
+				'={{$credentials.name}}': '={{$credentials.value}}',
+			},
 		},
-	} as IAuthenticateHeaderAuth;
+	};
 }

packages/nodes-base/credentials/Magento2Api.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateBearer,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -30,8 +30,12 @@ export class Magento2Api implements ICredentialType {
 		},
 	};
 
-	authenticate = {
+	authenticate: IAuthenticateGeneric = {
-		type: 'bearer',
+		type: 'generic',
-		properties: {},
+		properties: {
-	} as IAuthenticateBearer;
+			headers: {
+				Authorization: '=Bearer {{$credentials.accessToken}}',
+			},
+		},
+	};
 }

packages/nodes-base/credentials/MailjetEmailApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateBasicAuth,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -30,13 +30,17 @@ export class MailjetEmailApi implements ICredentialType {
 			description: 'Whether to allow to run the API call in a Sandbox mode, where all validations of the payload will be done without delivering the message',
 		},
 	];
-	authenticate: IAuthenticateBasicAuth = {
+
-		type: 'basicAuth',
+ authenticate: IAuthenticateGeneric = {
-		properties: {
+	type: 'generic',
-		 userPropertyName: 'apiKey',
+	properties: {
-		 passwordPropertyName: 'secretKey',
+		auth: {
-	 },
+			username: '={{$credentials.apiKey}}',
- };
+			password: '={{$credentials.secretKey}}',
+		},
+	},
+};
+
  test: ICredentialTestRequest = {
 		request: {
 			baseURL: `https://api.mailjet.com`,

packages/nodes-base/credentials/MailjetSmsApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateHeaderAuth,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -17,13 +17,16 @@ export class MailjetSmsApi implements ICredentialType {
 			default: '',
 		},
 	];
-	authenticate: IAuthenticateHeaderAuth = {
+
-		type: 'headerAuth',
+	authenticate: IAuthenticateGeneric = {
+		type: 'generic',
 		properties: {
-			name: 'Authorization',
+			headers: {
-			value: '=Bearer {{$credentials.token}}',
+				Authorization: '=Bearer {{$credentials.token}}',
+			},
 		},
 	};
+
 	test: ICredentialTestRequest = {
 		request: {
 			baseURL: `https://api.mailjet.com`,

packages/nodes-base/credentials/PipedriveApi.credentials.ts

@@ -1,6 +1,5 @@
 import {
-	IAuthenticateQueryAuth,
+	IAuthenticateGeneric,
-	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
 } from 'n8n-workflow';
@@ -19,11 +18,12 @@ export class PipedriveApi implements ICredentialType {
 		},
 	];
 
-	authenticate = {
+	authenticate: IAuthenticateGeneric = {
-		type: 'queryAuth',
+		type: 'generic',
 		properties: {
-			key: 'api_token',
+			qs: {
-			value: '={{$credentials.apiToken}}',
+				api_token: '={{$credentials.apiToken}}',
+			},
 		},
-	} as IAuthenticateQueryAuth;
+	};
 }

packages/nodes-base/credentials/ServiceNowBasicApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateBasicAuth,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -40,10 +40,17 @@ export class ServiceNowBasicApi implements ICredentialType {
 			required: true,
 		},
 	];
-	authenticate: IAuthenticateBasicAuth = {
+
-		type: 'basicAuth',
+	authenticate: IAuthenticateGeneric = {
-		properties: {},
+		type: 'generic',
+		properties: {
+			auth: {
+				username: '={{$credentials.user}}',
+				password: '={{$credentials.password}}',
+			},
+		},
 	};
+
 	test: ICredentialTestRequest = {
 		request: {
 			baseURL: '=https://{{$credentials?.subdomain}}.service-now.com',

packages/nodes-base/credentials/SlackApi.credentials.ts

@@ -1,6 +1,5 @@
 import {
-	IAuthenticateBearer,
+	IAuthenticateGeneric,
-	IAuthenticateQueryAuth,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -19,12 +18,16 @@ export class SlackApi implements ICredentialType {
 			required: true,
 		},
 	];
-	authenticate: IAuthenticateBearer = {
+
-		type: 'bearer',
+	authenticate: IAuthenticateGeneric = {
+		type: 'generic',
 		properties: {
-			tokenPropertyName: 'accessToken',
+			headers: {
+				Authorization: '=Bearer {{$credentials.accessToken}}',
+			},
 		},
 	};
+
 	test: ICredentialTestRequest = {
 		request: {
 			baseURL: 'https://slack.com',

packages/nodes-base/credentials/TodoistApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateBearer,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -18,12 +18,14 @@ export class TodoistApi implements ICredentialType {
 
 	];
 
-	authenticate = {
+	authenticate: IAuthenticateGeneric = {
-		type: 'bearer',
+		type: 'generic',
 		properties: {
-			tokenPropertyName: 'apiKey',
+			headers: {
+				Authorization: '=Bearer {{$credentials.apiKey}}',
+			},
 		},
-	} as IAuthenticateBearer;
+	};
 
 	test: ICredentialTestRequest = {
 		request: {

packages/nodes-base/credentials/TwakeCloudApi.credentials.ts

@@ -1,5 +1,5 @@
 import {
-	IAuthenticateBearer,
+	IAuthenticateGeneric,
 	ICredentialTestRequest,
 	ICredentialType,
 	INodeProperties,
@@ -17,12 +17,15 @@ export class TwakeCloudApi implements ICredentialType {
 			default: '',
 		},
 	];
-	authenticate = {
+
-		type: 'bearer',
+	authenticate: IAuthenticateGeneric = {
+		type: 'generic',
 		properties: {
-			tokenPropertyName: 'workspaceKey',
+			headers: {
+				Authorization: '=Bearer {{$credentials.workspaceKey}}',
+			},
 		},
-	} as IAuthenticateBearer;
+	};
 
 	test: ICredentialTestRequest = {
 		request: {

packages/workflow/src/Interfaces.ts

@@ -150,6 +150,16 @@ export interface IRequestOptionsSimplified {
 	qs: IDataObject;
 }
 
+export interface IRequestOptionsSimplifiedAuth {
+	auth?: {
+		username: string;
+		password: string;
+	};
+	body?: IDataObject;
+	headers?: IDataObject;
+	qs?: IDataObject;
+}
+
 export abstract class ICredentialsHelper {
 	encryptionKey: string;
 
@@ -191,40 +201,16 @@ export abstract class ICredentialsHelper {
 
 export interface IAuthenticateBase {
 	type: string;
-	properties: {
+	properties:
-		[key: string]: string;
+		| {
-	};
+				[key: string]: string;
+		  }
+		| IRequestOptionsSimplifiedAuth;
 }
 
-export interface IAuthenticateBasicAuth extends IAuthenticateBase {
+export interface IAuthenticateGeneric extends IAuthenticateBase {
-	type: 'basicAuth';
+	type: 'generic';
-	properties: {
+	properties: IRequestOptionsSimplifiedAuth;
-		userPropertyName?: string;
-		passwordPropertyName?: string;
-	};
-}
-
-export interface IAuthenticateBearer extends IAuthenticateBase {
-	type: 'bearer';
-	properties: {
-		tokenPropertyName?: string;
-	};
-}
-
-export interface IAuthenticateHeaderAuth extends IAuthenticateBase {
-	type: 'headerAuth';
-	properties: {
-		name: string;
-		value: string;
-	};
-}
-
-export interface IAuthenticateQueryAuth extends IAuthenticateBase {
-	type: 'queryAuth';
-	properties: {
-		key: string;
-		value: string;
-	};
 }
 
 export type IAuthenticate =
@@ -232,10 +218,7 @@ export type IAuthenticate =
 			credentials: ICredentialDataDecryptedObject,
 			requestOptions: IHttpRequestOptions,
 	  ) => Promise<IHttpRequestOptions>)
-	| IAuthenticateBasicAuth
+	| IAuthenticateGeneric;
-	| IAuthenticateBearer
-	| IAuthenticateHeaderAuth
-	| IAuthenticateQueryAuth;
 
 export interface IAuthenticateRuleBase {
 	type: string;