n8n/packages/nodes-base/nodes/Google/Slides/GenericFunctions.ts
Iván Ovejero 26eac80d49
Parse single-line private key for Google service account (#2132)
*  Parse single-line private key

* ✏️ Update description and placeholder

*  Some improvements

Co-authored-by: Jan Oberhauser <janober@users.noreply.github.com>
Co-authored-by: Jan Oberhauser <jan.oberhauser@gmail.com>
2021-12-24 16:12:18 +01:00

130 lines
2.9 KiB
TypeScript

import {
OptionsWithUri,
} from 'request';
import {
IExecuteFunctions,
ILoadOptionsFunctions,
} from 'n8n-core';
import {
ICredentialDataDecryptedObject,
IDataObject,
NodeApiError,
NodeOperationError,
} from 'n8n-workflow';
import * as moment from 'moment-timezone';
import * as jwt from 'jsonwebtoken';
interface IGoogleAuthCredentials {
delegatedEmail?: string;
email: string;
inpersonate: boolean;
privateKey: string;
}
export async function googleApiRequest(
this: IExecuteFunctions | ILoadOptionsFunctions,
method: string,
resource: string,
body: IDataObject = {},
qs: IDataObject = {},
) {
const authenticationMethod = this.getNodeParameter('authentication', 0, 'serviceAccount') as string;
const options: OptionsWithUri & { headers: IDataObject } = {
headers: {
'Content-Type': 'application/json',
},
method,
body,
qs,
uri: `https://slides.googleapis.com/v1${resource}`,
json: true,
};
if (!Object.keys(body).length) {
delete options.body;
}
if (!Object.keys(qs).length) {
delete options.qs;
}
try {
if (authenticationMethod === 'serviceAccount') {
const credentials = await this.getCredentials('googleApi');
if (credentials === undefined) {
throw new NodeOperationError(this.getNode(), 'No credentials got returned!');
}
const { access_token } = await getAccessToken.call(this, credentials as unknown as IGoogleAuthCredentials);
options.headers.Authorization = `Bearer ${access_token}`;
return await this.helpers.request!(options);
} else {
return await this.helpers.requestOAuth2!.call(this, 'googleSlidesOAuth2Api', options);
}
} catch (error) {
if (error.code === 'ERR_OSSL_PEM_NO_START_LINE') {
error.statusCode = '401';
}
throw new NodeApiError(this.getNode(), error);
}
}
function getAccessToken(
this: IExecuteFunctions | ILoadOptionsFunctions,
credentials: IGoogleAuthCredentials,
) {
// https://developers.google.com/identity/protocols/oauth2/service-account#httprest
const scopes = [
'https://www.googleapis.com/auth/drive.file',
'https://www.googleapis.com/auth/presentations',
];
const now = moment().unix();
credentials.email = credentials.email.trim();
const privateKey = (credentials.privateKey as string).replace(/\\n/g, '\n').trim();
const signature = jwt.sign(
{
iss: credentials.email,
sub: credentials.email,
scope: scopes.join(' '),
aud: 'https://oauth2.googleapis.com/token',
iat: now,
exp: now + 3600,
},
privateKey,
{
algorithm: 'RS256',
header: {
kid: privateKey,
typ: 'JWT',
alg: 'RS256',
},
},
);
const options: OptionsWithUri = {
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
method: 'POST',
form: {
grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
assertion: signature,
},
uri: 'https://oauth2.googleapis.com/token',
json: true,
};
return this.helpers.request!(options);
}