mirror of
https://github.com/n8n-io/n8n.git
synced 2025-01-14 22:38:06 -08:00
ce79e6b74f
* Enable support for AWS temporary credentials * 🔨 removed toggle from ui added sessionToken to other aws services that using sign function from aws4 module * Update sign method for other AWS nodes * Remove the unneeded additional `temporaryCredentials` checkbox * Update description for session token * ⚡ added missing session token to credentials test * Update sign method for DynamoDB * 🔨 added back toggle for hiding session token, fixed linter errors * ⚡ wording fix Co-authored-by: Michael Kret <michael.k@radency.com>
95 lines
2.9 KiB
TypeScript
95 lines
2.9 KiB
TypeScript
import {
|
|
URL,
|
|
} from 'url';
|
|
|
|
import {
|
|
Request,
|
|
sign,
|
|
} from 'aws4';
|
|
|
|
import {
|
|
OptionsWithUri,
|
|
} from 'request';
|
|
|
|
import {
|
|
parseString,
|
|
} from 'xml2js';
|
|
|
|
import {
|
|
IExecuteFunctions,
|
|
IHookFunctions,
|
|
ILoadOptionsFunctions,
|
|
IWebhookFunctions,
|
|
} from 'n8n-core';
|
|
|
|
import {
|
|
ICredentialDataDecryptedObject, NodeApiError, NodeOperationError,
|
|
} from 'n8n-workflow';
|
|
|
|
function getEndpointForService(service: string, credentials: ICredentialDataDecryptedObject): string {
|
|
let endpoint;
|
|
if (service === 'lambda' && credentials.lambdaEndpoint) {
|
|
endpoint = credentials.lambdaEndpoint;
|
|
} else if (service === 'sns' && credentials.snsEndpoint) {
|
|
endpoint = credentials.snsEndpoint;
|
|
} else {
|
|
endpoint = `https://${service}.${credentials.region}.amazonaws.com`;
|
|
}
|
|
return (endpoint as string).replace('{region}', credentials.region as string);
|
|
}
|
|
|
|
export async function awsApiRequest(this: IHookFunctions | IExecuteFunctions | ILoadOptionsFunctions | IWebhookFunctions, service: string, method: string, path: string, body?: string, headers?: object): Promise<any> { // tslint:disable-line:no-any
|
|
const credentials = await this.getCredentials('aws');
|
|
|
|
// Concatenate path and instantiate URL object so it parses correctly query strings
|
|
const endpoint = new URL(getEndpointForService(service, credentials) + path);
|
|
|
|
// Sign AWS API request with the user credentials
|
|
const signOpts = { headers: headers || {}, host: endpoint.host, method, path, body } as Request;
|
|
const securityHeaders = {
|
|
accessKeyId: `${credentials.accessKeyId}`.trim(),
|
|
secretAccessKey: `${credentials.secretAccessKey}`.trim(),
|
|
sessionToken: credentials.temporaryCredentials ? `${credentials.sessionToken}`.trim() : undefined,
|
|
};
|
|
|
|
sign(signOpts, securityHeaders);
|
|
|
|
const options: OptionsWithUri = {
|
|
headers: signOpts.headers,
|
|
method,
|
|
uri: endpoint.href,
|
|
body: signOpts.body,
|
|
};
|
|
|
|
try {
|
|
return await this.helpers.request!(options);
|
|
} catch (error) {
|
|
throw new NodeApiError(this.getNode(), error); // no XML parsing needed
|
|
}
|
|
}
|
|
|
|
export async function awsApiRequestREST(this: IHookFunctions | IExecuteFunctions | ILoadOptionsFunctions, service: string, method: string, path: string, body?: string, headers?: object): Promise<any> { // tslint:disable-line:no-any
|
|
const response = await awsApiRequest.call(this, service, method, path, body, headers);
|
|
try {
|
|
return JSON.parse(response);
|
|
} catch (error) {
|
|
return response;
|
|
}
|
|
}
|
|
|
|
export async function awsApiRequestSOAP(this: IHookFunctions | IExecuteFunctions | ILoadOptionsFunctions | IWebhookFunctions, service: string, method: string, path: string, body?: string, headers?: object): Promise<any> { // tslint:disable-line:no-any
|
|
const response = await awsApiRequest.call(this, service, method, path, body, headers);
|
|
try {
|
|
return await new Promise((resolve, reject) => {
|
|
parseString(response, { explicitArray: false }, (err, data) => {
|
|
if (err) {
|
|
return reject(err);
|
|
}
|
|
resolve(data);
|
|
});
|
|
});
|
|
} catch (error) {
|
|
return response;
|
|
}
|
|
}
|