diff --git a/packages/cli/src/controllers/oauth/__tests__/oauth1-credential.controller.test.ts b/packages/cli/src/controllers/oauth/__tests__/oauth1-credential.controller.test.ts index d5207236b7..08cff0b6bf 100644 --- a/packages/cli/src/controllers/oauth/__tests__/oauth1-credential.controller.test.ts +++ b/packages/cli/src/controllers/oauth/__tests__/oauth1-credential.controller.test.ts @@ -86,7 +86,7 @@ describe('OAuth1CredentialController', () => { jest.spyOn(Csrf.prototype, 'create').mockReturnValueOnce('token'); sharedCredentialsRepository.findCredentialForUser.mockResolvedValueOnce(credential); credentialsHelper.getDecrypted.mockResolvedValueOnce({}); - credentialsHelper.applyDefaultsAndOverwrites.mockReturnValueOnce({ + credentialsHelper.applyDefaultsAndOverwrites.mockResolvedValueOnce({ requestTokenUrl: 'https://example.domain/oauth/request_token', authUrl: 'https://example.domain/oauth/authorize', accessTokenUrl: 'https://example.domain/oauth/access_token', @@ -223,7 +223,7 @@ describe('OAuth1CredentialController', () => { it('should exchange the code for a valid token, and save it to DB', async () => { credentialsRepository.findOneBy.mockResolvedValue(credential); credentialsHelper.getDecrypted.mockResolvedValue({ csrfSecret }); - credentialsHelper.applyDefaultsAndOverwrites.mockReturnValueOnce({ + credentialsHelper.applyDefaultsAndOverwrites.mockResolvedValueOnce({ requestTokenUrl: 'https://example.domain/oauth/request_token', accessTokenUrl: 'https://example.domain/oauth/access_token', signatureMethod: 'HMAC-SHA1', diff --git a/packages/cli/src/controllers/oauth/__tests__/oauth2-credential.controller.test.ts b/packages/cli/src/controllers/oauth/__tests__/oauth2-credential.controller.test.ts index 6ed9cb14ad..99504fbeac 100644 --- a/packages/cli/src/controllers/oauth/__tests__/oauth2-credential.controller.test.ts +++ b/packages/cli/src/controllers/oauth/__tests__/oauth2-credential.controller.test.ts @@ -64,7 +64,7 @@ describe('OAuth2CredentialController', () => { jest.setSystemTime(new Date(timestamp)); jest.clearAllMocks(); - credentialsHelper.applyDefaultsAndOverwrites.mockReturnValue({ + credentialsHelper.applyDefaultsAndOverwrites.mockResolvedValue({ clientId: 'test-client-id', clientSecret: 'oauth-secret', authUrl: 'https://example.domain/o/oauth2/v2/auth', diff --git a/packages/cli/src/controllers/oauth/abstract-oauth.controller.ts b/packages/cli/src/controllers/oauth/abstract-oauth.controller.ts index ed23b050f9..ca82370a6a 100644 --- a/packages/cli/src/controllers/oauth/abstract-oauth.controller.ts +++ b/packages/cli/src/controllers/oauth/abstract-oauth.controller.ts @@ -121,17 +121,20 @@ export abstract class AbstractOAuthController { ); } - protected applyDefaultsAndOverwrites( + protected async applyDefaultsAndOverwrites( credential: ICredentialsDb, decryptedData: ICredentialDataDecryptedObject, additionalData: IWorkflowExecuteAdditionalData, ) { - return this.credentialsHelper.applyDefaultsAndOverwrites( + return (await this.credentialsHelper.applyDefaultsAndOverwrites( additionalData, decryptedData, + credential, credential.type, 'internal', - ) as unknown as T; + undefined, + undefined, + )) as unknown as T; } protected async encryptAndSaveData( @@ -209,7 +212,8 @@ export abstract class AbstractOAuthController { credential, additionalData, ); - const oauthCredentials = this.applyDefaultsAndOverwrites( + + const oauthCredentials = await this.applyDefaultsAndOverwrites( credential, decryptedDataOriginal, additionalData, diff --git a/packages/cli/src/controllers/oauth/oauth1-credential.controller.ts b/packages/cli/src/controllers/oauth/oauth1-credential.controller.ts index 7e6a096e04..3f8f2cf0e1 100644 --- a/packages/cli/src/controllers/oauth/oauth1-credential.controller.ts +++ b/packages/cli/src/controllers/oauth/oauth1-credential.controller.ts @@ -36,7 +36,7 @@ export class OAuth1CredentialController extends AbstractOAuthController { const credential = await this.getCredential(req); const additionalData = await this.getAdditionalData(); const decryptedDataOriginal = await this.getDecryptedDataForAuthUri(credential, additionalData); - const oauthCredentials = this.applyDefaultsAndOverwrites( + const oauthCredentials = await this.applyDefaultsAndOverwrites( credential, decryptedDataOriginal, additionalData, diff --git a/packages/cli/src/controllers/oauth/oauth2-credential.controller.ts b/packages/cli/src/controllers/oauth/oauth2-credential.controller.ts index 1a4fa1254c..3a855858b0 100644 --- a/packages/cli/src/controllers/oauth/oauth2-credential.controller.ts +++ b/packages/cli/src/controllers/oauth/oauth2-credential.controller.ts @@ -37,7 +37,7 @@ export class OAuth2CredentialController extends AbstractOAuthController { delete decryptedDataOriginal.scope; } - const oauthCredentials = this.applyDefaultsAndOverwrites( + const oauthCredentials = await this.applyDefaultsAndOverwrites( credential, decryptedDataOriginal, additionalData, diff --git a/packages/cli/src/credentials-helper.ts b/packages/cli/src/credentials-helper.ts index 4feff3956b..5e5436c93d 100644 --- a/packages/cli/src/credentials-helper.ts +++ b/packages/cli/src/credentials-helper.ts @@ -331,31 +331,29 @@ export class CredentialsHelper extends ICredentialsHelper { await additionalData?.secretsHelpers?.waitForInit(); - const canUseSecrets = await this.credentialCanUseExternalSecrets(nodeCredentials); - - return this.applyDefaultsAndOverwrites( + return await this.applyDefaultsAndOverwrites( additionalData, decryptedDataOriginal, + nodeCredentials, type, mode, executeData, expressionResolveValues, - canUseSecrets, ); } /** * Applies credential default data and overwrites */ - applyDefaultsAndOverwrites( + async applyDefaultsAndOverwrites( additionalData: IWorkflowExecuteAdditionalData, decryptedDataOriginal: ICredentialDataDecryptedObject, + credential: INodeCredentialsDetails, type: string, mode: WorkflowExecuteMode, executeData?: IExecuteData, expressionResolveValues?: ICredentialsExpressionResolveValues, - canUseSecrets?: boolean, - ): ICredentialDataDecryptedObject { + ): Promise { const credentialsProperties = this.getCredentialsProperties(type); // Load and apply the credentials overwrites if any exist @@ -380,8 +378,9 @@ export class CredentialsHelper extends ICredentialsHelper { decryptedData.oauthTokenData = decryptedDataOriginal.oauthTokenData; } + const canUseExternalSecrets = await this.credentialCanUseExternalSecrets(credential); const additionalKeys = getAdditionalKeys(additionalData, mode, null, { - secretsEnabled: canUseSecrets, + secretsEnabled: canUseExternalSecrets, }); if (expressionResolveValues) { diff --git a/packages/cli/src/services/credentials-tester.service.ts b/packages/cli/src/services/credentials-tester.service.ts index c0a3fbb575..ed6c9a9923 100644 --- a/packages/cli/src/services/credentials-tester.service.ts +++ b/packages/cli/src/services/credentials-tester.service.ts @@ -187,14 +187,14 @@ export class CredentialsTester { if (credentialsDecrypted.data) { try { const additionalData = await WorkflowExecuteAdditionalData.getBase(userId); - credentialsDecrypted.data = this.credentialsHelper.applyDefaultsAndOverwrites( + credentialsDecrypted.data = await this.credentialsHelper.applyDefaultsAndOverwrites( additionalData, credentialsDecrypted.data, + credentialsDecrypted, credentialType, 'internal' as WorkflowExecuteMode, undefined, undefined, - await this.credentialsHelper.credentialCanUseExternalSecrets(credentialsDecrypted), ); } catch (error) { this.logger.debug('Credential test failed', error); diff --git a/packages/cli/test/integration/controllers/oauth/oauth2.api.test.ts b/packages/cli/test/integration/controllers/oauth/oauth2.api.test.ts index f20f9df550..fc31b1969c 100644 --- a/packages/cli/test/integration/controllers/oauth/oauth2.api.test.ts +++ b/packages/cli/test/integration/controllers/oauth/oauth2.api.test.ts @@ -28,7 +28,7 @@ describe('OAuth2 API', () => { authQueryParameters: 'access_type=offline', }; - CredentialsHelper.prototype.applyDefaultsAndOverwrites = (_, decryptedDataOriginal) => + CredentialsHelper.prototype.applyDefaultsAndOverwrites = async (_, decryptedDataOriginal) => decryptedDataOriginal; beforeAll(async () => {