feat(core): Credentials for popular SecOps services, Part 1 (#6775)

2025-12-17 01:56:46 +00:00 · 2023-07-31 11:26:38 +03:00
parent 50b0dc21fd
commit 11567f946b
56 changed files with 1724 additions and 4 deletions
--- a/packages/nodes-base/credentials/ZscalerZiaApi.credentials.ts
+++ b/packages/nodes-base/credentials/ZscalerZiaApi.credentials.ts
@@ -0,0 +1,137 @@
+import type {
+	IAuthenticateGeneric,
+	ICredentialDataDecryptedObject,
+	ICredentialTestRequest,
+	ICredentialType,
+	IHttpRequestHelper,
+	INodeProperties,
+} from 'n8n-workflow';
+
+export class ZscalerZiaApi implements ICredentialType {
+	name = 'zscalerZiaApi';
+
+	displayName = 'Zscaler ZIA API';
+
+	documentationUrl = 'zscaler';
+
+	icon = 'file:icons/Zscaler.svg';
+
+	properties: INodeProperties[] = [
+		{
+			displayName: 'Cookie',
+			name: 'cookie',
+			type: 'hidden',
+			typeOptions: {
+				expirable: true,
+			},
+			default: '',
+		},
+		{
+			displayName: 'Base URL',
+			name: 'baseUrl',
+			type: 'string',
+			default: '',
+			placeholder: 'e.g. zsapi.zscalerthree.net',
+			required: true,
+		},
+		{
+			displayName: 'Username',
+			name: 'username',
+			type: 'string',
+			default: '',
+			required: true,
+		},
+		{
+			displayName: 'Password',
+			name: 'password',
+			type: 'string',
+			typeOptions: { password: true },
+			default: '',
+			required: true,
+		},
+		{
+			displayName: 'Api Key',
+			name: 'apiKey',
+			type: 'string',
+			typeOptions: {
+				password: true,
+			},
+			default: '',
+			required: true,
+		},
+	];
+
+	async preAuthentication(this: IHttpRequestHelper, credentials: ICredentialDataDecryptedObject) {
+		const { baseUrl, username, password, apiKey } = credentials;
+
+		const url = (baseUrl as string).endsWith('/')
+			? (baseUrl as string).slice(0, -1)
+			: (baseUrl as string);
+
+		const now = Date.now().toString();
+
+		const obfuscate = (key: string, timestamp: string) => {
+			const high = timestamp.substring(timestamp.length - 6);
+			let low = (parseInt(high) >> 1).toString();
+
+			let obfuscatedApiKey = '';
+			while (low.length < 6) {
+				low = '0' + low;
+			}
+
+			for (let i = 0; i < high.length; i++) {
+				obfuscatedApiKey += key.charAt(parseInt(high.charAt(i)));
+			}
+			for (let j = 0; j < low.length; j++) {
+				obfuscatedApiKey += key.charAt(parseInt(low.charAt(j)) + 2);
+			}
+
+			return obfuscatedApiKey;
+		};
+
+		const response = await this.helpers.httpRequest({
+			method: 'POST',
+			baseURL: `https://${url}`,
+			url: '/api/v1/authenticatedSession',
+			headers: {
+				'Content-Type': 'application/json',
+				'Cache-Control': 'no-cache',
+			},
+			body: {
+				apiKey: obfuscate(apiKey as string, now),
+				username,
+				password,
+				timestamp: now,
+			},
+			returnFullResponse: true,
+		});
+
+		const headers = response.headers;
+
+		const cookie = (headers['set-cookie'] as string[])
+			?.find((entrt) => entrt.includes('JSESSIONID'))
+			?.split(';')
+			?.find((entry) => entry.includes('JSESSIONID'));
+
+		if (!cookie) {
+			throw new Error('No cookie returned. Please check your credentials.');
+		}
+
+		return { cookie };
+	}
+
+	authenticate: IAuthenticateGeneric = {
+		type: 'generic',
+		properties: {
+			headers: {
+				Cookie: '={{$credentials.cookie}}',
+			},
+		},
+	};
+
+	test: ICredentialTestRequest = {
+		request: {
+			url: '=https://{{$credentials.baseUrl}}/api/v1/authSettings/exemptedUrls',
+		},
+	};
+}