✨ Add support for custom AWS endpoints (#1312)

* Setup custom endpoints properties in AWS credentials type * Update AWS nodes to use new endpoints (if specified) * Fix a few error scenarios cases where message was being obscured * Extend usage of URL API to validate user inputted endpoints https://nodejs.org/docs/latest-v12.x/api/url.html * Add support to custom endpoints for SES Forgot to add this in my earlier commits… * Fix incorrect Amazon SES endpoint placeholder value * Fixed signing problems with path being ignored. Standardized to avoid future problems * Linting fix * ⚡ Make parameters optinal (wip) * Make sure that we fallback to correct URL without errors if custom endpoints are not used Co-authored-by: Luis Ramos <luis@ramos.dev> Co-authored-by: Omar Ajoue <krynble@gmail.com>
2025-12-17 10:02:05 +00:00 · 2021-01-07 14:16:52 +01:00
parent a13a7487cf
commit 1501175b81
5 changed files with 129 additions and 16 deletions
--- a/packages/nodes-base/nodes/Aws/GenericFunctions.ts
+++ b/packages/nodes-base/nodes/Aws/GenericFunctions.ts
@@ -1,3 +1,4 @@
+import { URL } from 'url';
 import { sign } from 'aws4';
 import { OptionsWithUri } from 'request';
 import { parseString } from 'xml2js';
@@ -9,6 +10,21 @@ import {
 	IWebhookFunctions,
 } from 'n8n-core';

+import {
+	ICredentialDataDecryptedObject,
+} from 'n8n-workflow';
+
+function getEndpointForService(service: string, credentials: ICredentialDataDecryptedObject): string {
+	let endpoint;
+	if (service === "lambda" && credentials.lambdaEndpoint) {
+		endpoint = credentials.lambdaEndpoint;
+	} else if (service === "sns" && credentials.snsEndpoint) {
+		endpoint = credentials.snsEndpoint;
+	} else {
+		endpoint = `https://${service}.${credentials.region}.amazonaws.com`;
+	}
+	return (endpoint as string).replace('{region}', credentials.region as string);
+}

 export async function awsApiRequest(this: IHookFunctions | IExecuteFunctions | ILoadOptionsFunctions | IWebhookFunctions, service: string, method: string, path: string, body?: string, headers?: object): Promise<any> { // tslint:disable-line:no-any
 	const credentials = this.getCredentials('aws');
@@ -16,23 +32,25 @@ export async function awsApiRequest(this: IHookFunctions | IExecuteFunctions | I
 		throw new Error('No credentials got returned!');
 	}

-	const endpoint = `${service}.${credentials.region}.amazonaws.com`;
+	// Concatenate path and instantiate URL object so it parses correctly query strings
+	const endpoint = new URL(getEndpointForService(service, credentials) + path);

 	// Sign AWS API request with the user credentials
-	const signOpts = { headers: headers || {}, host: endpoint, method, path, body };
+	const signOpts = { headers: headers || {}, host: endpoint.host, method, path: endpoint.pathname, body };
 	sign(signOpts, { accessKeyId: `${credentials.accessKeyId}`.trim(), secretAccessKey: `${credentials.secretAccessKey}`.trim() });

+
 	const options: OptionsWithUri = {
 		headers: signOpts.headers,
 		method,
-		uri: `https://${endpoint}${signOpts.path}`,
+		uri: endpoint.href,
 		body: signOpts.body,
 	};

 	try {
 		return await this.helpers.request!(options);
 	} catch (error) {
-		const errorMessage = error.response.body.message || error.response.body.Message || error.message;
+		const errorMessage = (error.response && error.response.body.message) || (error.response && error.response.body.Message) || error.message;

 		if (error.statusCode === 403) {
 			if (errorMessage === 'The security token included in the request is invalid.') {