admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 10:02:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): Do not save credential overwrites data into the database (#13170)

Browse Source
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
2025-02-10 17:24:36 +01:00
committed by GitHub
parent dd6d30c3d4
commit 298a7b0038
7 changed files with 153 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
packages/cli/src/controllers/oauth/__tests__/oauth2-credential.controller.test.ts
View File

@@ -1,9 +1,8 @@
import { Container } from '@n8n/di';
import Csrf from 'csrf';
import { type Response } from 'express';
import { mock } from 'jest-mock-extended';
import { Cipher } from 'n8n-core';
import { Logger } from 'n8n-core';
import { captor, mock } from 'jest-mock-extended';
import { Cipher, type InstanceSettings, Logger } from 'n8n-core';
import type { IWorkflowExecuteAdditionalData } from 'n8n-workflow';
import nock from 'nock';
@@ -34,7 +33,9 @@ describe('OAuth2CredentialController', () => {
const additionalData = mock<IWorkflowExecuteAdditionalData>();
(WorkflowExecuteAdditionalData.getBase as jest.Mock).mockReturnValue(additionalData);
const cipher = mockInstance(Cipher);
const cipher = new Cipher(mock<InstanceSettings>({ encryptionKey: 'password' }));
Container.set(Cipher, cipher);
const externalHooks = mockInstance(ExternalHooks);
const credentialsHelper = mockInstance(CredentialsHelper);
const credentialsRepository = mockInstance(CredentialsRepository);
@@ -51,6 +52,7 @@ describe('OAuth2CredentialController', () => {
id: '1',
name: 'Test Credential',
type: 'oAuth2Api',
data: cipher.encrypt({}),
});
const controller = Container.get(OAuth2CredentialController);
@@ -92,7 +94,6 @@ describe('OAuth2CredentialController', () => {
jest.spyOn(Csrf.prototype, 'create').mockReturnValueOnce('token');
sharedCredentialsRepository.findCredentialForUser.mockResolvedValueOnce(credential);
credentialsHelper.getDecrypted.mockResolvedValueOnce({});
cipher.encrypt.mockReturnValue('encrypted');
const req = mock<OAuthRequest.OAuth2Credential.Auth>({ user, query: { id: '1' } });
const authUri = await controller.getAuthUri(req);
@@ -106,15 +107,19 @@ describe('OAuth2CredentialController', () => {
createdAt: timestamp,
userId: '123',
});
const dataCaptor = captor();
expect(credentialsRepository.update).toHaveBeenCalledWith(
'1',
expect.objectContaining({
data: 'encrypted',
data: dataCaptor,
id: '1',
name: 'Test Credential',
type: 'oAuth2Api',
}),
);
expect(cipher.decrypt(dataCaptor.value)).toEqual(
JSON.stringify({ csrfSecret: 'csrf-secret' }),
);
expect(credentialsHelper.getDecrypted).toHaveBeenCalledWith(
additionalData,
credential,
@@ -248,7 +253,6 @@ describe('OAuth2CredentialController', () => {
'code=code&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A5678%2Frest%2Foauth2-credential%2Fcallback',
)
.reply(200, { access_token: 'access-token', refresh_token: 'refresh-token' });
cipher.encrypt.mockReturnValue('encrypted');
await controller.handleCallback(req, res);
@@ -258,18 +262,21 @@ describe('OAuth2CredentialController', () => {
redirectUri: 'http://localhost:5678/rest/oauth2-credential/callback',
}),
]);
expect(cipher.encrypt).toHaveBeenCalledWith({
oauthTokenData: { access_token: 'access-token', refresh_token: 'refresh-token' },
});
const dataCaptor = captor();
expect(credentialsRepository.update).toHaveBeenCalledWith(
'1',
expect.objectContaining({
data: 'encrypted',
data: dataCaptor,
id: '1',
name: 'Test Credential',
type: 'oAuth2Api',
}),
);
expect(cipher.decrypt(dataCaptor.value)).toEqual(
JSON.stringify({
oauthTokenData: { access_token: 'access-token', refresh_token: 'refresh-token' },
}),
);
expect(res.render).toHaveBeenCalledWith('oauth-callback');
expect(credentialsHelper.getDecrypted).toHaveBeenCalledWith(
additionalData,
@@ -294,7 +301,6 @@ describe('OAuth2CredentialController', () => {
'code=code&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A5678%2Frest%2Foauth2-credential%2Fcallback',
)
.reply(200, { access_token: 'access-token', refresh_token: 'refresh-token' });
cipher.encrypt.mockReturnValue('encrypted');
await controller.handleCallback(req, res);
@@ -304,22 +310,25 @@ describe('OAuth2CredentialController', () => {
redirectUri: 'http://localhost:5678/rest/oauth2-credential/callback',
}),
]);
expect(cipher.encrypt).toHaveBeenCalledWith({
oauthTokenData: {
token: true,
access_token: 'access-token',
refresh_token: 'refresh-token',
},
});
const dataCaptor = captor();
expect(credentialsRepository.update).toHaveBeenCalledWith(
'1',
expect.objectContaining({
data: 'encrypted',
data: dataCaptor,
id: '1',
name: 'Test Credential',
type: 'oAuth2Api',
}),
);
expect(cipher.decrypt(dataCaptor.value)).toEqual(
JSON.stringify({
oauthTokenData: {
token: true,
access_token: 'access-token',
refresh_token: 'refresh-token',
},
}),
);
expect(res.render).toHaveBeenCalledWith('oauth-callback');
});
@@ -336,7 +345,6 @@ describe('OAuth2CredentialController', () => {
'code=code&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A5678%2Frest%2Foauth2-credential%2Fcallback',
)
.reply(200, { access_token: 'access-token', refresh_token: 'refresh-token' });
cipher.encrypt.mockReturnValue('encrypted');
await controller.handleCallback(req, res);
@@ -346,18 +354,21 @@ describe('OAuth2CredentialController', () => {
redirectUri: 'http://localhost:5678/rest/oauth2-credential/callback',
}),
]);
expect(cipher.encrypt).toHaveBeenCalledWith({
oauthTokenData: { access_token: 'access-token', refresh_token: 'refresh-token' },
});
const dataCaptor = captor();
expect(credentialsRepository.update).toHaveBeenCalledWith(
'1',
expect.objectContaining({
data: 'encrypted',
data: dataCaptor,
id: '1',
name: 'Test Credential',
type: 'oAuth2Api',
}),
);
expect(cipher.decrypt(dataCaptor.value)).toEqual(
JSON.stringify({
oauthTokenData: { access_token: 'access-token', refresh_token: 'refresh-token' },
}),
);
expect(res.render).toHaveBeenCalledWith('oauth-callback');
});
});