frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00
Code Issues Releases Wiki Activity

Merge pull request #3498 from sammachin/sammachin_credentials

Browse Source 
Error on invalid encrypted credentials
This commit is contained in:
Nick O'Leary 2022-04-21 10:59:43 +01:00 committed by GitHub
commit 3a26c5cd65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 28 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
packages/node_modules/@node-red/runtime/lib/nodes/credentials.js vendored
View File

@ -239,7 +239,15 @@ var api = module.exports = {
throw error; throw error;
} }
} else { } else {
credentialCache = credentials; if (encryptionEnabled) {
// Our config expects the credentials to be encrypted but the encrypted object is not found
log.warn(log._("nodes.credentials.encryptedNotFound"))
credentialCache = credentials;
} else {
// credentialSecret is set to False
log.warn(log._("nodes.credentials.unencrypted"))
credentialCache = credentials;
}
} }
if (clearInvalidFlag) { if (clearInvalidFlag) {
// TODO: this delves too deep into Project structure // TODO: this delves too deep into Project structure

4
packages/node_modules/@node-red/runtime/locales/en-US/runtime.json vendored
View File

@ -104,7 +104,9 @@
"error":"Error loading credentials: __message__", "error":"Error loading credentials: __message__",
"error-saving":"Error saving credentials: __message__", "error-saving":"Error saving credentials: __message__",
"not-registered": "Credential type '__type__' is not registered", "not-registered": "Credential type '__type__' is not registered",
"system-key-warning": "\n\n---------------------------------------------------------------------\nYour flow credentials file is encrypted using a system-generated key.\n\nIf the system-generated key is lost for any reason, your credentials\nfile will not be recoverable, you will have to delete it and re-enter\nyour credentials.\n\nYou should set your own key using the 'credentialSecret' option in\nyour settings file. Node-RED will then re-encrypt your credentials\nfile using your chosen key the next time you deploy a change.\n---------------------------------------------------------------------\n" "system-key-warning": "\n\n---------------------------------------------------------------------\nYour flow credentials file is encrypted using a system-generated key.\n\nIf the system-generated key is lost for any reason, your credentials\nfile will not be recoverable, you will have to delete it and re-enter\nyour credentials.\n\nYou should set your own key using the 'credentialSecret' option in\nyour settings file. Node-RED will then re-encrypt your credentials\nfile using your chosen key the next time you deploy a change.\n---------------------------------------------------------------------\n",
"unencrypted" : "Using unencrypted credentials",
"encryptedNotFound" : "Encrypted credentials not found"
}, },
"flows": { "flows": {
"safe-mode": "Flows stopped in safe mode. Deploy to start.", "safe-mode": "Flows stopped in safe mode. Deploy to start.",

16
test/unit/@node-red/runtime/lib/nodes/credentials_spec.js
View File

@ -379,7 +379,6 @@ describe('red/runtime/nodes/credentials', function() {
credentials.export().then(function(result) { credentials.export().then(function(result) {
result.should.have.a.property("$"); result.should.have.a.property("$");
settings.should.not.have.a.property("_credentialSecret"); settings.should.not.have.a.property("_credentialSecret");
// reset everything - but with _credentialSecret still set // reset everything - but with _credentialSecret still set
credentials.init(runtime); credentials.init(runtime);
// load the freshly encrypted version // load the freshly encrypted version
@ -445,6 +444,21 @@ describe('red/runtime/nodes/credentials', function() {
}); });
}); });
it('handles bad credentials object - resets credentials', function(done) {
settings = {
credentialSecret: "e3a36f47f005bf2aaa51ce3fc6fcaafd79da8d03f2b1a9281f8fb0a285e6255a"
};
// {"node":{user1:"abc",password1:"123"}}
var cryptedFlows = {"BADKEY":"5b89d8209b5158a3c313675561b1a5b5phN1gDBe81Zv98KqS/hVDmc9EKvaKqRIvcyXYvBlFNzzzJtvN7qfw06i"};
credentials.init(runtime);
credentials.load(cryptedFlows).then(function() {
done();
}).catch(function(err) {
err.should.have.property('code','credentials_load_failed');
done();
});
});
it('handles unavailable settings - leaves creds unencrypted', function(done) { it('handles unavailable settings - leaves creds unencrypted', function(done) {
var runtime = { var runtime = {
log: log, log: log,

2
test/unit/@node-red/runtime/lib/nodes/index_spec.js
View File

@ -63,7 +63,7 @@ describe("red/nodes/index", function() {
var runtime = { var runtime = {
settings: settings, settings: settings,
storage: storage, storage: storage,
log: {debug:function() {}, warn:function() {}}, log: {debug:function() {}, warn:function() {}, _: function() {}},
events: new EventEmitter() events: new EventEmitter()
}; };