1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
|
/**
* Copyright 2014 IBM Corp.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
var util = require("util");
var when = require("when");
var credentialCache = {};
var storage = null;
var credentialsDef = {};
var redApp = null;
/**
* Adds an HTTP endpoint to allow look up of credentials for a given node id.
*/
function registerEndpoint(type) {
redApp.get('/credentials/' + type + '/:id', function (req, res) {
// TODO: This could be a generic endpoint with the type value
// parameterised.
//
// TODO: It should verify the given node id is of the type specified -
// but that would add a dependency from this module to the
// registry module that knows about node types.
var nodeType = type;
var nodeID = req.params.id;
var credentials = credentialCache[nodeID];
if (credentials === undefined) {
res.json({});
return;
}
var definition = credentialsDef[nodeType];
var sendCredentials = {};
for (var cred in definition) {
if (definition.hasOwnProperty(cred)) {
if (definition[cred].type == "password") {
var key = 'has_' + cred;
sendCredentials[key] = credentials[cred] != null && credentials[cred] !== '';
continue;
}
sendCredentials[cred] = credentials[cred] || '';
}
}
res.json(sendCredentials);
});
}
module.exports = {
init: function (_storage) {
storage = _storage;
// TODO: this should get passed in init function call rather than
// required directly.
redApp = require("../server").app;
},
/**
* Loads the credentials from storage.
*/
load: function () {
return storage.getCredentials().then(function (creds) {
credentialCache = creds;
}).otherwise(function (err) {
util.log("[red] Error loading credentials : " + err);
});
},
/**
* Adds a set of credentials for the given node id.
* @param id the node id for the credentials
* @param creds an object of credential key/value pairs
* @return a promise for the saving of credentials to storage
*/
add: function (id, creds) {
credentialCache[id] = creds;
return storage.saveCredentials(credentialCache);
},
/**
* Gets the credentials for the given node id.
* @param id the node id for the credentials
* @return the credentials
*/
get: function (id) {
return credentialCache[id];
},
/**
* Deletes the credentials for the given node id.
* @param id the node id for the credentials
* @return a promise for the saving of credentials to storage
*/
delete: function (id) {
delete credentialCache[id];
storage.saveCredentials(credentialCache);
},
/**
* Deletes any credentials for nodes that no longer exist
* @param getNode a function that can return a node for a given id
* @return a promise for the saving of credentials to storage
*/
clean: function (getNode) {
var deletedCredentials = false;
for (var c in credentialCache) {
if (credentialCache.hasOwnProperty(c)) {
var n = getNode(c);
if (!n) {
deletedCredentials = true;
delete credentialCache[c];
}
}
}
if (deletedCredentials) {
return storage.saveCredentials(credentialCache);
} else {
return when.resolve();
}
},
/**
* Registers a node credential definition.
* @param type the node type
* @param definition the credential definition
*/
register: function (type, definition) {
var dashedType = type.replace(/\s+/g, '-');
credentialsDef[dashedType] = definition;
registerEndpoint(dashedType);
},
/**
* Extracts and stores any credential updates in the provided node.
* The provided node may have a .credentials property that contains
* new credentials for the node.
* This function loops through the credentials in the definition for
* the node-type and applies any of the updates provided in the node.
*
* This function does not save the credentials to disk as it is expected
* to be called multiple times when a new flow is deployed.
*
* @param node the node to extract credentials from
*/
extract: function(node) {
var nodeID = node.id;
var nodeType = node.type;
var newCreds = node.credentials;
if (newCreds) {
var savedCredentials = credentialCache[nodeID] || {};
var dashedType = nodeType.replace(/\s+/g, '-');
var definition = credentialsDef[dashedType];
if (!definition) {
util.log('Credential Type ' + nodeType + ' is not registered.');
return;
}
for (var cred in definition) {
if (definition.hasOwnProperty(cred)) {
if (newCreds[cred] === undefined) {
continue;
}
if (definition[cred].type == "password" && newCreds[cred] == '__PWRD__') {
continue;
}
if (0 === newCreds[cred].length || /^\s*$/.test(newCreds[cred])) {
delete savedCredentials[cred];
continue;
}
savedCredentials[cred] = newCreds[cred];
}
}
credentialCache[nodeID] = savedCredentials;
}
},
/**
* Saves the credentials to storage
* @return a promise for the saving of credentials to storage
*/
save: function () {
return storage.saveCredentials(credentialCache);
},
/**
* Gets the credential definition for the given node type
* @param type the node type
* @return the credential definition
*/
getDefinition: function (type) {
return credentialsDef[type];
}
}
|
