From 12341e5a0f882cb4764b3df3ecf1b50ca44097ff Mon Sep 17 00:00:00 2001 From: Michael Kret <88898367+michael-radency@users.noreply.github.com> Date: Tue, 30 Jul 2024 15:43:05 +0300 Subject: [PATCH] fix(Wait Node): Authentication fix (#10236) --- packages/nodes-base/nodes/Form/utils.ts | 14 +++++---- packages/nodes-base/nodes/Wait/Wait.node.ts | 33 ++++++++++++++++++++- 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/packages/nodes-base/nodes/Form/utils.ts b/packages/nodes-base/nodes/Form/utils.ts index 1928c935bdea8..2e79c5699ce5f 100644 --- a/packages/nodes-base/nodes/Form/utils.ts +++ b/packages/nodes-base/nodes/Form/utils.ts @@ -140,8 +140,11 @@ const checkResponseModeConfiguration = (context: IWebhookFunctions) => { } }; -export async function formWebhook(context: IWebhookFunctions) { - const nodeVersion = context.getNode().typeVersion; +export async function formWebhook( + context: IWebhookFunctions, + authProperty = FORM_TRIGGER_AUTHENTICATION_PROPERTY, +) { + const node = context.getNode(); const options = context.getNodeParameter('options', {}) as { ignoreBots?: boolean; respondWithOptions?: { @@ -159,9 +162,10 @@ export async function formWebhook(context: IWebhookFunctions) { const req = context.getRequestObject(); try { - if (options.ignoreBots && isbot(req.headers['user-agent'])) + if (options.ignoreBots && isbot(req.headers['user-agent'])) { throw new WebhookAuthorizationError(403); - await validateWebhookAuthentication(context, FORM_TRIGGER_AUTHENTICATION_PROPERTY); + } + await validateWebhookAuthentication(context, authProperty); } catch (error) { if (error instanceof WebhookAuthorizationError) { res.writeHead(error.responseCode, { 'WWW-Authenticate': 'Basic realm="Webhook"' }); @@ -310,7 +314,7 @@ export async function formWebhook(context: IWebhookFunctions) { let { useWorkflowTimezone } = options; - if (useWorkflowTimezone === undefined && nodeVersion > 2) { + if (useWorkflowTimezone === undefined && node.typeVersion > 2) { useWorkflowTimezone = true; } diff --git a/packages/nodes-base/nodes/Wait/Wait.node.ts b/packages/nodes-base/nodes/Wait/Wait.node.ts index 181a208f923c3..98badea8331d8 100644 --- a/packages/nodes-base/nodes/Wait/Wait.node.ts +++ b/packages/nodes-base/nodes/Wait/Wait.node.ts @@ -237,6 +237,14 @@ export class Wait extends Webhook { inputs: ['main'], outputs: ['main'], credentials: credentialsProperty(this.authPropertyName), + hints: [ + { + message: + "When testing your workflow using the Editor UI, you can't see the rest of the execution following the Wait node. To inspect the execution results, enable Save Manual Executions in your Workflow settings so you can review the execution results there.", + location: 'outputPane', + whenToDisplay: 'beforeExecution', + }, + ], webhooks: [ { ...defaultWebhookDescription, @@ -294,6 +302,29 @@ export class Wait extends Webhook { default: 'timeInterval', description: 'Determines the waiting mode to use before the workflow continues', }, + { + displayName: 'Authentication', + name: 'incomingAuthentication', + type: 'options', + options: [ + { + name: 'Basic Auth', + value: 'basicAuth', + }, + { + name: 'None', + value: 'none', + }, + ], + default: 'none', + description: + 'If and how incoming resume-webhook-requests to $execution.resumeFormUrl should be authenticated for additional security', + displayOptions: { + show: { + resume: ['form'], + }, + }, + }, { ...authenticationProperty(this.authPropertyName), description: @@ -427,7 +458,7 @@ export class Wait extends Webhook { async webhook(context: IWebhookFunctions) { const resume = context.getNodeParameter('resume', 0) as string; - if (resume === 'form') return await formWebhook(context); + if (resume === 'form') return await formWebhook(context, this.authPropertyName); return await super.webhook(context); }