Subflow to Node Credentials Management

General
1

Hi Everyone,

We currently make our own NR nodes by making use of a subflow to node converter. This enables us to use NR subflows as NR nodes in a more scalable way.

We have an issue with moving the credentials over to be available on the node, without needing to external input from the user. Currently, I just tried to pass the credentials file to the js file doing the node conversion. Please see this again.

module.exports = function(RED) {
    const fs = require('fs');
    const path = require("path");
    const crypt = require("crypto-js");

    const file = path.join(__dirname, "subflow.json");
    const text = fs.readFileSync(file);
    const flow = JSON.parse(text);

    // Load credentials from flows_cred.json
    const credentialsFile = path.join(__dirname, "flows_cred.json");
    //RED.settings.userDir
    const credentialsText = fs.readFileSync(credentialsFile);
    const credentials = JSON.parse(credentialsText);

    function getDecoder(encoding) {
        var settings = RED.settings;
        if (settings &&
            settings.encodeSubflow &&
            settings.encodeSubflow.methods) {
            const methods = settings.encodeSubflow.methods;
            const method = methods.find((x) => (x.name === encoding));
            if (method) {
                return method.decode;
            }
        }
        if (encoding == "AES") {
            return function (enc, key) {
                var enc = crypt.AES.decrypt(enc, key)
                var data = enc.toString(crypt.enc.Utf8);
                return JSON.parse(data);
            };
        }
        // no decoding
        return null;
    }

    function convFlow(sf) {
        const flow = sf.flow;
        if (((typeof flow) === "object") &&
            !Array.isArray(flow)) {
            if (flow.hasOwnProperty("encoding") &&
                flow.hasOwnProperty("flow")) {
                const encoding = flow.encoding;
                const body = flow.flow;
                const decoder = getDecoder(encoding);
                if (decoder) {
                    const key = process.env["NR_FLOW_DECODE_KEY"];
                    if (key && (key !== "")) {
                        try {
                            RED.log.info("deocde "+encoding+ " encoded flow");
                            const flowData = decoder(body, key);
                            sf.flow = flowData;
                        }
                        catch (e) {
                            throw new Error("flow decode error:"+e.toString());
                        }
                    }
                    else {
                        throw new Error("no flow decode key specified");
                    }
                }
                else {
                    throw new Error("no decoder found:" +encoding);
                }
            }
        }
        return sf;
    }


    RED.nodes.registerSubflow(convFlow(flow), credentials);
}

Credentials file:

{
    "ecf3c5ed05011987": {},
    "1777c59870e2d315": {
        "user": "test",
        "password": "test#5h7"
    }
}

Unfortunately this is not doing the trick. Does anyone have an idea of how to best insert the credentials into the node automatically?

Kind regards,

Bartho

2

Surely this is what ENV VARS are for?

Your server could define ENV VARs like NR_USER and NR_PASS that the flow designer can use. you can even set the ENV VAR value in the subflow to this so it is preset.