Centralized error throwing for encryption key

packages/cli/commands/export/credentials.ts

@@ -123,9 +123,6 @@ export class ExportCredentialsCommand extends Command {
 
 			if (flags.decrypted) {
 				const encryptionKey = await UserSettings.getEncryptionKey();
-				if (encryptionKey === undefined) {
-					throw new Error('No encryption key got found to decrypt the credentials!');
-				}
 
 				for (let i = 0; i < credentials.length; i++) {
 					const { name, type, nodesAccess, data } = credentials[i];

packages/cli/commands/import/credentials.ts

@@ -86,9 +86,6 @@ export class ImportCredentialsCommand extends Command {
 			await UserSettings.prepareUserSettings();
 
 			const encryptionKey = await UserSettings.getEncryptionKey();
-			if (encryptionKey === undefined) {
-				throw new Error('No encryption key found to encrypt the credentials!');
-			}
 
 			if (flags.separate) {
 				const files = await glob(

packages/cli/commands/start.ts

@@ -173,9 +173,6 @@ export class Start extends Command {
 					// If we don't have a JWT secret set, generate
 					// one based and save to config.
 					const encryptionKey = await UserSettings.getEncryptionKey();
-					if (!encryptionKey) {
-						throw new Error('Fatal error setting up user management: no encryption key set.');
-					}
 
 					// For a key off every other letter from encryption key
 					// CAREFUL: do not change this or it breaks all existing tokens.
@@ -210,9 +207,9 @@ export class Start extends Command {
 				// Wait till the database is ready
 				await startDbInitPromise;
 
-				const encryptionKey = await UserSettings.getEncryptionKey();
-
-				if (!encryptionKey) {
+				try {
+					await UserSettings.getEncryptionKey();
+				} catch (error) {
 					throw new Error(RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY);
 				}
 

packages/cli/src/Server.ts

@@ -1696,8 +1696,10 @@ class App {
 					);
 				}
 
-				const encryptionKey = await UserSettings.getEncryptionKey();
-				if (!encryptionKey) {
+				let encryptionKey: string;
+				try {
+					encryptionKey = await UserSettings.getEncryptionKey();
+				} catch (error) {
 					throw new ResponseHelper.ResponseError(
 						RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
 						undefined,
@@ -1832,15 +1834,15 @@ class App {
 						return ResponseHelper.sendErrorResponse(res, errorResponse);
 					}
 
-					const encryptionKey = await UserSettings.getEncryptionKey();
-
-					if (!encryptionKey) {
-						const errorResponse = new ResponseHelper.ResponseError(
+					let encryptionKey: string;
+					try {
+						encryptionKey = await UserSettings.getEncryptionKey();
+					} catch (error) {
+						throw new ResponseHelper.ResponseError(
 							RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
 							undefined,
-							503,
+							500,
 						);
-						return ResponseHelper.sendErrorResponse(res, errorResponse);
 					}
 
 					const mode: WorkflowExecuteMode = 'internal';
@@ -1949,8 +1951,10 @@ class App {
 					);
 				}
 
-				const encryptionKey = await UserSettings.getEncryptionKey();
-				if (!encryptionKey) {
+				let encryptionKey: string;
+				try {
+					encryptionKey = await UserSettings.getEncryptionKey();
+				} catch (error) {
 					throw new ResponseHelper.ResponseError(
 						RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
 						undefined,
@@ -2087,15 +2091,15 @@ class App {
 						return ResponseHelper.sendErrorResponse(res, errorResponse);
 					}
 
-					const encryptionKey = await UserSettings.getEncryptionKey();
-
-					if (!encryptionKey) {
-						const errorResponse = new ResponseHelper.ResponseError(
+					let encryptionKey: string;
+					try {
+						encryptionKey = await UserSettings.getEncryptionKey();
+					} catch (error) {
+						throw new ResponseHelper.ResponseError(
 							RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
 							undefined,
-							503,
+							500,
 						);
-						return ResponseHelper.sendErrorResponse(res, errorResponse);
 					}
 
 					const mode: WorkflowExecuteMode = 'internal';

packages/cli/src/WorkflowExecuteAdditionalData.ts

@@ -66,6 +66,7 @@ import {
 	getWorkflowOwner,
 } from './UserManagement/UserManagementHelper';
 import { whereClause } from './WorkflowHelpers';
+import { RESPONSE_ERROR_MESSAGES } from './constants';
 
 const ERROR_TRIGGER_TYPE = config.get('nodes.errorTriggerType') as string;
 
@@ -1033,9 +1034,11 @@ export async function getBase(
 	const webhookWaitingBaseUrl = urlBaseWebhook + config.get('endpoints.webhookWaiting');
 	const webhookTestBaseUrl = urlBaseWebhook + config.get('endpoints.webhookTest');
 
-	const encryptionKey = await UserSettings.getEncryptionKey();
-	if (encryptionKey === undefined) {
-		throw new Error('No encryption key got found to decrypt the credentials!');
+	let encryptionKey: string;
+	try {
+		encryptionKey = await UserSettings.getEncryptionKey();
+	} catch (error) {
+		throw new Error(RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY);
 	}
 
 	return {

packages/cli/src/api/credentials.api.ts

@@ -115,13 +115,15 @@ credentialsController.post(
 	ResponseHelper.send(async (req: CredentialRequest.Test): Promise<INodeCredentialTestResult> => {
 		const { credentials, nodeToTestWith } = req.body;
 
-		const encryptionKey = await UserSettings.getEncryptionKey();
-
-		if (!encryptionKey) {
-			return {
-				status: 'Error',
-				message: RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
-			};
+		let encryptionKey: string;
+		try {
+			encryptionKey = await UserSettings.getEncryptionKey();
+		} catch (error) {
+			throw new ResponseHelper.ResponseError(
+				RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
+				undefined,
+				500,
+			);
 		}
 
 		const helper = new CredentialsHelper(encryptionKey);
@@ -149,9 +151,10 @@ credentialsController.post(
 			nodeAccess.date = new Date();
 		}
 
-		const encryptionKey = await UserSettings.getEncryptionKey();
-
-		if (!encryptionKey) {
+		let encryptionKey: string;
+		try {
+			encryptionKey = await UserSettings.getEncryptionKey();
+		} catch (error) {
 			throw new ResponseHelper.ResponseError(
 				RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
 				undefined,
@@ -285,9 +288,10 @@ credentialsController.patch(
 			}
 		}
 
-		const encryptionKey = await UserSettings.getEncryptionKey();
-
-		if (!encryptionKey) {
+		let encryptionKey: string;
+		try {
+			encryptionKey = await UserSettings.getEncryptionKey();
+		} catch (error) {
 			throw new ResponseHelper.ResponseError(
 				RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
 				undefined,
@@ -393,9 +397,10 @@ credentialsController.get(
 
 		const { data, id, ...rest } = credential;
 
-		const encryptionKey = await UserSettings.getEncryptionKey();
-
-		if (!encryptionKey) {
+		let encryptionKey: string;
+		try {
+			encryptionKey = await UserSettings.getEncryptionKey();
+		} catch (error) {
 			throw new ResponseHelper.ResponseError(
 				RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
 				undefined,

packages/cli/test/integration/credentials.api.test.ts

@@ -87,7 +87,7 @@ test('POST /credentials should fail with invalid inputs', async () => {
 
 test('POST /credentials should fail with missing encryption key', async () => {
 	const mock = jest.spyOn(UserSettings, 'getEncryptionKey');
-	mock.mockResolvedValue(undefined);
+	mock.mockRejectedValue(new Error('Encryption key not found.'));
 
 	const owner = await Db.collections.User!.findOneOrFail();
 	const authOwnerAgent = utils.createAgent(app, { auth: true, user: owner });
@@ -348,7 +348,8 @@ test('PATCH /credentials/:id should fail if cred not found', async () => {
 
 test('PATCH /credentials/:id should fail with missing encryption key', async () => {
 	const mock = jest.spyOn(UserSettings, 'getEncryptionKey');
-	mock.mockResolvedValue(undefined);
+	mock.mockRejectedValue(new Error('Encryption key not found.'));
+
 
 	const owner = await Db.collections.User!.findOneOrFail();
 	const authOwnerAgent = utils.createAgent(app, { auth: true, user: owner });
@@ -494,7 +495,8 @@ test('GET /credentials/:id should fail with missing encryption key', async () =>
 	const savedCredential = await saveCredential(credentialPayload(), { user: owner });
 
 	const mock = jest.spyOn(UserSettings, 'getEncryptionKey');
-	mock.mockResolvedValue(undefined);
+	mock.mockRejectedValue(new Error('Encryption key not found.'));
+
 
 	const response = await authOwnerAgent
 		.get(`/credentials/${savedCredential.id}`)

packages/cli/test/integration/shared/testDb.ts

@@ -373,10 +373,6 @@ export const getMySqlOptions = ({ name }: { name: string }): ConnectionOptions =
 async function encryptCredentialData(credential: CredentialsEntity) {
 	const encryptionKey = await UserSettings.getEncryptionKey();
 
-	if (!encryptionKey) {
-		throw new Error(RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY);
-	}
-
 	const coreCredential = new Credentials(
 		{ id: null, name: credential.name },
 		credential.type,

packages/core/src/UserSettings.ts

@@ -73,19 +73,15 @@ export async function prepareUserSettings(): Promise<IUserSettings> {
  * @returns
  */
 
-export async function getEncryptionKey(): Promise<string | undefined> {
+export async function getEncryptionKey(): Promise<string> {
 	if (process.env[ENCRYPTION_KEY_ENV_OVERWRITE] !== undefined) {
-		return process.env[ENCRYPTION_KEY_ENV_OVERWRITE];
+		return process.env[ENCRYPTION_KEY_ENV_OVERWRITE] as string;
 	}
 
 	const userSettings = await getUserSettings();
 
-	if (userSettings === undefined) {
-		return undefined;
-	}
-
-	if (userSettings.encryptionKey === undefined) {
-		return undefined;
+	if (userSettings === undefined || userSettings.encryptionKey === undefined) {
+		throw new Error('Encryption key not set');
 	}
 
 	return userSettings.encryptionKey;