feat: Using global private environment to save secrets[INS-4715]

packages/insomnia-sdk/src/objects/environments.ts

@@ -132,3 +132,38 @@ export class Variables {
         return this.localVars.toObject();
     };
 }
+
+export class Vault extends Environment {
+
+    constructor(name: string, jsonObject: object | undefined, enableVaultInScripts: boolean) {
+        super(name, jsonObject);
+        return new Proxy(this, {
+            // throw error on get or set method call if enableVaultInScripts is false
+            get: (target, prop, receiver) => {
+                if (!enableVaultInScripts) {
+                    throw new Error('Vault is disabled in script');
+                }
+                return Reflect.get(target, prop, receiver);
+            },
+            set: (target, prop, value, receiver) => {
+                if (!enableVaultInScripts) {
+                    throw new Error('Vault is disabled in script');
+                }
+                return Reflect.set(target, prop, value, receiver);
+            },
+        });
+    }
+
+    unset = () => {
+        throw new Error('Vault can not be unset in script');
+    };
+
+    clear = () => {
+        throw new Error('Vault can not be cleared in script');
+    };
+
+    set = () => {
+        throw new Error('Vault can not be set in script');
+    };
+
+}

packages/insomnia-sdk/src/objects/insomnia.ts

@@ -7,7 +7,7 @@ import { filterClientCertificates } from 'insomnia/src/network/certificate';
 import { toPreRequestAuth } from './auth';
 import { getExistingConsole } from './console';
 import { CookieObject } from './cookies';
-import { Environment, Variables } from './environments';
+import { Environment, Variables, Vault } from './environments';
 import { Execution } from './execution';
 import { Folder, ParentFolders } from './folders';
 import type { RequestContext } from './interfaces';
@@ -30,6 +30,7 @@ export class InsomniaObject {
     public info: RequestInfo;
     public response?: ScriptResponse;
     public execution: Execution;
+    public vault?: Vault;
 
     public clientCertificates: ClientCertificate[];
     private _expect = expect;
@@ -60,6 +61,7 @@ export class InsomniaObject {
             execution: Execution;
             response?: ScriptResponse;
             parentFolders: ParentFolders;
+            vault?: Vault;
         },
     ) {
         this.globals = rawObj.globals;
@@ -71,6 +73,7 @@ export class InsomniaObject {
         this.cookies = rawObj.cookies;
         this.response = rawObj.response;
         this.execution = rawObj.execution;
+        this.vault = rawObj.vault;
 
         this.info = rawObj.requestInfo;
         this.request = rawObj.request;
@@ -156,6 +159,9 @@ export async function initInsomniaObject(
         new Environment(rawObj.iterationData.name, rawObj.iterationData.data) : new Environment('iterationData', {});
     const localVariables = rawObj.transientVariables ?
         new Environment(rawObj.transientVariables.name, rawObj.transientVariables.data) : new Environment('transientVariables', {});
+    const enableVaultInScripts = rawObj.settings?.enableVaultInScripts || false;
+    const vault = rawObj.vault ?
+        new Vault('vault', rawObj.vault, enableVaultInScripts) : new Vault('vault', {}, enableVaultInScripts);
     const cookies = new CookieObject(rawObj.cookieJar);
     // TODO: update follows when post-request script and iterationData are introduced
     const requestInfo = new RequestInfo({
@@ -255,6 +261,7 @@ export async function initInsomniaObject(
         environment,
         baseEnvironment,
         iterationData,
+        vault,
         variables,
         request,
         settings: rawObj.settings,

packages/insomnia-sdk/src/objects/interfaces.ts

@@ -18,6 +18,7 @@ export interface RequestContext {
     timelinePath: string;
     environment: IEnvironment;
     baseEnvironment: IEnvironment;
+    vault?: IEnvironment;
     collectionVariables?: object;
     globals?: object;
     iterationData?: Omit<IEnvironment, 'id'>;

packages/insomnia-smoke-test/fixtures/vault-collection.yaml

@@ -0,0 +1,271 @@
+_type: export
+__export_format: 4
+__export_date: 2025-01-24T07:58:39.196Z
+__export_source: insomnia.desktop.app:v10.3.1-beta.0
+resources:
+  - _id: req_d6152608f4ca49aaadce1b379bf52fac
+    parentId: wrk_37e3ee9c2ce7468493378fa5e525b4b1
+    modified: 1737705511624
+    created: 1737705423707
+    url: localhost:4010/
+    name: normal
+    description: ""
+    method: GET
+    body:
+      mimeType: text/plain
+      text: |-
+        {{ _.vault.foo }}
+        {{ _.vault.hello }}
+    parameters: []
+    headers:
+      - name: Content-Type
+        value: text/plain
+      - name: User-Agent
+        value: insomnia/10.3.1-beta.0
+    authentication: {}
+    metaSortKey: -1737705423707
+    isPrivate: false
+    pathParameters: []
+    settingStoreCookies: true
+    settingSendCookies: true
+    settingDisableRenderRequestBody: false
+    settingEncodeUrl: true
+    settingRebuildPath: true
+    settingFollowRedirects: global
+    _type: request
+  - _id: wrk_37e3ee9c2ce7468493378fa5e525b4b1
+    parentId: null
+    modified: 1737705410863
+    created: 1737705410863
+    name: Vault Collection
+    description: ""
+    scope: collection
+    _type: workspace
+  - _id: req_1c9ef3a2afae47d1bd960ae23de09750
+    parentId: wrk_37e3ee9c2ce7468493378fa5e525b4b1
+    modified: 1737617845875
+    created: 1734948333857
+    url: localhost:4010/
+    name: legacy-array-vault
+    description: ""
+    method: GET
+    body:
+      mimeType: text/plain
+      text: |-
+        {{ _.vault.secret }}
+        {{ _.vault[0] }}
+    parameters:
+      - id: pair_74f9877885a84128b4d5afc0dfc77945
+        name: ""
+        value: ""
+        description: ""
+        disabled: false
+    headers:
+      - name: Content-Type
+        value: text/plain
+      - name: User-Agent
+        value: insomnia/10.2.1-beta.1
+    authentication:
+      type: apikey
+      disabled: false
+      key: ""
+      value: ""
+      addTo: header
+    preRequestScript: |-
+      console.log('pre');
+      console.log(insomnia.variables.get('vault')[1]);
+      console.log(insomnia.vault.get('foo'));
+    metaSortKey: -1734948333857
+    isPrivate: false
+    pathParameters: []
+    afterResponseScript: |-
+      console.log('after');
+      console.log(insomnia.vault.get('hello'));
+    settingStoreCookies: true
+    settingSendCookies: true
+    settingDisableRenderRequestBody: false
+    settingEncodeUrl: true
+    settingRebuildPath: true
+    settingFollowRedirects: global
+    _type: request
+  - _id: req_2a150b45acb242cfa2db04d929a11085
+    parentId: wrk_37e3ee9c2ce7468493378fa5e525b4b1
+    modified: 1737617920254
+    created: 1737617896390
+    url: localhost:4010/
+    name: legacy-invalid-vault
+    description: ""
+    method: GET
+    body:
+      mimeType: text/plain
+      text: ""
+    parameters:
+      - id: pair_74f9877885a84128b4d5afc0dfc77945
+        name: ""
+        value: ""
+        description: ""
+        disabled: false
+    headers:
+      - name: Content-Type
+        value: text/plain
+      - name: User-Agent
+        value: insomnia/10.2.1-beta.1
+    authentication:
+      type: apikey
+      disabled: false
+      key: ""
+      value: ""
+      addTo: header
+    metaSortKey: -1731983168815.5
+    isPrivate: false
+    pathParameters: []
+    settingStoreCookies: true
+    settingSendCookies: true
+    settingDisableRenderRequestBody: false
+    settingEncodeUrl: true
+    settingRebuildPath: true
+    settingFollowRedirects: global
+    _type: request
+  - _id: req_fb7fb8d4345f471fb53d03b069737a07
+    parentId: wrk_37e3ee9c2ce7468493378fa5e525b4b1
+    modified: 1737617874271
+    created: 1737617856040
+    url: localhost:4010/
+    name: legacy-object-vault
+    description: ""
+    method: GET
+    body:
+      mimeType: text/plain
+      text: |-
+        {{ _.vault.secret }}
+        {{ _.vault.v1 }}
+    parameters:
+      - id: pair_74f9877885a84128b4d5afc0dfc77945
+        name: ""
+        value: ""
+        description: ""
+        disabled: false
+    headers:
+      - name: Content-Type
+        value: text/plain
+      - name: User-Agent
+        value: insomnia/10.2.1-beta.1
+    authentication:
+      type: apikey
+      disabled: false
+      key: ""
+      value: ""
+      addTo: header
+    preRequestScript: |-
+      console.log('pre');
+      console.log(insomnia.variables.get('vault').v2)
+      console.log(insomnia.vault.get('foo'));
+    metaSortKey: -1729018003774
+    isPrivate: false
+    pathParameters: []
+    afterResponseScript: |-
+      console.log('after');
+      console.log(insomnia.vault.get('hello'));
+    settingStoreCookies: true
+    settingSendCookies: true
+    settingDisableRenderRequestBody: false
+    settingEncodeUrl: true
+    settingRebuildPath: true
+    settingFollowRedirects: global
+    _type: request
+  - _id: env_40681941450149a4a41f2dcbc22ec616
+    parentId: wrk_37e3ee9c2ce7468493378fa5e525b4b1
+    modified: 1737618683836
+    created: 1732861968102
+    name: Base Environment1
+    data:
+      a_hello: test
+      "": ""
+    dataPropertyOrder:
+      "&":
+        - a_hello
+        - ""
+    color: null
+    isPrivate: false
+    metaSortKey: 1732861968102
+    environmentType: kv
+    kvPairData:
+      - id: envPair_62a7e9c0cdb949e0abf15e0fe4b1e8d3
+        name: a_hello
+        value: test
+        type: str
+        enabled: true
+      - id: envPair_e479dfc1d364470eb3cd717e277953c9
+        name: ""
+        value: ""
+        type: str
+        enabled: true
+    _type: environment
+  - _id: jar_51eb1ce9f9e74e7684c8114098b1aa33
+    parentId: wrk_37e3ee9c2ce7468493378fa5e525b4b1
+    modified: 1737618683835
+    created: 1734948168939
+    name: Default Jar
+    cookies: []
+    _type: cookie_jar
+  - _id: env_7ace551350dc40cbbb8302234ec0af0a
+    parentId: env_40681941450149a4a41f2dcbc22ec616
+    modified: 1737618683836
+    created: 1736745679348
+    name: base with vault
+    data:
+      vault: hello
+    dataPropertyOrder:
+      "&":
+        - vault
+    color: null
+    isPrivate: false
+    metaSortKey: 1736745679348
+    environmentType: kv
+    kvPairData:
+      - id: envPair_4bcd80eeb9c544c8a5cca0a1a6a85ffc
+        name: vault
+        value: hello
+        type: str
+        enabled: true
+    _type: environment
+  - _id: env_fce7e052bb99440a9019a162afea7f85
+    parentId: env_40681941450149a4a41f2dcbc22ec616
+    modified: 1737617847199
+    created: 1736745692249
+    name: legacy vault value array
+    data:
+      vault:
+        - vault_array_a
+        - vault_array_b
+        - vault_array_c
+    dataPropertyOrder:
+      "&":
+        - vault
+    color: null
+    isPrivate: false
+    metaSortKey: 1736745679398
+    environmentType: json
+    kvPairData: []
+    _type: environment
+  - _id: env_9214888ae2dc497e87a7f8f8edaf19f2
+    parentId: env_40681941450149a4a41f2dcbc22ec616
+    modified: 1737617875350
+    created: 1737617352406
+    name: legacy vault value object
+    data:
+      vault:
+        v1: secv1
+        v2: secv2
+    dataPropertyOrder:
+      "&":
+        - vault
+      "&~|vault":
+        - v1
+        - v2
+    color: null
+    isPrivate: false
+    metaSortKey: 1736881902959
+    environmentType: json
+    kvPairData: []
+    _type: environment