UNPKG

@grpc/grpc-js

Version:

gRPC Library for Node - pure JS implementation

grpc.io

grpc/grpc-node

120 lines (119 loc) 5.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
import { PeerCertificate, SecureContext } from 'tls'; import { CallCredentials } from './call-credentials'; import { CertificateProvider } from './certificate-provider'; import { Socket } from 'net'; import { ChannelOptions } from './channel-options'; import { GrpcUri } from './uri-parser'; /** * A callback that will receive the expected hostname and presented peer * certificate as parameters. The callback should return an error to * indicate that the presented certificate is considered invalid and * otherwise returned undefined. */ export type CheckServerIdentityCallback = (hostname: string, cert: PeerCertificate) => Error | undefined; /** * Additional peer verification options that can be set when creating * SSL credentials. */ export interface VerifyOptions { /** * If set, this callback will be invoked after the usual hostname verification * has been performed on the peer certificate. */ checkServerIdentity?: CheckServerIdentityCallback; rejectUnauthorized?: boolean; } export interface SecureConnectResult { socket: Socket; secure: boolean; } export interface SecureConnector { connect(socket: Socket): Promise<SecureConnectResult>; waitForReady(): Promise<void>; getCallCredentials(): CallCredentials; destroy(): void; } /** * A class that contains credentials for communicating over a channel, as well * as a set of per-call credentials, which are applied to every method call made * over a channel initialized with an instance of this class. */ export declare abstract class ChannelCredentials { /** * Returns a copy of this object with the included set of per-call credentials * expanded to include callCredentials. * @param callCredentials A CallCredentials object to associate with this * instance. */ compose(callCredentials: CallCredentials): ChannelCredentials; /** * Indicates whether this credentials object creates a secure channel. */ abstract _isSecure(): boolean; /** * Check whether two channel credentials objects are equal. Two secure * credentials are equal if they were constructed with the same parameters. * @param other The other ChannelCredentials Object */ abstract _equals(other: ChannelCredentials): boolean; abstract _createSecureConnector(channelTarget: GrpcUri, options: ChannelOptions, callCredentials?: CallCredentials): SecureConnector; /** * Return a new ChannelCredentials instance with a given set of credentials. * The resulting instance can be used to construct a Channel that communicates * over TLS. * @param rootCerts The root certificate data. * @param privateKey The client certificate private key, if available. * @param certChain The client certificate key chain, if available. * @param verifyOptions Additional options to modify certificate verification */ static createSsl(rootCerts?: Buffer | null, privateKey?: Buffer | null, certChain?: Buffer | null, verifyOptions?: VerifyOptions): ChannelCredentials; /** * Return a new ChannelCredentials instance with credentials created using * the provided secureContext. The resulting instances can be used to * construct a Channel that communicates over TLS. gRPC will not override * anything in the provided secureContext, so the environment variables * GRPC_SSL_CIPHER_SUITES and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH will * not be applied. * @param secureContext The return value of tls.createSecureContext() * @param verifyOptions Additional options to modify certificate verification */ static createFromSecureContext(secureContext: SecureContext, verifyOptions?: VerifyOptions): ChannelCredentials; /** * Return a new ChannelCredentials instance with no credentials. */ static createInsecure(): ChannelCredentials; } declare class CertificateProviderChannelCredentialsImpl extends ChannelCredentials { private caCertificateProvider; private identityCertificateProvider; private verifyOptions; private refcount; /** * `undefined` means that the certificates have not yet been loaded. `null` * means that an attempt to load them has completed, and has failed. */ private latestCaUpdate; /** * `undefined` means that the certificates have not yet been loaded. `null` * means that an attempt to load them has completed, and has failed. */ private latestIdentityUpdate; private caCertificateUpdateListener; private identityCertificateUpdateListener; private secureContextWatchers; private static SecureConnectorImpl; constructor(caCertificateProvider: CertificateProvider, identityCertificateProvider: CertificateProvider | null, verifyOptions: VerifyOptions); _isSecure(): boolean; _equals(other: ChannelCredentials): boolean; private ref; private unref; _createSecureConnector(channelTarget: GrpcUri, options: ChannelOptions, callCredentials?: CallCredentials): SecureConnector; private maybeUpdateWatchers; private handleCaCertificateUpdate; private handleIdentityCertitificateUpdate; private hasReceivedUpdates; private getSecureContext; private getLatestSecureContext; } export declare function createCertificateProviderChannelCredentials(caCertificateProvider: CertificateProvider, identityCertificateProvider: CertificateProvider | null, verifyOptions?: VerifyOptions): CertificateProviderChannelCredentialsImpl; export {};