UNPKG

@ydbjs/auth

Version:

Authentication providers for YDB: static credentials, tokens, anonymous, and cloud metadata. Integrates with the core driver for secure access.

github.com/ydb-platform/ydb-js-sdk

ydb-platform/ydb-js-sdk

56 lines 2.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
import * as tls from 'node:tls'; import { CredentialsProvider } from './index.js'; /** * Reads TLS/SSL configuration from environment variables. * * Supported variables: * - CA: `YDB_SSL_ROOT_CERTIFICATES_FILE` (file path) or `NODE_EXTRA_CA_CERTS` (file path) * or `YDB_SSL_ROOT_CERTIFICATES` (PEM string) * - Client cert: `YDB_SSL_CERTIFICATE_FILE` (file path) or `YDB_SSL_CERTIFICATE` (PEM string) * - Client key: `YDB_SSL_PRIVATE_KEY_FILE` (file path) or `YDB_SSL_PRIVATE_KEY` (PEM string) * * File variants take priority over string variants. * * @returns `tls.SecureContextOptions` if any TLS env vars are set, `undefined` otherwise. */ export declare function getSecureOptionsFromEnviron(): tls.SecureContextOptions | undefined; /** * A credentials provider that auto-detects the authentication method * from environment variables, following the official YDB SDK conventions. * * Detection priority (first match wins): * 1. `YDB_ANONYMOUS_CREDENTIALS=1` → Anonymous * 2. `YDB_METADATA_CREDENTIALS=1` → Metadata * - `YDB_METADATA_CREDENTIALS_ENDPOINT` — custom metadata endpoint * - `YDB_METADATA_CREDENTIALS_FLAVOR` — custom metadata flavor (e.g. `Google`) * 3. `YDB_ACCESS_TOKEN_CREDENTIALS` → Access Token * 4. `YDB_STATIC_CREDENTIALS_USER` → Static (username/password) * 5. None → Anonymous * * TLS/SSL is auto-detected from environment variables and exposed via `secureOptions`: * - `YDB_SSL_ROOT_CERTIFICATES_FILE` / `NODE_EXTRA_CA_CERTS` (file) or `YDB_SSL_ROOT_CERTIFICATES` (PEM string) * - `YDB_SSL_CERTIFICATE_FILE` (file) or `YDB_SSL_CERTIFICATE` (PEM string) * - `YDB_SSL_PRIVATE_KEY_FILE` (file) or `YDB_SSL_PRIVATE_KEY` (PEM string) * * @example * ```ts * import { EnvironCredentialsProvider } from '@ydbjs/auth/environ' * * let creds = new EnvironCredentialsProvider(connectionString) * let driver = new Driver(connectionString, { * credentialsProvider: creds, * secureOptions: creds.secureOptions, * }) * ``` */ export declare class EnvironCredentialsProvider extends CredentialsProvider { #private; /** * TLS/SSL options detected from environment variables. * Pass this to `Driver` as `secureOptions`. */ readonly secureOptions: tls.SecureContextOptions | undefined; constructor(connectionString?: string); getToken(force?: boolean, signal?: AbortSignal): Promise<string>; } //# sourceMappingURL=environ.d.ts.map