1 |
|
2 | import { ConnectionOptions, PeerCertificate, SecureContext } from 'tls';
|
3 | import { CallCredentials } from './call-credentials';
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 | export declare type CheckServerIdentityCallback = (hostname: string, cert: PeerCertificate) => Error | undefined;
|
11 |
|
12 |
|
13 |
|
14 |
|
15 | export interface VerifyOptions {
|
16 | |
17 |
|
18 |
|
19 |
|
20 | checkServerIdentity?: CheckServerIdentityCallback;
|
21 | }
|
22 |
|
23 |
|
24 |
|
25 |
|
26 |
|
27 | export declare abstract class ChannelCredentials {
|
28 | protected callCredentials: CallCredentials;
|
29 | protected constructor(callCredentials?: CallCredentials);
|
30 | /**
|
31 | * Returns a copy of this object with the included set of per-call credentials
|
32 | * expanded to include callCredentials.
|
33 | * @param callCredentials A CallCredentials object to associate with this
|
34 | * instance.
|
35 | */
|
36 | abstract compose(callCredentials: CallCredentials): ChannelCredentials;
|
37 | /**
|
38 | * Gets the set of per-call credentials associated with this instance.
|
39 | */
|
40 | _getCallCredentials(): CallCredentials;
|
41 | /**
|
42 | * Gets a SecureContext object generated from input parameters if this
|
43 | * instance was created with createSsl, or null if this instance was created
|
44 | * with createInsecure.
|
45 | */
|
46 | abstract _getConnectionOptions(): ConnectionOptions | null;
|
47 | /**
|
48 | * Indicates whether this credentials object creates a secure channel.
|
49 | */
|
50 | abstract _isSecure(): boolean;
|
51 | /**
|
52 | * Check whether two channel credentials objects are equal. Two secure
|
53 | * credentials are equal if they were constructed with the same parameters.
|
54 | * @param other The other ChannelCredentials Object
|
55 | */
|
56 | abstract _equals(other: ChannelCredentials): boolean;
|
57 | /**
|
58 | * Return a new ChannelCredentials instance with a given set of credentials.
|
59 | * The resulting instance can be used to construct a Channel that communicates
|
60 | * over TLS.
|
61 | * @param rootCerts The root certificate data.
|
62 | * @param privateKey The client certificate private key, if available.
|
63 | * @param certChain The client certificate key chain, if available.
|
64 | * @param verifyOptions Additional options to modify certificate verification
|
65 | */
|
66 | static createSsl(rootCerts?: Buffer | null, privateKey?: Buffer | null, certChain?: Buffer | null, verifyOptions?: VerifyOptions): ChannelCredentials;
|
67 | /**
|
68 | * Return a new ChannelCredentials instance with credentials created using
|
69 | * the provided secureContext. The resulting instances can be used to
|
70 | * construct a Channel that communicates over TLS. gRPC will not override
|
71 | * anything in the provided secureContext, so the environment variables
|
72 | * GRPC_SSL_CIPHER_SUITES and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH will
|
73 | * not be applied.
|
74 | * @param secureContext The return value of tls.createSecureContext()
|
75 | * @param verifyOptions Additional options to modify certificate verification
|
76 | */
|
77 | static createFromSecureContext(secureContext: SecureContext, verifyOptions?: VerifyOptions): ChannelCredentials;
|
78 | /**
|
79 | * Return a new ChannelCredentials instance with no credentials.
|
80 | */
|
81 | static createInsecure(): ChannelCredentials;
|
82 | }
|