1 |
|
2 |
|
3 | import { ConnectionOptions, PeerCertificate, SecureContext } from 'tls';
|
4 | import { CallCredentials } from './call-credentials';
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 | export type CheckServerIdentityCallback = (hostname: string, cert: PeerCertificate) => Error | undefined;
|
12 |
|
13 |
|
14 |
|
15 |
|
16 | export interface VerifyOptions {
|
17 | |
18 |
|
19 |
|
20 |
|
21 | checkServerIdentity?: CheckServerIdentityCallback;
|
22 | }
|
23 |
|
24 |
|
25 |
|
26 |
|
27 |
|
28 | export declare abstract class ChannelCredentials {
|
29 | protected callCredentials: CallCredentials;
|
30 | protected constructor(callCredentials?: CallCredentials);
|
31 | /**
|
32 | * Returns a copy of this object with the included set of per-call credentials
|
33 | * expanded to include callCredentials.
|
34 | * @param callCredentials A CallCredentials object to associate with this
|
35 | * instance.
|
36 | */
|
37 | abstract compose(callCredentials: CallCredentials): ChannelCredentials;
|
38 | /**
|
39 | * Gets the set of per-call credentials associated with this instance.
|
40 | */
|
41 | _getCallCredentials(): CallCredentials;
|
42 | /**
|
43 | * Gets a SecureContext object generated from input parameters if this
|
44 | * instance was created with createSsl, or null if this instance was created
|
45 | * with createInsecure.
|
46 | */
|
47 | abstract _getConnectionOptions(): ConnectionOptions | null;
|
48 | /**
|
49 | * Indicates whether this credentials object creates a secure channel.
|
50 | */
|
51 | abstract _isSecure(): boolean;
|
52 | /**
|
53 | * Check whether two channel credentials objects are equal. Two secure
|
54 | * credentials are equal if they were constructed with the same parameters.
|
55 | * @param other The other ChannelCredentials Object
|
56 | */
|
57 | abstract _equals(other: ChannelCredentials): boolean;
|
58 | /**
|
59 | * Return a new ChannelCredentials instance with a given set of credentials.
|
60 | * The resulting instance can be used to construct a Channel that communicates
|
61 | * over TLS.
|
62 | * @param rootCerts The root certificate data.
|
63 | * @param privateKey The client certificate private key, if available.
|
64 | * @param certChain The client certificate key chain, if available.
|
65 | * @param verifyOptions Additional options to modify certificate verification
|
66 | */
|
67 | static createSsl(rootCerts?: Buffer | null, privateKey?: Buffer | null, certChain?: Buffer | null, verifyOptions?: VerifyOptions): ChannelCredentials;
|
68 | /**
|
69 | * Return a new ChannelCredentials instance with credentials created using
|
70 | * the provided secureContext. The resulting instances can be used to
|
71 | * construct a Channel that communicates over TLS. gRPC will not override
|
72 | * anything in the provided secureContext, so the environment variables
|
73 | * GRPC_SSL_CIPHER_SUITES and GRPC_DEFAULT_SSL_ROOTS_FILE_PATH will
|
74 | * not be applied.
|
75 | * @param secureContext The return value of tls.createSecureContext()
|
76 | * @param verifyOptions Additional options to modify certificate verification
|
77 | */
|
78 | static createFromSecureContext(secureContext: SecureContext, verifyOptions?: VerifyOptions): ChannelCredentials;
|
79 | /**
|
80 | * Return a new ChannelCredentials instance with no credentials.
|
81 | */
|
82 | static createInsecure(): ChannelCredentials;
|
83 | }
|