diff options
| author | Matt Mastracci <matthew@mastracci.com> | 2024-04-09 16:23:22 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-04-09 16:23:22 -0600 |
| commit | e190acbfa8b41f92291e73c405735ba0d7b5b172 (patch) | |
| tree | 38183f93f9675c93b27674798f7949a75eebdac6 /cli/tsc | |
| parent | f23155bca76b761632b10d37574fe4543cbe9a26 (diff) | |
refactor(ext/net): extract TLS key and certificate from interfaces (#23296)
Removes the certificate options from all the interfaces and replaces
them with a new `TlsCertifiedKeyOptions`. This allows us to centralize
the documentation for TLS key management for both client and server, and
will allow us to add key object support in the future.
Also adds an option `keyFormat` field to the cert/key that must be
omitted or set to `pem`. This will allow us to load other format keys in
the future `der`, `pfx`, etc.
In a future PR, we will add a way to load a certified key object, and we
will add another option to `TlsCertifiedKeyOptions` like so:
```ts
export interface TlsCertifiedKeyOptions =
| TlsCertifiedKeyPem
| TlsCertifiedKeyFromFile
| TlsCertifiedKeyConnectTls
| { key: Deno.CertifiedKey }
```
Diffstat (limited to 'cli/tsc')
| -rw-r--r-- | cli/tsc/dts/lib.deno.ns.d.ts | 8 | ||||
| -rw-r--r-- | cli/tsc/dts/lib.deno.unstable.d.ts | 25 |
2 files changed, 22 insertions, 11 deletions
diff --git a/cli/tsc/dts/lib.deno.ns.d.ts b/cli/tsc/dts/lib.deno.ns.d.ts index 80c985184..cc73efbf9 100644 --- a/cli/tsc/dts/lib.deno.ns.d.ts +++ b/cli/tsc/dts/lib.deno.ns.d.ts @@ -6281,13 +6281,7 @@ declare namespace Deno { * * @category HTTP Server */ - export interface ServeTlsOptions extends ServeOptions { - /** Server private key in PEM format */ - cert: string; - - /** Cert chain in PEM format */ - key: string; - } + export type ServeTlsOptions = ServeOptions & TlsCertifiedKeyOptions; /** * @category HTTP Server diff --git a/cli/tsc/dts/lib.deno.unstable.d.ts b/cli/tsc/dts/lib.deno.unstable.d.ts index 056d8e609..ae3f60d28 100644 --- a/cli/tsc/dts/lib.deno.unstable.d.ts +++ b/cli/tsc/dts/lib.deno.unstable.d.ts @@ -882,10 +882,6 @@ declare namespace Deno { caCerts?: string[]; /** A HTTP proxy to use for new connections. */ proxy?: Proxy; - /** Cert chain in PEM format. */ - cert?: string; - /** Server private key in PEM format. */ - key?: string; /** Sets the maximum numer of idle connections per host allowed in the pool. */ poolMaxIdlePerHost?: number; /** Set an optional timeout for idle sockets being kept-alive. @@ -964,6 +960,27 @@ declare namespace Deno { /** **UNSTABLE**: New API, yet to be vetted. * + * Create a custom HttpClient to use with {@linkcode fetch}. This is an + * extension of the web platform Fetch API which allows Deno to use custom + * TLS certificates and connect via a proxy while using `fetch()`. + * + * @example ```ts + * const caCert = await Deno.readTextFile("./ca.pem"); + * // Load a client key and certificate that we'll use to connect + * const key = await Deno.readTextFile("./key.key"); + * const cert = await Deno.readTextFile("./cert.crt"); + * const client = Deno.createHttpClient({ caCerts: [ caCert ], key, cert }); + * const response = await fetch("https://myserver.com", { client }); + * ``` + * + * @category Fetch API + */ + export function createHttpClient( + options: CreateHttpClientOptions & TlsCertifiedKeyOptions, + ): HttpClient; + + /** **UNSTABLE**: New API, yet to be vetted. + * * Represents membership of a IPv4 multicast group. * * @category Network |