From dccf4cbe36d66140f9e35a6ee755c3c440d745f9 Mon Sep 17 00:00:00 2001 From: Sean Michael Wykes Date: Wed, 25 Aug 2021 09:25:12 -0300 Subject: feat(fetch): mTLS client certificates for fetch() (#11721) This commit adds support for specifying client certificates when using fetch, by means of `Deno.createHttpClient`. --- cli/tests/unit/fetch_test.ts | 80 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) (limited to 'cli/tests') diff --git a/cli/tests/unit/fetch_test.ts b/cli/tests/unit/fetch_test.ts index 6e2b1a5d6..ed384dd4f 100644 --- a/cli/tests/unit/fetch_test.ts +++ b/cli/tests/unit/fetch_test.ts @@ -1211,3 +1211,83 @@ unitTest( assertEquals(res.body, null); }, ); + +unitTest( + { perms: { read: true, net: true } }, + async function fetchClientCertWrongPrivateKey(): Promise { + await assertThrowsAsync(async () => { + const client = Deno.createHttpClient({ + certChain: "bad data", + privateKey: await Deno.readTextFile( + "cli/tests/testdata/tls/localhost.key", + ), + }); + await fetch("https://localhost:5552/fixture.json", { + client, + }); + }, Deno.errors.InvalidData); + }, +); + +unitTest( + { perms: { read: true, net: true } }, + async function fetchClientCertBadPrivateKey(): Promise { + await assertThrowsAsync(async () => { + const client = Deno.createHttpClient({ + certChain: await Deno.readTextFile( + "cli/tests/testdata/tls/localhost.crt", + ), + privateKey: "bad data", + }); + await fetch("https://localhost:5552/fixture.json", { + client, + }); + }, Deno.errors.InvalidData); + }, +); + +unitTest( + { perms: { read: true, net: true } }, + async function fetchClientCertNotPrivateKey(): Promise { + await assertThrowsAsync(async () => { + const client = Deno.createHttpClient({ + certChain: await Deno.readTextFile( + "cli/tests/testdata/tls/localhost.crt", + ), + privateKey: "", + }); + await fetch("https://localhost:5552/fixture.json", { + client, + }); + }, Deno.errors.InvalidData); + }, +); + +unitTest( + { perms: { read: true, net: true } }, + async function fetchCustomClientPrivateKey(): Promise< + void + > { + const data = "Hello World"; + const client = Deno.createHttpClient({ + certChain: await Deno.readTextFile( + "cli/tests/testdata/tls/localhost.crt", + ), + privateKey: await Deno.readTextFile( + "cli/tests/testdata/tls/localhost.key", + ), + caData: await Deno.readTextFile("cli/tests/testdata/tls/RootCA.crt"), + }); + const response = await fetch("https://localhost:5552/echo_server", { + client, + method: "POST", + body: new TextEncoder().encode(data), + }); + assertEquals( + response.headers.get("user-agent"), + `Deno/${Deno.version.deno}`, + ); + await response.text(); + client.close(); + }, +); -- cgit v1.2.3