Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add pfx HTTPS option #1364

Merged
merged 25 commits into from Sep 13, 2020
Merged

Add pfx HTTPS option #1364

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
c0d0764
add support for https.pfx option
markdboyd Jul 16, 2020
8c2a9a3
add more handling for pfx option
markdboyd Jul 17, 2020
ac2fc1d
update documentation
markdboyd Jul 17, 2020
5ff96b0
add test for pfx deprecation
markdboyd Jul 17, 2020
dba39ee
update assertions for options.https.pfx
markdboyd Jul 17, 2020
0522118
remove test
markdboyd Jul 17, 2020
7ac949a
Update readme.md
markdboyd Jul 21, 2020
e7b7832
Update readme.md
markdboyd Jul 21, 2020
5f29b6c
Update readme.md
markdboyd Jul 21, 2020
335641b
update README
markdboyd Jul 21, 2020
b039a37
add is.buffer type check for pfx option
markdboyd Jul 21, 2020
73994f3
add examples to README
markdboyd Jul 21, 2020
c143991
Update readme.md
sindresorhus Jul 24, 2020
2722d3c
Update readme.md
markdboyd Jul 24, 2020
4977057
update README
markdboyd Jul 24, 2020
795da40
Update readme.md
sindresorhus Jul 25, 2020
83d6157
first attempt at test
markdboyd Jul 27, 2020
25134d5
Revert "first attempt at test"
markdboyd Aug 31, 2020
8c4c605
Merge branch 'master' into add-https-pfx-option
markdboyd Aug 31, 2020
b3f9c81
Added `pfx` to the "HTTPS options restore" section
Giotino Aug 31, 2020
585267c
Merge pull request #3 from Giotino/https-pfx-option
markdboyd Aug 31, 2020
0794a4f
Merge branch 'master' into pfx-tests
Giotino Sep 2, 2020
531efc9
Fixed PFX test
Giotino Sep 2, 2020
7ef3ace
Merge branch 'pfx-tests' into add-https-pfx-option
Giotino Sep 11, 2020
7eeaafd
Removed comment
Giotino Sep 11, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
12 changes: 12 additions & 0 deletions readme.md
View file
Open in desktop
Expand Up @@ -985,6 +985,18 @@ Type: `string`

The passphrase to decrypt the `options.https.key` (if different keys have different passphrases refer to `options.https.key` documentation).

##### https.pfx

Type: `string | Buffer | (string | Buffer | object)[]`
markdboyd marked this conversation as resolved.
Show resolved Hide resolved

PFX or PKCS12 encoded private key and certificate chain. `pfx` is an alternative to providing `options.https.key` and `options.https.certificate` individually. PFX is usually encrypted, if it is, `options.https.passphrase` will be used to decrypt it.
sindresorhus marked this conversation as resolved.
Show resolved Hide resolved
sindresorhus marked this conversation as resolved.
Show resolved Hide resolved
markdboyd marked this conversation as resolved.
Show resolved Hide resolved

Multiple PFX can be be provided as an array of unencrypted buffers or an array of objects like:
markdboyd marked this conversation as resolved.
Show resolved Hide resolved

`{buf: <string|buffer>[, passphrase: <string>]}`
markdboyd marked this conversation as resolved.
Show resolved Hide resolved

If the provided buffers are encrypted, `object.passphrase` can be used to decrypt them. If `object.passphrase` is not provided, `options.https.passphrase` will be used for decryption.

##### Examples for `https.key`, `https.certificate` and `https.passphrase`

```js
Expand Down
10 changes: 10 additions & 0 deletions source/core/index.ts
View file
Open in desktop
Expand Up @@ -187,6 +187,7 @@ export interface HTTPSOptions {
key?: SecureContextOptions['key'];
certificate?: SecureContextOptions['cert'];
passphrase?: SecureContextOptions['passphrase'];
pfx?: SecureContextOptions['pfx'];
}

interface NormalizedPlainOptions extends PlainOptions {
Expand Down Expand Up @@ -684,6 +685,7 @@ export default class Request extends Duplex implements RequestEvents<Request> {
assert.any([is.string, is.object, is.array, is.undefined], options.https.key);
assert.any([is.string, is.object, is.array, is.undefined], options.https.certificate);
assert.any([is.string, is.undefined], options.https.passphrase);
assert.any([is.string, is.array, is.undefined], options.https.pfx);
sindresorhus marked this conversation as resolved.
Show resolved Hide resolved
}

// `options.method`
Expand Down Expand Up @@ -975,6 +977,10 @@ export default class Request extends Duplex implements RequestEvents<Request> {
deprecationWarning('"options.passphrase" was never documented, please use "options.https.passphrase"');
}

if ('pfx' in options) {
deprecationWarning('"options.pfx" was never documented, please use "options.https.pfx"');
}

// Other options
if ('followRedirects' in options) {
throw new TypeError('The `followRedirects` option does not exist. Use `followRedirect` instead.');
Expand Down Expand Up @@ -1527,6 +1533,10 @@ export default class Request extends Duplex implements RequestEvents<Request> {
if (options.https.passphrase) {
requestOptions.passphrase = options.https.passphrase;
}

if (options.https.pfx) {
requestOptions.pfx = options.https.pfx;
}
}

try {
Expand Down
19 changes: 19 additions & 0 deletions test/https.ts
View file
Open in desktop
Expand Up @@ -159,6 +159,25 @@ test.serial('non-deprecated `rejectUnauthorized` option', withServer, async (t,
t.pass();
});

test.serial('non-deprecated `pfx` option', withServer, async (t, server, got) => {
server.get('/', (_request, response) => {
response.end('ok');
});

(async () => {
const warning = await pEvent(process, 'warning');
t.not(warning.name, 'DeprecationWarning');
})();

await got.secure({
https: {
pfx: 'fake-pfx'
}
});

t.pass();
});

test.serial('no double deprecated warning', withServer, async (t, server, got) => {
server.get('/', (_request, response) => {
response.end('ok');
Expand Down