From 7b32a626c0c66c704eb58b61a4e2ae7d9e3c63eb Mon Sep 17 00:00:00 2001 From: Tim Perry Date: Fri, 12 Jul 2024 21:37:30 +0200 Subject: [PATCH] Deprecate trustAdditionalCAs in favour of additionalTrustedCAs This makes the passthrough options consistent with the proxy config options, and more consistent with option naming elsewhere. --- src/rules/passthrough-handling-definitions.ts | 7 +++++++ src/rules/passthrough-handling.ts | 2 +- src/rules/requests/request-handler-definitions.ts | 9 +++++++-- src/rules/requests/request-handlers.ts | 2 +- src/rules/websockets/websocket-handler-definitions.ts | 10 +++++++--- test/integration/proxying/https-proxying.spec.ts | 4 ++-- 6 files changed, 25 insertions(+), 9 deletions(-) diff --git a/src/rules/passthrough-handling-definitions.ts b/src/rules/passthrough-handling-definitions.ts index 6cf0bb944..714495730 100644 --- a/src/rules/passthrough-handling-definitions.ts +++ b/src/rules/passthrough-handling-definitions.ts @@ -66,6 +66,13 @@ export interface PassThroughHandlerConnectionOptions { * or buffer value containing the PEM certificate, or a `certPath` key and a * string value containing the local path to the PEM certificate. */ + additionalTrustedCAs?: Array; + + /** + * Deprecated alias for `additionalTrustedCAs` + * + * @deprecated + */ trustAdditionalCAs?: Array; /** diff --git a/src/rules/passthrough-handling.ts b/src/rules/passthrough-handling.ts index 8ed869922..9e2510e7b 100644 --- a/src/rules/passthrough-handling.ts +++ b/src/rules/passthrough-handling.ts @@ -103,7 +103,7 @@ export async function getTrustedCAs( trustedCAs: Array | undefined, additionalTrustedCAs: Array | undefined ): Promise | undefined> { - if (trustedCAs && additionalTrustedCAs) { + if (trustedCAs && additionalTrustedCAs?.length) { throw new Error(`trustedCAs and additionalTrustedCAs options are mutually exclusive`); } diff --git a/src/rules/requests/request-handler-definitions.ts b/src/rules/requests/request-handler-definitions.ts index c8e0fccba..be7404cfa 100644 --- a/src/rules/requests/request-handler-definitions.ts +++ b/src/rules/requests/request-handler-definitions.ts @@ -34,6 +34,7 @@ import { } from '../../serialization/body-serialization'; import { ProxyConfig } from '../proxy-config'; import { + CADefinition, ForwardingOptions, PassThroughHandlerConnectionOptions, PassThroughLookupOptions @@ -771,7 +772,7 @@ export class PassThroughHandlerDefinition extends Serializable implements Reques [host: string]: { pfx: Buffer, passphrase?: string } }; - public readonly extraCACertificates: Array<{ cert: string | Buffer } | { certPath: string }> = []; + public readonly extraCACertificates: Array = []; public readonly transformRequest?: RequestTransform; public readonly transformResponse?: ResponseTransform; @@ -820,7 +821,11 @@ export class PassThroughHandlerDefinition extends Serializable implements Reques this.proxyConfig = options.proxyConfig; this.simulateConnectionErrors = !!options.simulateConnectionErrors; - this.extraCACertificates = options.trustAdditionalCAs || []; + this.extraCACertificates = + options.additionalTrustedCAs || + options.trustAdditionalCAs || + []; + this.clientCertificateHostMap = options.clientCertificateHostMap || {}; if (options.beforeRequest && options.transformRequest && !_.isEmpty(options.transformRequest)) { diff --git a/src/rules/requests/request-handlers.ts b/src/rules/requests/request-handlers.ts index 8150180d1..4b1a1f7a1 100644 --- a/src/rules/requests/request-handlers.ts +++ b/src/rules/requests/request-handlers.ts @@ -1271,7 +1271,7 @@ export class PassThroughHandler extends PassThroughHandlerDefinition { lookupOptions: data.lookupOptions, simulateConnectionErrors: !!data.simulateConnectionErrors, ignoreHostHttpsErrors: data.ignoreHostCertificateErrors, - trustAdditionalCAs: data.extraCACertificates, + additionalTrustedCAs: data.extraCACertificates, clientCertificateHostMap: _.mapValues(data.clientCertificateHostMap, ({ pfx, passphrase }) => ({ pfx: deserializeBuffer(pfx), passphrase }) ), diff --git a/src/rules/websockets/websocket-handler-definitions.ts b/src/rules/websockets/websocket-handler-definitions.ts index 0a5f2e849..03a649beb 100644 --- a/src/rules/websockets/websocket-handler-definitions.ts +++ b/src/rules/websockets/websocket-handler-definitions.ts @@ -16,7 +16,8 @@ import { ProxyConfig } from '../proxy-config'; import { PassThroughHandlerConnectionOptions, ForwardingOptions, - PassThroughLookupOptions + PassThroughLookupOptions, + CADefinition } from '../passthrough-handling-definitions'; import { CloseConnectionHandlerDefinition, @@ -69,7 +70,7 @@ export class PassThroughWebSocketHandlerDefinition extends Serializable implemen [host: string]: { pfx: Buffer, passphrase?: string } }; - public readonly extraCACertificates: Array<{ cert: string | Buffer } | { certPath: string }> = []; + public readonly extraCACertificates: Array = []; constructor(options: PassThroughWebSocketHandlerOptions = {}) { super(); @@ -98,7 +99,10 @@ export class PassThroughWebSocketHandlerDefinition extends Serializable implemen this.lookupOptions = options.lookupOptions; this.proxyConfig = options.proxyConfig; - this.extraCACertificates = options.trustAdditionalCAs || []; + this.extraCACertificates = + options.additionalTrustedCAs || + options.trustAdditionalCAs || + []; this.clientCertificateHostMap = options.clientCertificateHostMap || {}; } diff --git a/test/integration/proxying/https-proxying.spec.ts b/test/integration/proxying/https-proxying.spec.ts index e8205d284..b40510997 100644 --- a/test/integration/proxying/https-proxying.spec.ts +++ b/test/integration/proxying/https-proxying.spec.ts @@ -222,7 +222,7 @@ nodeOnly(() => { await badServer.forAnyRequest().thenReply(200); await server.forAnyRequest().thenPassThrough({ - trustAdditionalCAs: [{ cert }] + additionalTrustedCAs: [{ cert }] }); let response = await request.get(badServer.url, { @@ -237,7 +237,7 @@ nodeOnly(() => { await badServer.forAnyRequest().thenReply(200); await server.forAnyRequest().thenPassThrough({ - trustAdditionalCAs: [{ certPath }] + additionalTrustedCAs: [{ certPath }] }); let response = await request.get(badServer.url, {