Running a HTTP client over TLS 1.2 from a cloud function

[kostaa]

I am implementing the OAuth 2.0 'authorization code grant' flavour with an option of using the TLS 1.2 protocol. I am using dart.io for the front channel (with the SecurityContext for the TLS option) and a cloud function for the back channel (callback).

During the token exchange phase the back channel starts a http client to call the authorization server to get the token. So the client needs to run over the TLS when this is required.

I had a look into the package:node_http/node_http.dart but I could not see a way to start a http client with the certificate/key. As far as I know the underlying node.js supports SSL/TLS. Would it be possible to expose this in the interop Dart layer?

[pulyaevskiy]

Would it be possible to expose this in the interop Dart layer?

Yes, definitely. Should be fairly quick thing to do. Will have an update here later today.

[pulyaevskiy]

I've just published 1.0.0-dev.10.0 of node_http which allows customizing HTTP options. You should be able to set cert and key with something like this:

import 'package:node_http/node_http.dart';
import 'package:node_io/node_io.dart';

void main() {
  final certFile = File("/full/path/to/certificate.pem");
  final keyFile = File("/full/path/to/key.pem");
  final options = HttpsAgentOptions(
    cert: certFile.readAsStringSync(),
    key: keyFile.readAsStringSync(),
    passphrase: "secret", // if needed
  );
  final client = NodeClient(httpsOptions: options);
  // Use the client...
  client.get(/* ... */);
  client.close();
}

See HttpsAgentOptions in node_interop package for all available options.

Let me know if you need additional options (all Node.js supported options can be found in the docs here: https://nodejs.org/api/https.html#https_https_request_options_callback).

[kostaa]

Wow that was quick! I will close this now and will test it at some point within the next two weeks. If I find any issues I will come back to you.

Many thanks you have been very helpful!