@aikidosec/broker-client 1.0.12 → 1.0.13

package/app/client.js

@@ -12,7 +12,7 @@ import { Address4, Address6 } from 'ip-address';
 import dns from 'native-dns';
 import { ResourceManager } from './resourceManager.js';
 import { HttpsProxyAgent } from 'https-proxy-agent';
-import { getClientId, setClientIdCache, getServerUrl, getClientSecret } from './config.js';
+import { getClientId, setClientIdCache, getServerUrl, getClientSecret, getShouldRejectUnauthorized } from './config.js';
 import { registerStreamingHandlers } from './streaming/handlers.js';
 import { initStreamingResponse } from './streaming/initStreamingResponse.js';
 import { startStaleStreamCleanup, cleanupAllStreams } from './streaming/cleanup.js';
@@ -246,6 +246,7 @@ const socket = io(SERVER_URL, {
   reconnectionDelay: 1000,
   reconnectionDelayMax: 30000,
   randomizationFactor: 0.5,
+  rejectUnauthorized: getShouldRejectUnauthorized(),
   tryAllTransports: true, // if we don't, it won't try to fallback from websocket to polling
   autoConnect: false,  // Don't connect until after registration
   withCredentials: true, // make sure cookies work for sticky sessions

package/app/config.js

@@ -63,3 +63,12 @@ export function setClientIdCache(clientId) {
   }
 }
 
+/**
+ * gets the value of the NODE_TLS_REJECT_UNAUTHORIZED env var to disable rejected requests from self-signed certificates
+ * used to pass to the socket.io client
+ */
+export function getShouldRejectUnauthorized() {
+  const envVarValue = process.env.NODE_TLS_REJECT_UNAUTHORIZED;
+  if (envVarValue === "0") return false;
+  return true;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aikidosec/broker-client",
-  "version": "1.0.12",
+  "version": "1.0.13",
   "description": "Aikido Broker Client - Runs in customer network to forward requests to internal resources",
   "main": "app/client.js",
   "type": "module",