diff --git a/package.json b/package.json index 9de5310..483f903 100644 --- a/package.json +++ b/package.json @@ -153,26 +153,20 @@ }, "zeppelin.proxy.host": { "order": 7, - "type": [ - "string" - ], + "type": "string", "format": "uri", "default": null, "description": "Set proxy host for connection with Zeppelin server." }, "zeppelin.proxy.port": { "order": 8, - "type": [ - "integer" - ], + "type": "integer", "default": null, "description": "Set proxy port for connection with Zeppelin server." }, "zeppelin.proxy.credential.username": { "order": 9, - "type": [ - "string" - ], + "type": "string", "default": null, "description": "Specifies proxy authentication for connection with Zeppelin server." }, @@ -186,11 +180,35 @@ }, "zeppelin.proxy.credential.protocol": { "order": 11, + "type": "string", + "default": null, + "description": "Specifies the proxy protocol for connection with Zeppelin server." + }, + "zeppelin.https.CA-Certification": { + "order": 12, + "type": "string", + "default": null, + "description": "Configure a trustworthy private CA cert file path. A complete cert chain is in .pem or .crt format. You must include all certs in the chain up to the trust root." + }, + "zeppelin.https.KeyPath": { + "order": 13, + "type": "string", + "default": null, + "description": "Configure a trustworthy private key path." + }, + "zeppelin.https.passphase": { + "order": 14, "type": [ "string" ], "default": null, - "description": "Specifies the proxy protocol for connection with Zeppelin server." + "description": "Configure key's corresponding passphase." + }, + "zeppelin.https.rejectUnauthorized": { + "order": 15, + "type": "boolean", + "default": true, + "description": "Enable client verification. Note that this is otherwise unsafe when accessing a public endpoint." } } }, diff --git a/src/common/api.ts b/src/common/api.ts index 16eac92..191d21c 100644 --- a/src/common/api.ts +++ b/src/common/api.ts @@ -5,6 +5,8 @@ import { ParagraphData, ParagraphConfig } from './types'; +import * as fs from 'fs'; +import * as https from 'https'; import axios, { AxiosInstance, AxiosRequestConfig, @@ -96,6 +98,29 @@ class BasicService { ); } + setHttpsAgent( + CAPath: string | undefined, + keyPath: string | undefined, + passphrase: string | undefined, + rejectUnauthorized: boolean = false + ) { + const httpsAgent = new https.Agent({ + rejectUnauthorized: rejectUnauthorized, + }); + + if (!!CAPath) { + httpsAgent.options.ca = fs.readFileSync(CAPath); + } + if (!!keyPath) { + httpsAgent.options.key = fs.readFileSync(keyPath); + } + if (!!passphrase) { + httpsAgent.options.passphrase = passphrase; + } + + this.session.defaults.httpsAgent = httpsAgent; + } + resetCancelToken() { this.cancelTokenSource = axios.CancelToken.source(); this.session.defaults.cancelToken = this.cancelTokenSource.token; diff --git a/src/extension/notebookKernel.ts b/src/extension/notebookKernel.ts index 9477ca2..6632862 100644 --- a/src/extension/notebookKernel.ts +++ b/src/extension/notebookKernel.ts @@ -169,6 +169,12 @@ export class ZeppelinKernel { let service = new NotebookService(baseURL, userAgent, getProxy()); + let config = vscode.workspace.getConfiguration('zeppelin'); + let caPath: string | undefined = config.get('https.CA-Certification'); + let keyPath: string | undefined = config.get('https.KeyPath'); + let passphase: string | undefined = config.get('https.passphase'); + service.setHttpsAgent(caPath, keyPath, passphase); + this._service = service; return service; }