Home Reference Source
import {ClientCertificateProvider} from 'neo4j-driver-core/lib/client-certificate.js'
public interface | since 5.19 | source

ClientCertificateProvider

this class is experimental. Exposed as preview feature.

Provides a client certificate to the driver for mutual TLS.

The driver will call {@link ClientCertificateProvider#hasUpdate()} to check if the client wants to update the certificate. If so, it will call {@link ClientCertificateProvider#getCertificate()} to get the new certificate.

The certificate is only used as a second factor for authentication authenticating the client. The DMBS user still needs to authenticate with an authentication token.

All implementations of this interface must be thread-safe and non-blocking for caller threads. For instance, IO operations must not be done on the calling thread.

Note that the work done in the methods of this interface count towards the connectionAcquisition. Should fetching the certificate be particularly slow, it might be necessary to increase the timeout.

Method Summary

Public Methods
public

Returns the certificate to use for new connections.

public

hasUpdate(): Promise<boolean> | boolean

Indicates whether the client wants the driver to update the certificate.

Public Methods

public getClientCertificate(): Promise<ClientCertificate> | ClientCertificate source

Returns the certificate to use for new connections.

Will be called by the driver after {@link ClientCertificateProvider#hasUpdate()} returned true or when the driver establishes the first connection.

Return:

Promise<ClientCertificate> | ClientCertificate

the certificate to use for new connections

public hasUpdate(): Promise<boolean> | boolean source

Indicates whether the client wants the driver to update the certificate.

Return:

Promise<boolean> | boolean

true if the client wants the driver to update the certificate