mtlsHttpClient function - mtls library

sdk_core_dart_oauth package
documentation
mtls.dart
mtlsHttpClient function

mtlsHttpClient function

Client mtlsHttpClient(

MtlsConfig config

)

Builds an http.Client that presents the certificate from config during the TLS handshake. The token endpoint identifies the client from the cert; no HTTP-layer credentials are sent.

Both PEM files (certificate chain and private key) are loaded synchronously here. Errors from SecurityContext (invalid PEM, key password mismatch, missing files) propagate to the caller.

Implementation

http.Client mtlsHttpClient(MtlsConfig config) {
  final context = io.SecurityContext(withTrustedRoots: true);
  context.useCertificateChain(config.certificateChainPath);
  context.usePrivateKey(
    config.privateKeyPath,
    password: config.privateKeyPassword,
  );
  if (config.trustedCertificatesPath != null) {
    context.setTrustedCertificates(config.trustedCertificatesPath!);
  }
  final httpClient = io.HttpClient(context: context);
  return IOClient(httpClient);
}