diff --git a/Cargo.toml b/Cargo.toml index 0dcacdf..4cc2467 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -16,7 +16,7 @@ include = [ ] [features] -default = [] +default = ["tls-roots"] ## Feature that enables support for the [actix framework](https://actix.rs/). actix = ["credentials", "oidc", "dep:actix-web"] @@ -53,6 +53,9 @@ api-settings-v2 = ["api-common", "zitadel-settings-v2" ] api-user-v2 = ["api-common", "zitadel-user-v2" ] api-common = ["dep:prost", "dep:prost-types", "dep:tonic", "dep:tonic-types", "dep:pbjson-types" ] +tls-roots = ["tonic/tls-roots"] +tls-webpki-roots = ["tonic/tls-webpki-roots"] + ## Feature that enables support for the [axum framework](https://docs.rs/axum/latest/axum/). axum = ["credentials", "oidc", "dep:axum", "dep:axum-extra"] @@ -87,7 +90,7 @@ rocket = ["credentials", "oidc", "dep:rocket"] # @@protoc_deletion_point(features) # This section is automatically generated by protoc-gen-prost-crate. # Changes in this area may be lost on regeneration. -proto_full = ["zitadel-action-v1","zitadel-admin-v1","zitadel-app-v1","zitadel-auth-v1","zitadel-authn-v1","zitadel-change-v1","zitadel-event-v1","zitadel-feature-v1","zitadel-feature-v2","zitadel-feature-v2beta","zitadel-idp-v1","zitadel-idp-v2","zitadel-instance-v1","zitadel-management-v1","zitadel-member-v1","zitadel-metadata-v1","zitadel-milestone-v1","zitadel-object-v2","zitadel-object-v2beta","zitadel-object-v3alpha","zitadel-oidc-v2","zitadel-oidc-v2beta","zitadel-org-v1","zitadel-org-v2","zitadel-org-v2beta","zitadel-policy-v1","zitadel-project-v1","zitadel-protoc_gen_zitadel-v2","zitadel-quota-v1","zitadel-resources-action-v3alpha","zitadel-resources-object-v3alpha","zitadel-resources-webkey-v3alpha","zitadel-session-v2","zitadel-session-v2beta","zitadel-settings-object-v3alpha","zitadel-settings-v1","zitadel-settings-v2","zitadel-settings-v2beta","zitadel-system-v1","zitadel-text-v1","zitadel-user-schema-v3alpha","zitadel-user-v1","zitadel-user-v2","zitadel-user-v2beta","zitadel-user-v3alpha","zitadel-v1","zitadel-v1-v1"] +proto_full = ["zitadel-action-v1","zitadel-admin-v1","zitadel-app-v1","zitadel-auth-v1","zitadel-authn-v1","zitadel-change-v1","zitadel-event-v1","zitadel-feature-v1","zitadel-feature-v2","zitadel-feature-v2beta","zitadel-idp-v1","zitadel-idp-v2","zitadel-instance-v1","zitadel-management-v1","zitadel-member-v1","zitadel-metadata-v1","zitadel-milestone-v1","zitadel-object-v2","zitadel-object-v2beta","zitadel-object-v3alpha","zitadel-oidc-v2","zitadel-oidc-v2beta","zitadel-org-v1","zitadel-org-v2","zitadel-org-v2beta","zitadel-policy-v1","zitadel-project-v1","zitadel-protoc_gen_zitadel-v2","zitadel-quota-v1","zitadel-resources-action-v3alpha","zitadel-resources-object-v3alpha","zitadel-resources-user-v3alpha","zitadel-resources-userschema-v3alpha","zitadel-resources-webkey-v3alpha","zitadel-session-v2","zitadel-session-v2beta","zitadel-settings-object-v3alpha","zitadel-settings-v1","zitadel-settings-v2","zitadel-settings-v2beta","zitadel-system-v1","zitadel-text-v1","zitadel-user-v1","zitadel-user-v2","zitadel-user-v2beta","zitadel-v1","zitadel-v1-v1"] "zitadel-action-v1" = ["zitadel-v1"] "zitadel-admin-v1" = ["zitadel-event-v1","zitadel-idp-v1","zitadel-instance-v1","zitadel-management-v1","zitadel-member-v1","zitadel-milestone-v1","zitadel-org-v1","zitadel-policy-v1","zitadel-settings-v1","zitadel-text-v1","zitadel-v1","zitadel-v1-v1"] "zitadel-app-v1" = ["zitadel-v1"] @@ -119,6 +122,8 @@ proto_full = ["zitadel-action-v1","zitadel-admin-v1","zitadel-app-v1","zitadel-a "zitadel-quota-v1" = [] "zitadel-resources-action-v3alpha" = ["zitadel-object-v3alpha","zitadel-resources-object-v3alpha"] "zitadel-resources-object-v3alpha" = ["zitadel-object-v3alpha"] +"zitadel-resources-user-v3alpha" = ["zitadel-object-v3alpha","zitadel-resources-object-v3alpha"] +"zitadel-resources-userschema-v3alpha" = ["zitadel-object-v3alpha","zitadel-resources-object-v3alpha"] "zitadel-resources-webkey-v3alpha" = ["zitadel-object-v3alpha","zitadel-resources-object-v3alpha"] "zitadel-session-v2" = ["zitadel-object-v2","zitadel-v1"] "zitadel-session-v2beta" = ["zitadel-object-v2beta","zitadel-v1"] @@ -128,11 +133,9 @@ proto_full = ["zitadel-action-v1","zitadel-admin-v1","zitadel-app-v1","zitadel-a "zitadel-settings-v2beta" = ["zitadel-object-v2beta"] "zitadel-system-v1" = ["zitadel-feature-v1","zitadel-instance-v1","zitadel-member-v1","zitadel-quota-v1","zitadel-v1"] "zitadel-text-v1" = ["zitadel-v1"] -"zitadel-user-schema-v3alpha" = ["zitadel-object-v2"] "zitadel-user-v1" = ["zitadel-v1"] "zitadel-user-v2" = ["zitadel-object-v2"] "zitadel-user-v2beta" = ["zitadel-object-v2beta"] -"zitadel-user-v3alpha" = ["zitadel-object-v2"] "zitadel-v1" = [] "zitadel-v1-v1" = ["zitadel-authn-v1","zitadel-idp-v1","zitadel-management-v1","zitadel-org-v1","zitadel-v1"] # @@protoc_insertion_point(features) @@ -163,7 +166,6 @@ tokio = { version = "1.37.0", optional = true, features = [ ] } tonic = { version = "0.12.1", features = [ "tls", - "tls-roots", ], optional = true } tonic-types = { version = "0.12.1", optional = true } diff --git a/src/api/clients.rs b/src/api/clients.rs index d68a538..c314aa3 100644 --- a/src/api/clients.rs +++ b/src/api/clients.rs @@ -8,6 +8,7 @@ use std::error::Error; use custom_error::custom_error; use tonic::codegen::{Body, Bytes, InterceptedService, StdError}; use tonic::service::Interceptor; + use tonic::transport::{Channel, ClientTlsConfig, Endpoint}; #[cfg(feature = "interceptors")] @@ -284,19 +285,28 @@ where } async fn get_channel(api_endpoint: &str) -> Result { + let mut tls_config = ClientTlsConfig::default().assume_http2(true); + + #[cfg(feature = "tls-roots")] + { + tls_config = tls_config.with_native_roots(); + } + + #[cfg(feature = "tls-webpki-roots")] + { + tls_config = tls_config.with_enabled_roots(); + } + Endpoint::from_shared(api_endpoint.to_string()) .map_err(|_| ClientError::InvalidUrl)? - .tls_config( - ClientTlsConfig::default() - .assume_http2(true) - .with_native_roots(), - ) + .tls_config(tls_config) .map_err(|_| ClientError::TlsInitializationError)? .connect() .await .map_err(|_| ClientError::ConnectionError) } + #[cfg(test)] mod tests { use super::*;