feat(Redis Node): Add option to disable TLS verification in Redis node (#19143)

Co-authored-by: Michael Kret <michael.k@radency.com>
2025-12-18 02:21:13 +00:00 · 2025-09-10 19:51:57 +08:00
parent 6cd1dbd109
commit 52d44c26db
5 changed files with 356 additions and 142 deletions
--- a/packages/nodes-base/nodes/Redis/tests/Redis.node.test.ts
+++ b/packages/nodes-base/nodes/Redis/tests/Redis.node.test.ts
@@ -37,6 +37,8 @@ describe('Redis Node', () => {
 					host: 'redis.domain',
 					port: 1234,
 					tls: false,
+					connectTimeout: 10000,
+					reconnectStrategy: undefined,
 				},
 			});
 		});
@@ -54,6 +56,69 @@ describe('Redis Node', () => {
 					host: 'redis.domain',
 					port: 1234,
 					tls: true,
+					connectTimeout: 10000,
+					reconnectStrategy: undefined,
+				},
+			});
+		});
+
+		it('should configure TLS with verification disabled for self-signed certificates', () => {
+			setupRedisClient({
+				host: 'redis.domain',
+				port: 1234,
+				database: 0,
+				ssl: true,
+				disableTlsVerification: true,
+			});
+			expect(createClient).toHaveBeenCalledWith({
+				database: 0,
+				socket: {
+					host: 'redis.domain',
+					port: 1234,
+					tls: true,
+					rejectUnauthorized: false,
+					connectTimeout: 10000,
+					reconnectStrategy: undefined,
+				},
+			});
+		});
+
+		it('should not set rejectUnauthorized when TLS verification is enabled', () => {
+			setupRedisClient({
+				host: 'redis.domain',
+				port: 1234,
+				database: 0,
+				ssl: true,
+				disableTlsVerification: false,
+			});
+			expect(createClient).toHaveBeenCalledWith({
+				database: 0,
+				socket: {
+					host: 'redis.domain',
+					port: 1234,
+					tls: true,
+					connectTimeout: 10000,
+					reconnectStrategy: undefined,
+				},
+			});
+		});
+
+		it('should not set rejectUnauthorized when SSL is disabled', () => {
+			setupRedisClient({
+				host: 'redis.domain',
+				port: 1234,
+				database: 0,
+				ssl: false,
+				disableTlsVerification: true,
+			});
+			expect(createClient).toHaveBeenCalledWith({
+				database: 0,
+				socket: {
+					host: 'redis.domain',
+					port: 1234,
+					tls: false,
+					connectTimeout: 10000,
+					reconnectStrategy: undefined,
 				},
 			});
 		});
@@ -74,6 +139,33 @@ describe('Redis Node', () => {
 					host: 'redis.domain',
 					port: 1234,
 					tls: false,
+					connectTimeout: 10000,
+					reconnectStrategy: undefined,
+				},
+			});
+		});
+
+		it('should configure TLS with disabled verification and auth', () => {
+			setupRedisClient({
+				host: 'redis.domain',
+				port: 1234,
+				database: 0,
+				ssl: true,
+				disableTlsVerification: true,
+				user: 'test_user',
+				password: 'test_password',
+			});
+			expect(createClient).toHaveBeenCalledWith({
+				database: 0,
+				username: 'test_user',
+				password: 'test_password',
+				socket: {
+					host: 'redis.domain',
+					port: 1234,
+					tls: true,
+					rejectUnauthorized: false,
+					connectTimeout: 10000,
+					reconnectStrategy: undefined,
 				},
 			});
 		});
@@ -95,10 +187,14 @@ describe('Redis Node', () => {
 				host: 'localhost',
 				port: 6379,
 				tls: false,
+				connectTimeout: 10000,
+				reconnectStrategy: false,
 			},
 			database: 0,
 			username: 'username',
 			password: 'password',
+			disableOfflineQueue: true,
+			enableOfflineQueue: false,
 		};

 		it('should return success when connection is established', async () => {
@@ -126,6 +222,44 @@ describe('Redis Node', () => {
 			expect(mockClient.connect).toHaveBeenCalled();
 			expect(mockClient.ping).not.toHaveBeenCalled();
 		});
+
+		it('should return success when connection is established with disabled TLS verification', async () => {
+			const credentialsWithTls = mock<ICredentialsDecrypted>({
+				data: {
+					host: 'localhost',
+					port: 6379,
+					ssl: true,
+					disableTlsVerification: true,
+					user: 'username',
+					password: 'password',
+					database: 0,
+				},
+			});
+
+			const result = await redisConnectionTest.call(thisArg, credentialsWithTls);
+
+			expect(result).toEqual({
+				status: 'OK',
+				message: 'Connection successful!',
+			});
+			expect(createClient).toHaveBeenCalledWith({
+				socket: {
+					host: 'localhost',
+					port: 6379,
+					tls: true,
+					rejectUnauthorized: false,
+					connectTimeout: 10000,
+					reconnectStrategy: false,
+				},
+				database: 0,
+				username: 'username',
+				password: 'password',
+				disableOfflineQueue: true,
+				enableOfflineQueue: false,
+			});
+			expect(mockClient.connect).toHaveBeenCalled();
+			expect(mockClient.ping).toHaveBeenCalled();
+		});
 	});

 	describe('operations', () => {