From c61cab066fd8e20cc2dda64fb6f76a1f1b764d8e Mon Sep 17 00:00:00 2001 From: szmurlor Date: Tue, 15 Mar 2022 15:53:24 +0100 Subject: [PATCH] Allow to override SSL certificate checking --- usosapi.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/usosapi.py b/usosapi.py index 3fc3999..5d79a23 100644 --- a/usosapi.py +++ b/usosapi.py @@ -80,6 +80,10 @@ class USOSAPIConnection(): (check them with test_connection function), you may already use a subset of USOS API services that don't require a valid access key. + To prevent the 'self signed certificate in certificate chain' error + for development environments you can disable the certificate checking by + passing verify_certificate=False to the constructor. + To log in as a specific user you need to get an URL address with get_authorization_url and somehow display it to the user (this module doesn't provide any UI). On the web page, after accepting @@ -89,7 +93,7 @@ class USOSAPIConnection(): authorize_with_pin function, you will have an authorized_session. """ def __init__(self, api_base_address: str, consumer_key: str, - consumer_secret: str): + consumer_secret: str, verify_certificate: bool = True): self.base_address = str(api_base_address) if not self.base_address: raise ValueError('Empty USOS API address.') @@ -121,10 +125,11 @@ def __init__(self, api_base_address: str, consumer_key: str, _LOGGER.info('New connection to {} created with key: {} ' 'and secret: {}.'.format(api_base_address, consumer_key, consumer_secret)) + self.verify_certificate = verify_certificate def _generate_request_token(self): params = {'oauth_callback': 'oob', 'scopes': SCOPES} - token_tuple = self._service.get_request_token(params=params) + token_tuple = self._service.get_request_token(params=params, verify=self.verify_certificate) self._request_token, self._request_token_secret = token_tuple _LOGGER.info("New request token generated: {}".format(token_tuple[0])) return @@ -160,7 +165,7 @@ def test_connection(self) -> bool: time_re = '^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}\.\d{6}$' try: anonymous_session = self._service.get_session() - now = anonymous_session.get('services/apisrv/now') + now = anonymous_session.get('services/apisrv/now', verify=self.verify_certificate) now = now.json() return bool(re.match(time_re, now)) except Exception as e: @@ -176,7 +181,7 @@ def get_authorization_url(self) -> str: successful authorization. """ self._generate_request_token() - url = self._service.get_authorize_url(self._request_token) + url = self._service.get_authorize_url(self._request_token, verify=self.verify_certificate) _LOGGER.info('New authorization URL generated: {}'.format(url)) return url @@ -263,7 +268,7 @@ def get(self, service: str, **kwargs): session = self._authorized_session start = time.time() - response = session.post(service, params=kwargs, data={}) + response = session.post(service, params=kwargs, data={}, verify=self.verify_certificate) ex_time = time.time() - start if not response.ok: @@ -310,7 +315,7 @@ def current_identity(self): If current session is anonymous it will raise USOSAPIException. """ try: - data = self.get('services/users/user') + data = self.get('services/users/user', self.verify_certificate) return data except USOSAPIException: raise USOSAPIException('Trying to get identity of an unauthorized'