Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make it possible to ignore SSL certificate errors. #114

Closed
wants to merge 6 commits into from
Closed

Make it possible to ignore SSL certificate errors. #114

Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
97c03ab
Added methode to allow http basic auth with username and password to …
Mar 21, 2017
b9b33aa
added missing import
Mar 22, 2017
fcb2f4c
show full error message
Apr 7, 2017
de30421
Allow ignoring of SSL certificate errors.
Jan 18, 2018
0e37443
Fix style errors.
Jan 19, 2018
b153f78
Fix another style error
Jan 19, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 27 additions & 3 deletions pydruid/client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,17 +18,29 @@

import json
import sys
import ssl

from six.moves import urllib

from pydruid.query import QueryBuilder
from base64 import b64encode


class BaseDruidClient(object):
def __init__(self, url, endpoint):
self.url = url
self.endpoint = endpoint
self.query_builder = QueryBuilder()
self.username = None
self.password = None
self.ignore_certificate_errors = False

def set_basic_auth_credentials(self, username, password):
self.username = username
self.password = password

def set_ignore_certificate_errors(self, value=True):
self.ignore_certificate_errors = value

def _prepare_url_headers_and_body(self, query):
querystr = json.dumps(query.query_dict).encode('utf-8')
Expand All @@ -37,6 +49,11 @@ def _prepare_url_headers_and_body(self, query):
else:
url = self.url + '/' + self.endpoint
headers = {'Content-Type': 'application/json'}
if (self.username is not None) and (self.password is not None):
username_password = \
b64encode(bytes('{}:{}'.format(self.username, self.password)))
headers['Authorization'] = 'Basic {}'.format(username_password)

return headers, querystr, url

def _post(self, query):
Expand Down Expand Up @@ -386,11 +403,20 @@ class PyDruid(BaseDruidClient):
def __init__(self, url, endpoint):
super(PyDruid, self).__init__(url, endpoint)

def ssl_context(self):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should at least be called something like insecure_ssl_context(). The current name is misleading, possibly dangerously so since a caller might not realize the context is insecure.

I think, though, that it'd be even better to have ssl_context() always get called by _post and for it to do something different based on the configuration. Then it would make sense to keep the current name.

ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
return ctx

def _post(self, query):
try:
headers, querystr, url = self._prepare_url_headers_and_body(query)
req = urllib.request.Request(url, querystr, headers)
res = urllib.request.urlopen(req)
if self.ignore_certificate_errors:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you do the suggestion above, this would just be res = urllib.request.urlopen(req, context=self.ssl_context()) rather than having a conditional.

res = urllib.request.urlopen(req, context=self.ssl_context())
else:
res = urllib.request.urlopen(req)
data = res.read().decode("utf-8")
res.close()
except urllib.error.HTTPError:
Expand All @@ -402,8 +428,6 @@ def _post(self, query):
err = json.loads(e.read().decode("utf-8"))
except (ValueError, AttributeError, KeyError):
pass
else:
err = err.get('error', None)

raise IOError('{0} \n Druid Error: {1} \n Query is: {2}'.format(
e, err, json.dumps(query.query_dict, indent=4)))
Expand Down