Add verify_ssl&cert in client config (#37)

FEATURES:

- Add ssl options of client (#37)

Author: lizhenfu100

tests/test_core/test_client.py

@@ -18,6 +18,7 @@ def client():
             "private_key": "foo",
             "timeout": 10,
             "max_retries": 3,
+            "ssl_verify": False,
         }
     )
 

ucloud/core/client/_cfg.py

@@ -13,6 +13,10 @@ class ConfigSchema(schema.Schema):
         "max_retries": fields.Int(default=3),
         "log_level": fields.Int(default=logging.INFO),
         "validate_request": fields.Bool(default=True),
+        "ssl_verify": fields.Bool(default=True),
+        "ssl_cacert": fields.Str(),
+        "ssl_cert": fields.Str(),
+        "ssl_key": fields.Str(),
     }
 
 
@@ -53,6 +57,10 @@ def __init__(
         timeout: int = 30,
         max_retries: int = 3,
         log_level: int = logging.INFO,
+        ssl_verify: bool = True,
+        ssl_cacert: str = None,
+        ssl_cert: str = None,
+        ssl_key: str = None,
         **kwargs
     ):
         self.region = region
@@ -62,6 +70,10 @@ def __init__(
         self.timeout = timeout
         self.max_retries = max_retries
         self.log_level = log_level
+        self.ssl_verify = ssl_verify
+        self.ssl_cacert = ssl_cacert
+        self.ssl_cert = ssl_cert
+        self.ssl_key = ssl_key
 
     @classmethod
     def from_dict(cls, d: dict):
@@ -77,4 +89,8 @@ def to_dict(self) -> dict:
             "timeout": self.timeout,
             "max_retries": self.max_retries,
             "log_level": self.log_level,
+            "ssl_verify": self.ssl_verify,
+            "ssl_cacert": self.ssl_cacert,
+            "ssl_cert": self.ssl_cert,
+            "ssl_key": self.ssl_key,
         }

ucloud/core/client/_client.py

@@ -4,7 +4,7 @@
 
 from ucloud import version
 from ucloud.core.client._cfg import Config
-from ucloud.core.transport import Transport, RequestsTransport, Request
+from ucloud.core.transport import Transport, RequestsTransport, Request, SSLOption
 from ucloud.core.typesystem import encoder
 from ucloud.core.utils import log
 from ucloud.core.utils.middleware import Middleware
@@ -86,8 +86,11 @@ def _send(self, action: str, args: dict, **options) -> dict:
 
         max_retries = options.get("max_retries") or self.config.max_retries
         timeout = options.get("timeout") or self.config.timeout
+
         resp = self.transport.send(
-            req, timeout=timeout, max_retries=max_retries
+            req, ssl_option=SSLOption(self.config.ssl_verify, self.config.ssl_cacert,
+                                      self.config.ssl_cert, self.config.ssl_key),
+            timeout=timeout, max_retries=max_retries
         ).json()
 
         for handler in self.middleware.response_handlers:

ucloud/core/transport/__init__.py

@@ -1,4 +1,4 @@
-from ucloud.core.transport.http import Request, Response, Transport
+from ucloud.core.transport.http import Request, Response, Transport, SSLOption
 from ucloud.core.transport._requests import RequestsTransport
 
-__all__ = ["Request", "Response", "Transport", "RequestsTransport"]
+__all__ = ["Request", "Response", "Transport", "RequestsTransport", "SSLOption"]

ucloud/core/transport/_requests.py

@@ -3,7 +3,7 @@
 from urllib3.util.retry import Retry
 from requests.adapters import HTTPAdapter
 from ucloud.core.transport import http
-from ucloud.core.transport.http import Request, Response
+from ucloud.core.transport.http import Request, Response, SSLOption
 from ucloud.core.utils.middleware import Middleware
 
 
@@ -32,7 +32,7 @@ def __init__(
         self._adapter = self._load_adapter(max_retries)
         self._middleware = Middleware()
 
-    def send(self, req: Request, **options: dict) -> http.Response:
+    def send(self, req: Request, **options: typing.Any) -> http.Response:
         """ send request and return the response
 
         :param req: the full http request descriptor
@@ -56,24 +56,40 @@ def middleware(self) -> Middleware:
         """
         return self._middleware
 
-    def _send(self, req: Request, **options: dict) -> requests.Response:
+    def _send(self, req: Request, **options: typing.Any) -> requests.Response:
         with requests.Session() as session:
             adapter = self._load_adapter(options.get("max_retries"))
             session.mount("http://", adapter=adapter)
             session.mount("https://", adapter=adapter)
 
+            ssl_option = options.get('ssl_option')
+            kwargs = self._build_ssl_option(ssl_option) if ssl_option else {}
+
             session_resp = session.request(
                 method=req.method.upper(),
                 url=req.url,
                 json=req.json,
                 data=req.data,
                 params=req.params,
                 headers=req.headers,
+                **kwargs
             )
             resp = self.convert_response(session_resp)
             resp.request = req
             return resp
 
+    @staticmethod
+    def _build_ssl_option(ssl_option):
+        kwargs = {'verify': ssl_option.ssl_verify and ssl_option.ssl_cacert}
+        if not ssl_option.ssl_cert:
+            return kwargs
+
+        if ssl_option.ssl_key:
+            kwargs['cert'] = (ssl_option.ssl_cert, ssl_option.ssl_key)
+        else:
+            kwargs['cert'] = ssl_option.ssl_cert
+        return kwargs
+
     def _load_adapter(
         self, max_retries: typing.Optional[int] = None
     ) -> HTTPAdapter:

ucloud/core/transport/http.py

@@ -86,8 +86,22 @@ def text(self):
         return content
 
 
+class SSLOption:
+    def __init__(
+        self,
+        ssl_verify: bool = True,
+        ssl_cacert: str = None,
+        ssl_cert: str = None,
+        ssl_key: str = None
+    ):
+        self.ssl_verify = ssl_verify
+        self.ssl_cacert = ssl_cacert
+        self.ssl_cert = ssl_cert
+        self.ssl_key = ssl_key
+
+
 class Transport:
     """ the abstract class of transport implementation """
 
-    def send(self, req: Request, **options: dict) -> Response:
+    def send(self, req: Request, **options: typing.Any) -> Response:
         raise NotImplementedError

ucloud/testing/mock.py

@@ -10,7 +10,7 @@ def __init__(self):
         self.transport_handlers = []
         self.client_handler = []
 
-    def send(self, req: Request, **options: dict) -> Response:
+    def send(self, req: Request, **options: typing.Any) -> Response:
         resp = Response(req.url, req.method)
         for handler in self.transport_handlers:
             resp = handler(req)