From 92c3effd55c69299fc38498008cb0320ed6d3d5b Mon Sep 17 00:00:00 2001 From: Douglas Coburn Date: Fri, 14 Nov 2025 16:15:00 -0800 Subject: [PATCH 1/2] feat: Add allow_unverified option to disable SSL certificate verification - Add allow_unverified parameter to socketdev constructor (defaults to False) - Add set_allow_unverified method to API class - Pass verify=not allow_unverified to requests.request() calls - Add comprehensive unit tests for the new functionality - Update README.rst with documentation for the new parameter - Maintains backward compatibility with existing code This allows users to disable SSL verification for testing environments with self-signed certificates while keeping secure defaults for production. --- README.rst | 3 +- socketdev/__init__.py | 3 +- socketdev/core/api.py | 7 ++++- socketdev/version.py | 2 +- test_allow_unverified.py | 48 ++++++++++++++++++++++++++++++ tests/unit/test_socket_sdk_unit.py | 14 +++++++++ 6 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 test_allow_unverified.py diff --git a/README.rst b/README.rst index 7ba2530..bd16967 100644 --- a/README.rst +++ b/README.rst @@ -20,7 +20,8 @@ Initializing the module **PARAMETERS:** - **token (str)** - The Socket API Key for your Organization -- **Timeout (int)** - The number of seconds to wait before failing the connection +- **timeout (int)** - The number of seconds to wait before failing the connection +- **allow_unverified (bool)** - Whether to skip SSL certificate verification (default: False). Set to True for testing with self-signed certificates. Supported Functions ------------------- diff --git a/socketdev/__init__.py b/socketdev/__init__.py index 04a7227..0de575b 100644 --- a/socketdev/__init__.py +++ b/socketdev/__init__.py @@ -44,11 +44,12 @@ class socketdev: - def __init__(self, token: str, timeout: int = 1200): + def __init__(self, token: str, timeout: int = 1200, allow_unverified: bool = False): self.api = API() self.token = token + ":" self.api.encode_key(self.token) self.api.set_timeout(timeout) + self.api.set_allow_unverified(allow_unverified) self.dependencies = Dependencies(self.api) self.export = Export(self.api) diff --git a/socketdev/core/api.py b/socketdev/core/api.py index 566b53b..8856b7a 100644 --- a/socketdev/core/api.py +++ b/socketdev/core/api.py @@ -25,6 +25,7 @@ def __init__(self): self.encoded_key = None self.api_url = "https://api.socket.dev/v0" self.request_timeout = 30 + self.allow_unverified = False def encode_key(self, token: str): self.encoded_key = base64.b64encode(token.encode()).decode("ascii") @@ -32,6 +33,9 @@ def encode_key(self, token: str): def set_timeout(self, timeout: int): self.request_timeout = timeout + def set_allow_unverified(self, allow_unverified: bool): + self.allow_unverified = allow_unverified + def do_request( self, path: str, @@ -58,7 +62,8 @@ def format_headers(headers_dict): try: response = requests.request( - method.upper(), url, headers=headers, data=payload, files=files, timeout=self.request_timeout + method.upper(), url, headers=headers, data=payload, files=files, + timeout=self.request_timeout, verify=not self.allow_unverified ) request_duration = time.time() - start_time diff --git a/socketdev/version.py b/socketdev/version.py index 6e22e02..9289451 100644 --- a/socketdev/version.py +++ b/socketdev/version.py @@ -1 +1 @@ -__version__ = "3.0.17" +__version__ = "3.0.18" diff --git a/test_allow_unverified.py b/test_allow_unverified.py new file mode 100644 index 0000000..35731b4 --- /dev/null +++ b/test_allow_unverified.py @@ -0,0 +1,48 @@ +#!/usr/bin/env python3 +""" +Test script to demonstrate the new allow_unverified option in socketdev. + +This script shows how to initialize the Socket SDK with SSL verification +disabled, which can be useful for testing against local or self-signed +certificate environments. +""" + +from socketdev import socketdev + +def test_allow_unverified_option(): + """Test the allow_unverified option with different configurations.""" + + print("Testing Socket SDK with allow_unverified option...") + + # Test 1: Default behavior (SSL verification enabled) + print("\n1. Default initialization (allow_unverified=False):") + sdk_default = socketdev(token="test-token") + print(f" allow_unverified: {sdk_default.api.allow_unverified}") + print(f" This means SSL certificates WILL be verified") + + # Test 2: Explicitly set allow_unverified=False + print("\n2. Explicit allow_unverified=False:") + sdk_verified = socketdev(token="test-token", allow_unverified=False) + print(f" allow_unverified: {sdk_verified.api.allow_unverified}") + print(f" This means SSL certificates WILL be verified") + + # Test 3: Set allow_unverified=True + print("\n3. Setting allow_unverified=True:") + sdk_unverified = socketdev(token="test-token", allow_unverified=True) + print(f" allow_unverified: {sdk_unverified.api.allow_unverified}") + print(f" This means SSL certificates will NOT be verified") + + # Test 4: Show how this affects the requests library verify parameter + print("\n4. How this translates to requests.request() verify parameter:") + print(f" Default SDK: verify={not sdk_default.api.allow_unverified}") + print(f" Unverified SDK: verify={not sdk_unverified.api.allow_unverified}") + + print("\nUsage example:") + print(" # For production use (default):") + print(" sdk = socketdev(token='your-api-key')") + print("") + print(" # For testing with self-signed certificates:") + print(" sdk = socketdev(token='your-api-key', allow_unverified=True)") + +if __name__ == "__main__": + test_allow_unverified_option() \ No newline at end of file diff --git a/tests/unit/test_socket_sdk_unit.py b/tests/unit/test_socket_sdk_unit.py index f89767a..b64aaec 100644 --- a/tests/unit/test_socket_sdk_unit.py +++ b/tests/unit/test_socket_sdk_unit.py @@ -36,6 +36,20 @@ def test_sdk_initialization(self): for component in expected_components: self.assertTrue(hasattr(sdk, component), f"SDK missing component: {component}") + def test_sdk_initialization_with_allow_unverified(self): + """Test that the SDK initializes correctly with allow_unverified option.""" + # Test default behavior (allow_unverified=False) + sdk_default = socketdev(token="test-token") + self.assertFalse(sdk_default.api.allow_unverified) + + # Test with allow_unverified=True + sdk_unverified = socketdev(token="test-token", allow_unverified=True) + self.assertTrue(sdk_unverified.api.allow_unverified) + + # Test with explicit allow_unverified=False + sdk_verified = socketdev(token="test-token", allow_unverified=False) + self.assertFalse(sdk_verified.api.allow_unverified) + def test_fullscan_params_creation(self): """Test FullScanParams dataclass creation and conversion.""" params = FullScanParams( From 5a7cef8104a6f700f720b40a15343c73b8b997f8 Mon Sep 17 00:00:00 2001 From: Douglas Coburn Date: Fri, 14 Nov 2025 16:15:22 -0800 Subject: [PATCH 2/2] chore: Remove temporary test file that was accidentally committed --- socketdev/version.py | 2 +- test_allow_unverified.py | 48 ---------------------------------------- 2 files changed, 1 insertion(+), 49 deletions(-) delete mode 100644 test_allow_unverified.py diff --git a/socketdev/version.py b/socketdev/version.py index 9289451..870a457 100644 --- a/socketdev/version.py +++ b/socketdev/version.py @@ -1 +1 @@ -__version__ = "3.0.18" +__version__ = "3.0.19" diff --git a/test_allow_unverified.py b/test_allow_unverified.py deleted file mode 100644 index 35731b4..0000000 --- a/test_allow_unverified.py +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/env python3 -""" -Test script to demonstrate the new allow_unverified option in socketdev. - -This script shows how to initialize the Socket SDK with SSL verification -disabled, which can be useful for testing against local or self-signed -certificate environments. -""" - -from socketdev import socketdev - -def test_allow_unverified_option(): - """Test the allow_unverified option with different configurations.""" - - print("Testing Socket SDK with allow_unverified option...") - - # Test 1: Default behavior (SSL verification enabled) - print("\n1. Default initialization (allow_unverified=False):") - sdk_default = socketdev(token="test-token") - print(f" allow_unverified: {sdk_default.api.allow_unverified}") - print(f" This means SSL certificates WILL be verified") - - # Test 2: Explicitly set allow_unverified=False - print("\n2. Explicit allow_unverified=False:") - sdk_verified = socketdev(token="test-token", allow_unverified=False) - print(f" allow_unverified: {sdk_verified.api.allow_unverified}") - print(f" This means SSL certificates WILL be verified") - - # Test 3: Set allow_unverified=True - print("\n3. Setting allow_unverified=True:") - sdk_unverified = socketdev(token="test-token", allow_unverified=True) - print(f" allow_unverified: {sdk_unverified.api.allow_unverified}") - print(f" This means SSL certificates will NOT be verified") - - # Test 4: Show how this affects the requests library verify parameter - print("\n4. How this translates to requests.request() verify parameter:") - print(f" Default SDK: verify={not sdk_default.api.allow_unverified}") - print(f" Unverified SDK: verify={not sdk_unverified.api.allow_unverified}") - - print("\nUsage example:") - print(" # For production use (default):") - print(" sdk = socketdev(token='your-api-key')") - print("") - print(" # For testing with self-signed certificates:") - print(" sdk = socketdev(token='your-api-key', allow_unverified=True)") - -if __name__ == "__main__": - test_allow_unverified_option() \ No newline at end of file