Add context manager on urlopen in request verifier. closes #122 (#123)

alexa · Nov 18, 2019 · 8932fb0 · 8932fb0
1 parent 850cf99
commit 8932fb0
Showing 1 changed file with 12 additions and 6 deletions.
diff --git a/ask-sdk-webservice-support/ask_sdk_webservice_support/verifier.py b/ask-sdk-webservice-support/ask_sdk_webservice_support/verifier.py
@@ -19,6 +19,7 @@
 import os
 import base64
 import typing
+import six
 
 from dateutil import tz
 from datetime import datetime
@@ -32,6 +33,7 @@
 from cryptography.hazmat.primitives.asymmetric.padding import PKCS1v15
 from cryptography.hazmat.primitives.hashes import SHA1
 from cryptography.exceptions import InvalidSignature
+from contextlib import closing
 
 from .verifier_constants import (
     SIGNATURE_CERT_CHAIN_URL_HEADER, SIGNATURE_HEADER,
@@ -285,12 +287,16 @@ def _load_cert_chain(self, cert_url, x509_backend=default_backend()):
             if cert_url in self._cert_cache:
                 return self._cert_cache.get(cert_url)
             else:
-                with urlopen(cert_url) as cert_response:
-                    cert_data = cert_response.read()
-                    x509_certificate = load_pem_x509_certificate(
-                        cert_data, x509_backend)
-                    self._cert_cache[cert_url] = x509_certificate
-                    return x509_certificate
+                if six.PY2:
+                    with closing(urlopen(cert_url)) as cert_response:
+                        cert_data = cert_response.read()
+                else:
+                    with urlopen(cert_url) as cert_response:
+                        cert_data = cert_response.read()
+                x509_certificate = load_pem_x509_certificate(
+                    cert_data, x509_backend)
+                self._cert_cache[cert_url] = x509_certificate
+                return x509_certificate
         except ValueError as e:
             raise VerificationException(
                 "Unable to load certificate from URL", e)