Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

It is not possible to use the API ignoring the SSL certificate of the dataverse server #150

Open
sergejzr opened this issue Oct 11, 2022 · 1 comment
Open

It is not possible to use the API ignoring the SSL certificate of the dataverse server #150

sergejzr opened this issue Oct 11, 2022 · 1 comment
Labels
status:incoming Newly created issue to be forwarded

Comments

@sergejzr
Copy link

sergejzr commented Oct 11, 2022
edited
Loading

Issue

Dear pyDataverse community,
at the moment it is not possible to use the API when the server is running with the self-signed certificate. While I found a workaround as listed below, it would be useful to switch the check off with a parameter of the client.

The solution is adopted from https://stackoverflow.com/questions/15445981/how-do-i-disable-the-security-certificate-check-in-python-requests:

first we create an environment within that checks are disabled:

import warnings
import contextlib

import requests
from urllib3.exceptions import InsecureRequestWarning

old_merge_environment_settings = requests.Session.merge_environment_settings

@contextlib.contextmanager
def no_ssl_verification():
    opened_adapters = set()

    def merge_environment_settings(self, url, proxies, stream, verify, cert):
        # Verification happens only once per connection so we need to close
        # all the opened adapters once we're done. Otherwise, the effects of
        # verify=False persist beyond the end of this context manager.
        opened_adapters.add(self.get_adapter(url))

        settings = old_merge_environment_settings(self, url, proxies, stream, verify, cert)
        settings['verify'] = False

        return settings

    requests.Session.merge_environment_settings = merge_environment_settings

    try:
        with warnings.catch_warnings():
            warnings.simplefilter('ignore', InsecureRequestWarning)
            yield
    finally:
        requests.Session.merge_environment_settings = old_merge_environment_settings

        for adapter in opened_adapters:
            try:
                adapter.close()
            except:
                pass

Instantiate a client normally with:

from pyDataverse.api import NativeApi
api = NativeApi("https://fmydataverseserver.de", "9465673b-e56756-4ad7-5675672-4645d567567ee")

Now we can use it as follows:

with no_ssl_verification():
    resp = api.get_info_version()
    print(resp.json())
    print(resp.status_code)
@sergejzr sergejzr added the status:incoming Newly created issue to be forwarded label Oct 11, 2022
@skasberger
Copy link
Member

Update: I left AUSSDA, so my funding for pyDataverse development has stopped.

I want to get some basic funding to implement the most urgent updates (PRs, Bug fixes, maintenance work). If you can support this, please reach out to me. (www.stefankasberger.at). If you have feature requests, the same.

Another option would be, that someone else helps with the development and / or maintenance. For this, also get in touch with me (or comment here).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:incoming Newly created issue to be forwarded
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@skasberger @sergejzr