Support 'verify' option #12
Conversation
oliverlockwood
force-pushed
the
support-verify
branch
from
f132c2d
to
71e2090
Compare
oliverlockwood
force-pushed
the
support-verify
branch
2 times, most recently
from
3b972b3
to
8e9c9de
Compare
|
Thanks for the contribution! I'll do the code review in-line |
httsleep/main.py
Outdated
| @@ -34,6 +34,9 @@ class HttSleeper(object): | |||
| function that takes the response as an argument returning True. | |||
| :param auth: a (username, password) tuple for HTTP authentication. | |||
| :param headers: a dict of HTTP headers. | |||
| :param verify: (optional) Either a boolean, in which case it controls whether we verify | |||
| the server's TLS certificate, or a string, in which case it must be a path | |||
| to a CA bundle to use. Defaults to ``True``. | |||
There was a problem hiding this comment.
It should default to True, but at the moment it defaults to None. Can you fix this please?
There was a problem hiding this comment.
TL;DR: I copied this description from the requests library, which we delegate to; they default to None on the API, but then in the depths of the code they set verify to the actual default of True if not already set.
I'm inclined to stick with this description - and code setting! as-is, but happy to discuss further if you like?
References:
- Description copied from: https://github.com/requests/requests/blob/master/requests/api.py#L39-L41 (or https://github.com/requests/requests/blob/master/requests/sessions.py#L474-L476, it's the same).
- API defaulting to
Nonein the API: https://github.com/requests/requests/blob/master/requests/sessions.py#L444. - Where they turn a
NoneintoTrue: https://github.com/requests/requests/blob/master/requests/sessions.py#L597 (with reference to https://github.com/requests/requests/blob/master/requests/sessions.py#L367-L368).
There was a problem hiding this comment.
I still feel it'd be more developer-friendly (especially for those using IDEs) if the kwarg matched the documentation. I don't see any downsides to setting the default value to True from the get-go.
There was a problem hiding this comment.
(Sorry, I added that comment weeks ago, but clicked the wrong button on github...)
There was a problem hiding this comment.
@kopf it's your library 😃 I've changed this as requested in the most recent commit.
tests/test_run.py
Outdated
| @@ -23,6 +23,17 @@ def test_run_success(): | |||
|
|
|||
|
|
|||
| @httpretty.activate | |||
| def test_run_success_with_verify(): | |||
| """Should return response when a success criteria has been reached""" | |||
There was a problem hiding this comment.
This test doesn't really do much - it would be better if it were """Should tell requests to skip SSL verification if verify==False""", testing whether session.send() was called with the verify kwarg set to False.
Checking the default behaviour would be great too.
There was a problem hiding this comment.
Agreed. I'll have a play with doing this tomorrow. Thought I wouldn't spend too much time on it in the first pass just in case the library was unmaintained (which sometimes happens in OSS; it's nice to have a response so quickly after raising the PR - thanks!)
There was a problem hiding this comment.
I've put something in for this. Feel free to point out ways to do it better; Python isn't my main language so I'm sure it could be nicer!
httsleep/main.py
Outdated
| @@ -34,6 +34,9 @@ class HttSleeper(object): | |||
| function that takes the response as an argument returning True. | |||
| :param auth: a (username, password) tuple for HTTP authentication. | |||
| :param headers: a dict of HTTP headers. | |||
| :param verify: (optional) Either a boolean, in which case it controls whether we verify | |||
There was a problem hiding this comment.
At the moment, the other kwargs (e.g. auth and headers and so on) aren't marked with "(optional)". It'd be best to stick to that style and I'll take care of them all at once.
(Unless you'd like to change them all :) I agree, marking it explicitly in the documentation is better.)
There was a problem hiding this comment.
How we handle this probably depends on the outcome of the other discussion thread, on the whole of this description being copied from the requests library. So I'll wait until you've had a chance to respond to that before I decide which way to go!
|
One last thing - it would be great if you could make an entry in the changelog for this. You can simply put it under the heading "Next Version" at the very top. Thanks again! |
oliverlockwood
force-pushed
the
support-verify
branch
from
841c275
to
0b3915f
Compare
tests/test_run.py
Outdated
| httsleep.run() | ||
| assert mock_session_send.called | ||
| args, kwargs = mock_session_send.call_args | ||
| assert kwargs.get('verify') is None |
There was a problem hiding this comment.
I'd prefer to keep as little within the mocked scope as possible. okResp and the asserts are a little unpythonic. Could you change these to:
def test_propagate_verify():
"""Should tell requests to skip SSL verification if verify==False"""
resp = Response()
resp.status_code = 200
httsleep = HttSleeper(URL, {'status_code': 200}, verify=False)
with mock.patch('requests.sessions.Session.send') as mock_session_send:
mock_session_send.return_value = resp
httsleep.run()
assert mock_session_send.called
args, kwargs = mock_session_send.call_args
assert 'verify' in kwargs
assert kwargs['verify'] == False
@httpretty.activate
def test_default_does_not_send_verify():
"""Should not send a value for 'verify' to requests by default"""
resp = Response()
resp.status_code = 200
httsleep = HttSleeper(URL, {'status_code': 200})
with mock.patch('requests.sessions.Session.send') as mock_session_send:
mock_session_send.return_value = resp
httsleep.run()
assert mock_session_send.called
args, kwargs = mock_session_send.call_args
assert 'verify' not in kwargs
Thanks!
There was a problem hiding this comment.
These changes made. Thank you for the Pythonic education!
To satisfy the second test, I had to change the implementation to avoid it sending verify=None.
oliverlockwood
force-pushed
the
support-verify
branch
from
d3a50da
to
0308a51
Compare
httsleep/main.py
Outdated
| auth=None, headers=None, | ||
| def httsleep(url_or_request, until=None, alarms=None, status_code=None, | ||
| json=None, jsonpath=None, text=None, callback=None, | ||
| auth=None, headers=None, verify=None, |
httsleep/main.py
Outdated
| @@ -84,6 +87,9 @@ def __init__(self, url_or_request, until=None, alarms=None, | |||
| 'jsonpath': jsonpath, 'text': text, 'callback': callback} | |||
| until.append({k: v for k, v in condition.items() if v}) | |||
|
|
|||
| self.kwargs = {} | |||
| if verify is not None: | |||
There was a problem hiding this comment.
This will now never happen.. I'd be fine with simply always passing verify to requests as a kwarg on L154 (no need for self.kwargs, which is a little ambiguous)
|
Sorry that this is dragging on! I'm sure that was the last round of comments.... |
|
@kopf no worries; I should have self-reviewed the last change better. Hopefully with the commits I've just added, this is there now...! |
|
Nice one! Thanks again for the contribution! |
|
My pleasure, thanks for guiding me through it. |
Closes #11.
I have tested this manually as well with a local install and it does what I was looking for.
@kopf What do you think?