Merge pull request #13 from zalando/issues12-cert

#12 Use certifi bundle
spec-first · Jun 17, 2015 · 1b5b5d0 · 1b5b5d0
2 parents 200b741 + c6026d1
commit 1b5b5d0
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 4 deletions.
diff --git a/connexion/decorators/security.py b/connexion/decorators/security.py
@@ -13,6 +13,7 @@
 
 # Authentication and authorization related decorators
 
+import certifi
 import logging
 import functools
 import types
@@ -38,7 +39,7 @@ def wrapper(*args, **kwargs):
         else:
             _, token = authorization.split()
             logger.debug("... Getting token '%s' from %s", token, token_info_url)
-            token_request = requests.get(token_info_url, params={'access_token': token})
+            token_request = requests.get(token_info_url, params={'access_token': token}, verify=certifi.where())
             logger.debug("... Token info (%d): %s", token_request.status_code, token_request.text)
             if not token_request.ok:
                 raise abort(401)

diff --git a/setup.py b/setup.py
@@ -6,7 +6,7 @@
 from setuptools import setup, find_packages
 from setuptools.command.test import test as TestCommand
 
-version = '0.4.1'
+version = '0.4.2'
 
 
 class PyTest(TestCommand):
@@ -36,7 +36,7 @@ def run_tests(self):
     author='Zalando SE',
     url='https://github.com/zalando/connexion',
     license='Apache License Version 2.0',
-    install_requires=['flask', 'PyYAML', 'tornado', 'requests'],
+    install_requires=['flask', 'PyYAML', 'tornado', 'requests', 'certifi'],
     tests_require=['pytest-cov', 'pytest'],
     cmdclass={'test': PyTest},
     classifiers=[

diff --git a/tests/test_app.py b/tests/test_app.py
@@ -26,7 +26,7 @@ def json(self):
 
 @pytest.fixture
 def oauth_requests(monkeypatch: '_pytest.monkeypatch.monkeypatch'):
-    def fake_get(url:str, params:dict=None):
+    def fake_get(url:str, params:dict=None, verify=None):
         params = params or {}
         if url == "https://ouath.example/token_info":
             token = params['access_token']