@@ -313,6 +313,11 @@ class ServerAPI(object):
313313 default_settings_variant (Optional[str]): Settings variant used by
314314 default if a method for settings won't get any (by default is
315315 'production').
316+ ssl_verify (Union[bool, str, None]): Verify SSL certificate
317+ Looks for env variable value 'AYON_CA_FILE' by default. If not
318+ available then 'True' is used.
319+ cert (Optional[str]): Path to certificate file. Looks for env
320+ variable value 'AYON_CERT_FILE' by default.
316321 """
317322
318323 def __init__ (
@@ -321,7 +326,9 @@ def __init__(
321326 token = None ,
322327 site_id = None ,
323328 client_version = None ,
324- default_settings_variant = None
329+ default_settings_variant = None ,
330+ ssl_verify = None ,
331+ cert = None ,
325332 ):
326333 if not base_url :
327334 raise ValueError ("Invalid server URL {}" .format (str (base_url )))
@@ -335,6 +342,19 @@ def __init__(
335342 self ._site_id = site_id
336343 self ._client_version = client_version
337344 self ._default_settings_variant = default_settings_variant
345+
346+ if ssl_verify is None :
347+ # Custom AYON env variable for CA file or 'True'
348+ # - that should cover most default behaviors in 'requests'
349+ # with 'certifi'
350+ ssl_verify = os .environ .get ("AYON_CA_FILE" ) or True
351+
352+ if cert is None :
353+ cert = os .environ .get ("AYON_CERT_FILE" )
354+
355+ self ._ssl_verify = ssl_verify
356+ self ._cert = cert
357+
338358 self ._access_token_is_service = None
339359 self ._token_is_valid = None
340360 self ._server_available = None
@@ -374,6 +394,54 @@ def get_rest_url(self):
374394 base_url = property (get_base_url )
375395 rest_url = property (get_rest_url )
376396
397+ def get_ssl_verify (self ):
398+ """Enable ssl verification.
399+
400+ Returns:
401+ bool: Current state of ssl verification.
402+ """
403+
404+ return self ._ssl_verify
405+
406+ def set_ssl_verify (self , ssl_verify ):
407+ """Change ssl verification state.
408+
409+ Args:
410+ ssl_verify (Union[bool, str, None]): Enabled/disable
411+ ssl verification, can be a path to file.
412+ """
413+
414+ if self ._ssl_verify == ssl_verify :
415+ return
416+ self ._ssl_verify = ssl_verify
417+ if self ._session is not None :
418+ self ._session .verify = ssl_verify
419+
420+ def get_cert (self ):
421+ """Current cert file used for connection to server.
422+
423+ Returns:
424+ Union[str, None]: Path to cert file.
425+ """
426+
427+ return self ._cert
428+
429+ def set_cert (self , cert ):
430+ """Change cert file used for connection to server.
431+
432+ Args:
433+ cert (Union[str, None]): Path to cert file.
434+ """
435+
436+ if cert == self ._cert :
437+ return
438+ self ._cert = cert
439+ if self ._session is not None :
440+ self ._session .cert = cert
441+
442+ ssl_verify = property (get_ssl_verify , set_ssl_verify )
443+ cert = property (get_cert , set_cert )
444+
377445 @property
378446 def access_token (self ):
379447 """Access token used for authorization to server.
@@ -545,7 +613,11 @@ def as_username(self, username):
545613 @property
546614 def is_server_available (self ):
547615 if self ._server_available is None :
548- response = requests .get (self ._base_url )
616+ response = requests .get (
617+ self ._base_url ,
618+ cert = self ._cert ,
619+ verify = self ._ssl_verify
620+ )
549621 self ._server_available = response .status_code == 200
550622 return self ._server_available
551623
@@ -596,6 +668,8 @@ def create_session(self):
596668 self .validate_token ()
597669
598670 session = requests .Session ()
671+ session .cert = self ._cert
672+ session .verify = self ._ssl_verify
599673 session .headers .update (self .get_headers ())
600674
601675 self ._session_functions_mapping = {
0 commit comments