add option to disable ssl verification

ms1752 · ms1752 · commit bcae6b2f4e17 · 2018-01-12T10:21:00.000-07:00
diff --git a/clearblade/ClearBladeCore.py b/clearblade/ClearBladeCore.py
@@ -18,14 +18,17 @@ def __exitcode(self):
         while self.users:
             self.users.pop(0).logout()
 
-    def __init__(self, systemKey, systemSecret, url="https://platform.clearblade.com", safe=True):
+    def __init__(self, systemKey, systemSecret, url="https://platform.clearblade.com", safe=True, sslVerify=True):
         self.systemKey = systemKey
         self.systemSecret = systemSecret
         self.url = url
         self.users = []
         self.collections = []
         self.messagingClients = []
         self.devices = []
+        self.sslVerify = sslVerify
+        if not sslVerify:
+            cbLogs.warn("You have disabled SSL verification, this should only be done if your ClearBlade Platform instance is leveraging self signed SSL certificates.")
         if safe:
             atexit.register(self.__exitcode)
 
diff --git a/clearblade/Code.py b/clearblade/Code.py
@@ -7,10 +7,11 @@ class Service():
     def __init__(self, system, name):
         self.name = name
         self.url = system.url + "/api/v/1/code/" + system.systemKey + "/" + name
+        self.sslVerify = system.sslVerify
 
     def execute(self, authenticatedUser, params={}):
         cbLogs.info("Executing code service", self.name)
-        resp = restcall.post(self.url, headers=authenticatedUser.headers, data=params)
+        resp = restcall.post(self.url, headers=authenticatedUser.headers, data=params, sslVerify=self.sslVerify)
         return resp
 
 
diff --git a/clearblade/Collections.py b/clearblade/Collections.py
@@ -18,6 +18,7 @@ def __init__(self, system, authenticatedUser, collectionID="", collectionName=""
         self.nextPageURL = None
         self.prevPageURL = None
         self.items = []
+        self.sslVerify = system.sslVerify
 
     def getItems(self, query=None, pagesize=100, pagenum=1, url=""):
         url = self.url + url
@@ -29,7 +30,7 @@ def getItems(self, query=None, pagesize=100, pagenum=1, url=""):
             params["FILTERS"] = query.filters
             params["SORT"] = query.sorting
 
-        resp = restcall.get(url, headers=self.headers, params={"query": json.dumps(params)})
+        resp = restcall.get(url, headers=self.headers, params={"query": json.dumps(params)}, sslVerify=self.sslVerify)
 
         self.currentPage = resp["CURRENTPAGE"]
         self.nextPageURL = resp["NEXTPAGEURL"]
@@ -57,14 +58,14 @@ def getPrevPage(self):
             cbLogs.info("No previous page!")
 
     def createItem(self, data):
-        return restcall.post(self.url, headers=self.headers, data=data)
+        return restcall.post(self.url, headers=self.headers, data=data, sslVerify=self.sslVerify)
 
     def updateItems(self, query, data):
         payload = {
             "query": query.filters,
             "$set": data
         }
-        return restcall.put(self.url, headers=self.headers, data=payload)
+        return restcall.put(self.url, headers=self.headers, data=payload, sslVerify=self.sslVerify)
 
     def deleteItems(self, query):
-        return restcall.delete(self.url, headers=self.headers, params={"query": json.dumps(query.filters)})
+        return restcall.delete(self.url, headers=self.headers, params={"query": json.dumps(query.filters)}, sslVerify=self.sslVerify)
diff --git a/clearblade/Developers.py b/clearblade/Developers.py
@@ -30,7 +30,7 @@ def registerDev(fname, lname, org, email, password, url="https://platform.clearb
 
 
 class Developer:
-    def __init__(self, email, password, url="https://platform.clearblade.com"):
+    def __init__(self, email, password, url="https://platform.clearblade.com", sslVerify=True):
         self.credentials = {
             "email": email,
             "password": password
@@ -41,17 +41,20 @@ def __init__(self, email, password, url="https://platform.clearblade.com"):
         }
         self.url = url
         self.token = ""
+        self.sslVerify = sslVerify
+        if not sslVerify:
+            cbLogs.warn("You have disabled SSL verification, this should only be done if your ClearBlade Platform instance is leveraging self signed SSL certificates.")
         self.authenticate()
 
     def authenticate(self):
         cbLogs.info("Authenticating", self.credentials["email"], "as a developer...")
-        resp = restcall.post(self.url + "/admin/auth", headers=self.headers, data=self.credentials)
+        resp = restcall.post(self.url + "/admin/auth", headers=self.headers, data=self.credentials, sslVerify=self.sslVerify)
         self.token = str(resp["dev_token"])
         self.headers["ClearBlade-DevToken"] = self.token
         cbLogs.info("Successfully authenticated!")
 
     def logout(self):
-        restcall.post(self.url + "/admin/logout", headers=self.headers)
+        restcall.post(self.url + "/admin/logout", headers=self.headers, sslVerify=self.sslVerify)
         if self in self.system.users:
             self.system.users.remove(self)
         cbLogs.info(self.credentials["email"], "(developer) has been logged out.")
diff --git a/clearblade/Devices.py b/clearblade/Devices.py
@@ -13,13 +13,13 @@ def getDevices(system, authenticatedUser, query=None):
     else:
         params = ""
     url = system.url + "/api/v/2/devices/" + system.systemKey
-    resp = restcall.get(url, headers=authenticatedUser.headers, params=params)
+    resp = restcall.get(url, headers=authenticatedUser.headers, params=params, sslVerify=system.sslVerify)
     return resp
 
 
 def getDevice(system, authenticatedUser, name):
     url = system.url + "/api/v/2/devices/" + system.systemKey + "/" + name
-    resp = restcall.get(url, headers=authenticatedUser.headers)
+    resp = restcall.get(url, headers=authenticatedUser.headers, sslVerify=system.sslVerify)
     return resp
 
 
@@ -46,7 +46,7 @@ def authorize(self, key):
             "deviceName": self.name,
             "activeKey": key
         }
-        resp = restcall.post(self.url + "/auth", headers=self.headers, data=credentials)
+        resp = restcall.post(self.url + "/auth", headers=self.headers, data=credentials, sslVerify=self.system.sslVerify)
         self.token = str(resp["deviceToken"])
         self.headers["ClearBlade-DeviceToken"] = self.token
         cbLogs.info("Successfully authenticated!")
@@ -57,7 +57,7 @@ def update(self, info):
             json.loads(payload)
         except TypeError:
             payload = json.dumps(payload)
-        restcall.put(self.url + "/" + self.name, headers=self.headers, data=payload)
+        restcall.put(self.url + "/" + self.name, headers=self.headers, data=payload, sslVerify=self.system.sslVerify)
         cbLogs.info("Successfully updated", self.name)
 
 
@@ -79,7 +79,7 @@ def DEVnewDevice(developer, system, name, enabled=True, type="", state="", activ
         "state": state,
         "type": type
     }
-    resp = restcall.post(url, headers=developer.headers, data=data)
+    resp = restcall.post(url, headers=developer.headers, data=data, sslVerify=system.sslVerify)
     cbLogs.info("Successfully created", name, "as a device.")
     return resp
 
@@ -93,25 +93,25 @@ def DEVgetDevices(developer, system, query=None):
     else:
         params = ""
     url = system.url + "/api/v/2/devices/" + system.systemKey
-    resp = restcall.get(url, headers=developer.headers, params=params)
+    resp = restcall.get(url, headers=developer.headers, params=params, sslVerify=system.sslVerify)
     return resp
 
 
 def DEVgetDevice(developer, system, name):
     url = system.url + "/api/v/2/devices/" + system.systemKey + "/" + name
-    resp = restcall.get(url, headers=developer.headers)
+    resp = restcall.get(url, headers=developer.headers, sslVerify=system.sslVerify)
     return resp
 
 
 def DEVupdateDevice(developer, system, name, updates):
     url = system.url + "/api/v/2/devices/" + system.systemKey + "/" + name
-    resp = restcall.put(url, headers=developer.headers, data=updates)
+    resp = restcall.put(url, headers=developer.headers, data=updates, sslVerify=system.sslVerify)
     cbLogs.info("Successfully updated device:", name + ".")
     return resp
 
 
 def DEVdeleteDevice(developer, system, name):
     url = system.url + "/api/v/2/devices/" + system.systemKey + "/" + name
-    resp = restcall.delete(url, headers=developer.headers)
+    resp = restcall.delete(url, headers=developer.headers, sslVerify=system.sslVerify)
     cbLogs.info("Successfully deleted device:", name + ".")
     return resp
diff --git a/clearblade/Users.py b/clearblade/Users.py
@@ -9,7 +9,7 @@ def registerUser(system, authenticatedUser, email, password):
         "password": password
     }
     cbLogs.info("Registering", email + "...")
-    resp = restcall.post(authenticatedUser.url + "/reg", headers=authenticatedUser.headers, data=newUserCredentials, silent=True)
+    resp = restcall.post(authenticatedUser.url + "/reg", headers=authenticatedUser.headers, data=newUserCredentials, silent=True, sslVerify=system.sslVerify)
     try:
         newUser = User(system, email, password)
         newUser.token = str(resp["user_token"])
@@ -37,18 +37,18 @@ def authenticate(self):
         self.headers.pop("ClearBlade-UserToken", None)
         try:
             cbLogs.info("Authenticating", self.credentials["email"], "as a user...")
-            resp = restcall.post(self.url + "/auth", headers=self.headers, data=self.credentials)
+            resp = restcall.post(self.url + "/auth", headers=self.headers, data=self.credentials, sslVerify=self.system.sslVerify)
         except AttributeError:
             cbLogs.info("Authenticating as anonymous...")
-            resp = restcall.post(self.url + "/anon", headers=self.headers)
+            resp = restcall.post(self.url + "/anon", headers=self.headers, sslVerify=self.system.sslVerify)
         self.token = str(resp["user_token"])
         self.headers["ClearBlade-UserToken"] = self.token
         if self not in self.system.users:
             self.system.users.append(self)
         cbLogs.info("Successfully authenticated!")
 
     def logout(self):
-        restcall.post(self.url + "/logout", headers=self.headers)
+        restcall.post(self.url + "/logout", headers=self.headers, sslVerify=self.system.sslVerify)
         if self in self.system.users:
             self.system.users.remove(self)
         try:
@@ -57,7 +57,7 @@ def logout(self):
             cbLogs.info("Anonymous user has been logged out.")
 
     def checkAuth(self):
-        resp = restcall.post(self.url + "/checkauth", headers=self.headers, silent=True)
+        resp = restcall.post(self.url + "/checkauth", headers=self.headers, silent=True, sslVerify=self.system.sslVerify)
         try:
             return resp["is_authenticated"]
         except TypeError:
diff --git a/clearblade/cbLogs.py b/clearblade/cbLogs.py
@@ -23,6 +23,9 @@ def error(*args):
     # Errors should always be shown
     print(prettyText.bold + prettyText.red + "CB Error:" + prettyText.endColor, " ".join(args))
 
+def warn(*args):
+    # Warnings should always be shown
+    print(prettyText.bold + prettyText.yellow + "CB Warning: " + prettyText.endColor, " ".join(args))
 
 def info(*args):
     if DEBUG:  # extra info should not always be shown
diff --git a/clearblade/restcall.py b/clearblade/restcall.py
@@ -24,10 +24,10 @@ def panicmessage(resp, reqtype, url, headers, params="", data=""):
     print("")
 
 
-def get(url, headers={}, params={}, silent=False):
+def get(url, headers={}, params={}, silent=False, sslVerify=True):
     # try our request
     try:
-        resp = requests.get(url, headers=headers, params=params)
+        resp = requests.get(url, headers=headers, params=params, verify=sslVerify)
     except ConnectionError:
         cbLogs.error("Connection error. Check that", url, "is up and accepting requests.")
         exit(-1)
@@ -46,7 +46,7 @@ def get(url, headers={}, params={}, silent=False):
     return resp
 
 
-def post(url, headers={}, data={}, silent=False):
+def post(url, headers={}, data={}, silent=False, sslVerify=True):
     # make sure our data is valid json
     try:
         json.loads(data)
@@ -55,7 +55,7 @@ def post(url, headers={}, data={}, silent=False):
 
     # try our request
     try:
-        resp = requests.post(url, headers=headers, data=data)
+        resp = requests.post(url, headers=headers, data=data, verify=sslVerify)
     except ConnectionError:
         cbLogs.error("Connection error. Check that", url, "is up and accepting requests.")
         exit(-1)
@@ -74,7 +74,7 @@ def post(url, headers={}, data={}, silent=False):
     return resp
 
 
-def put(url, headers={}, data={}, silent=False):
+def put(url, headers={}, data={}, silent=False, sslVerify=True):
     # make sure our data is valid json
     try:
         json.loads(data)
@@ -83,7 +83,7 @@ def put(url, headers={}, data={}, silent=False):
 
     # try our request
     try:
-        resp = requests.put(url, headers=headers, data=data)
+        resp = requests.put(url, headers=headers, data=data, verify=sslVerify)
     except ConnectionError:
         cbLogs.error("Connection error. Check that", url, "is up and accepting requests.")
         exit(-1)
@@ -102,10 +102,10 @@ def put(url, headers={}, data={}, silent=False):
     return resp
 
 
-def delete(url, headers={}, params={}, silent=False):
+def delete(url, headers={}, params={}, silent=False, sslVerify=True):
     # try our request
     try:
-        resp = requests.delete(url, headers=headers, params=params)
+        resp = requests.delete(url, headers=headers, params=params, verify=sslVerify)
     except ConnectionError:
         cbLogs.error("Connection error. Check that", url, "is up and accepting requests.")
         exit(-1)
