Skip to content

Adds client certificate parameter to OAuth2Session #293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Adds client certificate parameter to OAuth2Session #293

wants to merge 2 commits into from
+76 −3

Conversation

amackera
Copy link

This allows users to specify a client certificate to pass to requests. This is useful for some OAuth providers that require client certificate authentication.

@amackera
Copy link
Author

Related issue: #292

@Lukasa
Copy link
Member

Lukasa commented Oct 18, 2017

Requests should do this automatically: did you actually try using the cert argument in this way?

@amackera
Copy link
Author

Hi @Lukasa yes, we tried using the cert argument, but it did not work. It's been a while since I looked at this issue though so my memory could be faulty!

Feel free to close this PR if y'all know for a fact that requests-oauthlib supports client certificates out of the box.

@ltamaster
Copy link

I had the same problem, I tried to use the certargument without luck.
Any advice on how to pass the certificate?

Thanks
Luis

@sserrata
Copy link

sserrata commented Feb 21, 2018
edited
Loading

I've confirmed that the cert parameter works as either a kwarg, e.g. oauth2session.fetch_token(cert='cert.pem') or as an OAuth2Session() attribute, e.g. oauth2session.cert = 'cert.pem', with the former overriding the latter (as expected).

@ltamaster
Copy link

I tried oauth2session.cert =tmp-cert-path and oauth2session.refresh_token(****, cert=tmp-cert-path) without luck, any ideas?
the certificate works ok on other calls (i am working with kubernetes sdk)

@ltamaster ltamaster mentioned this pull request Feb 23, 2018
Closed
@singingwolfboy
Copy link
Member

So, it sounds like @amackera and @ltamaster are unable to pass the cert parameter without this change, but @sserrata was able to use it even without this change. Is that correct? @sserrata, any idea why it works for you but not for them?

It seems cleaner to let Requests do the proxying automatically, so if we can avoid having to make this change, that seems preferable. But if it's not possible to do that proxying automatically, then I guess we do need this change.

@calcium
Copy link

calcium commented Jul 16, 2018

I just cloned the current trunk (master) and looking at the code for fetch_token
oauth2_session.py:219
if method.upper() == 'POST':
r = self.post(token_url, data=dict(urldecode(body)),
timeout=timeout, headers=headers, auth=auth,
verify=verify, proxies=proxies)

I dont see how this would work as is without the extra cert args.

Yes, I need to do this too :-)

@Anmol-Porwal18
Copy link

Hi, Is using oauth2session.cert the expected way to pass certificates ?

I need this functionality too (to be able to pass certificate in fetch_token - which will take care of passing it further). Are we expecting this to be merged soon ?

@amackera
Copy link
Author

Closing this (years old) PR due to lack of activity.

@amackera amackera closed this Aug 24, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@amackera @Lukasa @ltamaster @sserrata @singingwolfboy @calcium @Anmol-Porwal18 @jasonada