How to use the certifi.old_where function in certifi
To help you get started, we’ve selected a few certifi examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
jim-easterbrook / Photini / src / photini / picasa.py View on Github 
# create new session
client_id = key_store.get('picasa', 'client_id')
client_secret = key_store.get('picasa', 'client_secret')
auto_refresh_kwargs = {
'client_id' : client_id,
'client_secret': client_secret,
}
if self.auto_refresh:
self.api = OAuth2Session(
client_id, token=token, token_updater=self._save_token,
auto_refresh_kwargs=auto_refresh_kwargs,
auto_refresh_url=self.token_url,
)
else:
self.api = OAuth2Session(client_id, token=token)
self.api.verify = certifi.old_where()
# refresh manually to get a valid token now
token = self.api.refresh_token(self.token_url, **auto_refresh_kwargs)
self.api.headers.update({'GData-Version': '2'})
# verify the token
resp = self._check_response(self.api.get(
'https://www.googleapis.com/oauth2/v3/tokeninfo',
params={'access_token': token['access_token']})).json()
if resp['scope'] != self.scope or resp['aud'] != client_id:
return False
return Truedef request_defaults(kwargs):
hooks = kwargs.pop(u'hooks', None)
cookies = kwargs.pop(u'cookies', None)
verify = certifi.old_where() if all([app.SSL_VERIFY, kwargs.pop(u'verify', True)]) else False
# Fixes
# https://github.com/pyca/pyopenssl/pull/209
# https://github.com/pymedusa/Medusa/issues/1422
if PY2 and isinstance(verify, text_type):
verify = filesystem.encode(verify)
# request session proxies
if app.PROXY_SETTING:
logger.debug(u"Using global proxy: " + app.PROXY_SETTING)
scheme, address = splittype(app.PROXY_SETTING)
address = app.PROXY_SETTING if scheme else 'http://' + app.PROXY_SETTING
proxies = {
"http": address,
"https": address,
}self.logger.debug("Deleting file at key {}".format(key))
try:
if self.auth:
headers = {"Authorization": "Firebase " +
self.auth.get_token()}
else:
headers = {}
escaped_key = key.replace('/', '%2f')
url = "{}/o/{}?alt=media".format(
self.app.storage().storage_bucket,
escaped_key)
response = self.app.requests.delete(
url, headers=headers, verify=certifi.old_where())
if response.status_code != 204:
raise ValueError("Response error with code {}, text {}"
.format(response.status_code, response.text))
self.logger.debug("Done")
except Exception as err:
self.logger.warning(
("Deleting file {} from storage " +
"raised an exception: {}") .format(key, err))# authentication...
# Need to rewrite
# storageobj.download(local_file_path, self.auth.get_token())
headers = {"Authorization": "Firebase " +
self.auth.get_token()}
else:
headers = {}
escaped_key = key.replace('/', '%2f')
url = "{}/o/{}".format(
self.app.storage().storage_bucket,
escaped_key)
response = self.app.requests.get(
url, headers=headers, verify=certifi.old_where())
if response.status_code != 200:
self.logger.debug("Response error with code {}"
.format(response.status_code))
return (None, None)
return (json.loads(response.content.decode()), url)
except Exception as err:
self.logger.warn(
("Getting metainfo of file {} " +
"raised an exception: {}") .format(key, err))
self.logger.exception(err)
return (None, None)# authentication...
# Need to rewrite
# storageobj.download(local_file_path, self.auth.get_token())
headers = {"Authorization": "Firebase " +
self.auth.get_token()}
escaped_key = key.replace('/', '%2f')
url = "{}/o/{}?alt=media".format(
self.app.storage().storage_bucket,
escaped_key)
response = self.app.requests.get(
url,
stream=True,
headers=headers,
verify=certifi.old_where())
if response.status_code == 200:
with open(local_file_path, 'wb') as f:
for chunk in response:
f.write(chunk)
else:
raise ValueError("Response error with code {}"
.format(response.status_code))
else:
storageobj.download(local_file_path)
self.logger.debug("Done")
except Exception as err:
self.logger.warn(
("Downloading file {} to local path {} from storage " +
"raised an exception: {}") .format(
key,
local_file_path,def get_https_context_factory():
if not hasattr(ssl, 'Purpose'):
return lambda *_, **__: None
if not hasattr(ssl, '_create_default_https_context') or \
hasattr(ssl, 'get_default_verify_paths') and \
ssl.get_default_verify_paths()[0] is None:
m = re.match(r'(Open|Libre)SSL (\d+)\.(\d+)\.(\d+)',
ssl.OPENSSL_VERSION)
openssl_version = int(m.group(2)), int(m.group(3)), int(m.group(4))
if openssl_version < (1, 0, 2) and hasattr(certifi, 'old_where'):
# https://github.com/certifi/python-certifi/issues/26
where = certifi.old_where
else:
where = certifi.where
def get_https_context(purpose=ssl.Purpose.SERVER_AUTH,
cafile=None, capath=None, cadata=None):
return ssl.create_default_context(
purpose=purpose,
cafile=cafile or where(),
capath=capath,
cadata=cadata
)
return get_https_context
if hasattr(ssl, '_create_default_https_context'):
return ssl._create_default_https_context
if hasattr(ssl, 'create_default_context'):
return ssl.create_default_contextraise OneDriveInteractionError(
'Failed to find requests cacert.pem bundle when running under PyInstaller.' )
self._requests_base_keywords = (self._requests_base_keywords or dict()).copy()
self._requests_base_keywords.setdefault('verify', cacert_pem)
log.debug( 'Adjusted "requests" default ca-bundle'
' path (to run under PyInstaller) to: %s', cacert_pem )
if requests_version >= (2, 4, 0):
# Workaround for https://github.com/certifi/python-certifi/issues/26
import ssl
if ssl.OPENSSL_VERSION_INFO < (1, 0, 2):
try: import certifi
except ImportError: pass
else:
certifi_issue_url = 'https://github.com/certifi/python-certifi/issues/26'
if hasattr(certifi, 'old_where'): cacert_pem = certifi.old_where()
else:
cacert_pem = join(dirname(requests.certs.__file__), 'cacert.pem')
if not exists(cacert_pem):
cacert_pem = None
log.warn( 'Failed to find requests'
' certificate bundle for woraround to %s', certifi_issue_url )
if cacert_pem:
self._requests_base_keywords = (self._requests_base_keywords or dict()).copy()
self._requests_base_keywords.setdefault('verify', cacert_pem)
log.debug( 'Adjusted "requests" default ca-bundle path, to work around %s '
' [OpenSSL version %s, requests %s (>2.4.0) and certifi available at %r], to: %s',
certifi_issue_url, ssl.OPENSSL_VERSION_INFO,
requests_version, certifi.__file__, cacert_pem )
self._requests_setup_done = True
return sessiondef verify_password_reset_code(self, reset_code, new_password):
request_ref = "https://www.googleapis.com/identitytoolkit" + \
"/v3/relyingparty/resetPassword?key={0}" \
.format(self.api_key)
headers = {"content-type": "application/json; charset=UTF-8"}
data = json.dumps({"oobCode": reset_code, "newPassword": new_password})
request_object = requests.post(
request_ref,
headers=headers,
data=data,
verify=certifi.old_where())
raise_detailed_error(request_object)
return request_object.json()certifi
Python package for providing Mozilla's CA Bundle.
