Support passing mTLS certificate/key to HTTPClient

Change-Id: I00065293daf6b2e5d540e056c05f85b82f8bc72c
This commit is contained in:
sri harsha mekala 2021-03-05 11:47:09 -08:00
parent 4963c7ae14
commit 3140fe014a
2 changed files with 11 additions and 3 deletions

View File

@ -61,9 +61,9 @@ class HTTPClient(object):
token=None, region_name=None, timeout=None,
endpoint_url=None, insecure=False,
endpoint_type='publicURL',
auth_strategy='keystone', ca_cert=None, log_credentials=False,
service_type='network', global_request_id=None,
**kwargs):
auth_strategy='keystone', ca_cert=None, cert=None,
log_credentials=False, service_type='network',
global_request_id=None, **kwargs):
self.username = username
self.user_id = user_id
@ -82,6 +82,7 @@ class HTTPClient(object):
self.auth_strategy = auth_strategy
self.log_credentials = log_credentials
self.global_request_id = global_request_id
self.cert = cert
if insecure:
self.verify_cert = False
else:
@ -167,6 +168,7 @@ class HTTPClient(object):
data=body,
headers=headers,
verify=self.verify_cert,
cert=self.cert,
timeout=self.timeout,
**kwargs)
@ -399,6 +401,7 @@ def construct_http_client(username=None,
log_credentials=None,
auth_strategy='keystone',
ca_cert=None,
cert=None,
service_type='network',
session=None,
global_request_id=None,
@ -430,6 +433,7 @@ def construct_http_client(username=None,
endpoint_type=endpoint_type,
service_type=service_type,
ca_cert=ca_cert,
cert=cert,
log_credentials=log_credentials,
auth_strategy=auth_strategy,
global_request_id=global_request_id)

View File

@ -216,6 +216,10 @@ class ClientBase(object):
:param bool log_credentials: Allow for logging of passwords or not.
Defaults to False. (optional)
:param string ca_cert: SSL CA bundle file to use. (optional)
:param cert: A client certificate to pass to requests. These are of the
same form as requests expects. Either a single filename
containing both the certificate and key or a tuple containing
the path to the certificate then a path to the key. (optional)
:param integer retries: How many times idempotent (GET, PUT, DELETE)
requests to Neutron server should be retried if
they fail (default: 0).